New Remote Worker Shift Requires a Robust Phishing Protection Toolbox

With the COVID-19 pandemic spreading throughout the United States, it’s likely that most US workers will find themselves working from home at some point. And while technology today such as web conferencing, robust mobile and tablet devices, laptop and desktops with access to corporate networks can help facilitate this new paradigm it creates challenges for security teams and opportunities for threat actors.

A recent CIO Magazine article – When it Comes to Cybersecurity, We Need to Adapt for Now and the Future – addressed the current need for a robust incident response plan and the challenges SOCs face. One insight they addressed certainly hit home with us at SlashNext:

Because employees are working at home, the way they work collaboratively changes. No more in person meetings or stopping by someone’s desk to alert them of an incoming document sent via email. Instead, email volumes are on the rise, as are more attachments. Expect more communications from C-level staff with regular updates involving quarantines and ever-evolving mandates from government leaders. This opens the door for spear phishing campaigns and the sharing of malicious [weaponized] documents.

With remote workers on edge due to the economic uncertainty as well as the virus, the rush to please C-level executives could cloud judgement and lead employees to click on phishing links or download compromised documents with greater haste. In fact, the CNBC Technology Executive Council reports that phishing scams are up 40 percent (or more) in light of the pandemic. Scareware tactics have always preyed on human vulnerabilities and this situation appears no different.

Much of the advice provided in the CIO article centers around traditional cybersecurity tactics such as VPN usage, using 2FA whenever possible, encryption for sensitive data, and certainly continued employee security training. While these security protocols all need to be part of the mix, it’s important to understand their shortfalls.

Two-factor authentication (2FA or sometimes referred to as MFA) has repeatedly been bypassed by phishing attacks as cited in a Private Industry Notification (PIN) delivered by the FBI. Malicious browser extensions, technical support scams, and Scareware (think COVID-19) are employing fake login pages and popups to trick users into authenticating bad actor access to sensitive data.

Employee training is also an important part of any cybersecurity protocol, but the human element is, and always will be, the weakest link in the network security chain. Many phishing attacks today leverage legitimate infrastructures, or emulate establish branded websites, so that even the best trained employees repeatedly fall victim to bad actors.

To protect remote workers today from all of the sophisticated attacks requires a phishing protection toolbox that covers a number of attack vectors:

  1. Mobile Phishing Protection – Helps protect iOS and Android users against a wide-range of mobile-centric phishing threats, including email, SMiShing (SMS and text attacks), social media, rogue apps, ads and popups.
  2. Browser Phishing Protection – Helps shield employees from live phishing sites through a cloud-powered browser extension that is available for all major desktop browsers. Protects against multiple attack vectors including email, ads and popups, social media, messaging apps, rogue software, and more.
  3. URL Analysis and Enrichment – Fully automated and accurate run-time analysis of suspicious URLs for phishing incident response and threat hunting that dramatically reduces the time and effort SOC and IR teams spend researching and investigating questionable URLs.

With growing enterprise mobility requirements plus higher numbers of remote workers, properly securing mobile and remote users is causing IT security teams to rethink their endpoint security strategies. To find out how you can protect your remote workforce from the growing number of sophisticated phishing and social engineering threats, contact us and request a demo today.

*** This is a Security Bloggers Network syndicated blog from SlashNext authored by Lisa O'Reilly. Read the original post at: