Should you phish-test your remote workforce?

Introduction: New wave of phishing

When the novel coronavirus pandemic began, it caused more than a medical emergency and lockdowns. Like many events before, it also caused an increase in phishing. Attacks have been aimed at VPNs and remote workers to take advantage of weaker security in such a new situation for many employees and employers.

“Chinese, Russian, and North Korean cyber-espionage groups have all adopted pandemic-themed lures for phishing attacks and targeted efforts,” writes Dark Reading. 

AWS Builder Community Hub

“The biggest change is not the type of attacks but the situation where you have the majority of the workforce working from home,” adds Etay Maor, chief security officer for IntSights. “Workers are making some basic security hygiene mistakes, and the threat actors have been made aware of this — these issues are constantly being discussed, and the criminals are very agile to adapting to new situations.”

In fact, a survey conducted by CNBC on senior technology executives found that over one-third of them reported a growth in malicious attempts, as the majority of their employees started working from home. In a matter of days, there had been an increase in phishing campaigns “to target people and steal personal information from them by posing as trustworthy figures.”

Coronavirus-themed phishing is targeting remote workers

Phishing related to the subject COVID-19 will continue to be a problem over the coming weeks and months. A joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) warns against APT groups using COVID-themed phishing messages with new and evolving baits. “Malware distribution, using coronavirus- or COVID-19- themed lures; registration of new domain names containing wording related to coronavirus or COVID-19; and attacks against newly—and often rapidly—deployed remote access and (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: