During the COVID 19 pandemic a lot of the workforce has moved to remote working. As this has been a big change for many businesses and individuals, day to day business has needed to adapt to the new norms. With more people working from home, and more information is being used over the internet, this has increased the risk of being hacked. Hackers are now targeting remote workers as key targets, as majority of this group of workers were unprepared to work remotely.
According to Check Point Research, they found that Microsoft is the most imitated brand for phishing attempts in the third quarter of 2020. Cyber criminals are capitalizing on the large amount of workers working from home during the pandemic. They are asking workers to reset their Microsoft Office credentials and lead people to a fake imitation Microsoft website.
Other brands that are commonly being used for phishing attacks are;
Another security issue for remote workers is the privacy settings of Zoom. Many organisations, universities and schools used the video platform during the peak of the pandemic to run classes, meetings and communicate with each other.
Earlier this year it was found that Zoom didn’t use end-to-end encryption, and thousands of email addresses had been leaked. On top of this, it was also found the Windows version of Zoom, was more vulnerable to attackers to send malicious links to users chats and gain access to their email passwords.
Zoom has recently announced that all users (free and paid versions of Zoom) will get access to end-to-end encryption.
End-to-end encryption (also known as E2EE), is a secure way of data protection. Data can only be read by the sender and the receiver, meaning no one else can encrypt the data such as the government or even Zoom!
The new E2EE feature will need to be manually enabled by desktop and mobile users. A green shield padlock will appear when E2EE is enabled. Participants in the zoom call will be able to see the host’s security code, which is eight 5-digit groups of security numbers for verification.
The only downfall to this extra security is that some meeting features will be disabled when E2EE is enabled. Features that are disabled are listed below;
- Join before host
- Cloud recording
- Live transcription
- Breakout rooms
- One-on-one private chats
- Meeting reaction
Zoom will also require additional information from users if they want to enable E2EE, such as verifying their identity through a phone text or email.
As the world is still adjusting to this new working environment, we need to increase cyber security as hackers are taking advantage of this vulnerability in society. Here are my top tips for staying cyber safe whilst working remotely;
- Always double check the email address of the sender. Hackers are getting smarter and smarter and can impersonate almost anyone’s name in the email header. Usually the email address is jumbled letters, which can provide you with a warning that the email is probably fake!
- Use multi-factor authentication. This double check’s your identity by making you enter a code sent to your phone or email, to help prevent any hackers logging into your account.
- Never give someone remote access to your computer.
- Finally, back up your data offline.
At IP Partners we are here to help! We provide network services to help you communicate and keep in touch with your team remotely. If you need help setting up remote services for your team, get in touch with us and let our friendly staff assist you.
Check Point Software Technologies LTD 2020, Microsoft is Most Imitated Brand for Phishing Attempts in Q3 2020, Check Point Software Technologies LTD, viewed 27 October 2020,< https://www.checkpoint.com/press/2020/microsoft-is-most-imitated-brand-for-phishing-attempts-in-q3-2020/>.
Saarinen J, 2020. Zoom to preview free end-to-end encryption for meetings, IT News, viewed 27 October 2020,< https://www.itnews.com.au/news/zoom-to-preview-free-end-to-end-encryption-for-meetings-554700>.
Wood C, 2020. Zoom’s security and privacy problems are snowballing, Business Insider Australia, viewed 27 October 2020,< https://www.businessinsider.com.au/zoom-facing-multiple-reported-security-issues-amid-coronavirus-crisis-2020-4?r=US&IR=T>.