Many organizations have switched to a work from home/telework model to prevent the spread of the Coronavirus (COVID-19). While this helps to decrease the spread of this illness, it is imperative that end users remain more vigilant in their practices of security awareness.
The Department of Homeland Security has issued a warning that phishing attempts may skyrocket in an attempt to exploit the curiosity and panic surrounding the pandemic. An emphasis was placed on an increase in phishing emails in an attempt to gather usernames and passwords.
While working from home poses its challenges, many organizations are quickly adopting a model to help facilitate this model in a timely manner. This has given malicious actors an opportunity to exploit the chaos and attempt to catch you off guard by sending similar correspondence.
Types of phishing attempts/scams to look out for include:
- Vendor offers for free software.
- Free webinars.
- Tech support requests.
- Non vetted alternatives for video conferencing software or ease of access.
Keep yourself and devices/data safe by doing the following:
- Use your work VPN from your home machine when possible.
- Keep your devices software and antivirus up to date.
- Do not share conference call numbers with unintended recipients. Always confirm the attendees to ensure the agenda during your call is not compromised.
- Ensure that any IT related issues are reported to your IT department and not an outside vendor or unknown entity.