A recent article in the Guardian has highlighted that criminals are seeking rich pickings as viewers stuck at home flock to TV streaming sites. Scammers are re-creating top TV streaming sites with fake details to hack personal data.
The spoof sites are collecting personal credit card details for financial gains. Both consumers and businesses are the targets for hackers looking for vulnerabilities in security and phishing scams.
Are home workers at a higher risk?
Safe behind the company network, employees are protected and often unaware of any attempts scammers make on a daily basis to infiltrate company data. The speed at which lockdown happened has meant some businesses have been left exposed by scenarios like:
- An infected personal computer from a remote employee accesses a company network. The company network is now infected with whatever came from the personal computer
- Home routers are left un-updated, unpatched and with default credentials; therefore ripe for exploitation
- A lack of Multi-Factor Authentication puts networks at risk. While rare, it is possible to harvest credentials online, leaving an MFA-less network vulnerable to a threat actor with the correct passwords
- Home Wi-Fi often doesn’t have the same defenses – think firewalls and anomaly detection monitoring – of corporate environments
Protecting all your devices
Covid-19 hacks aren’t just being used by criminals for financial gain. They’re also showing up in more insidious operations.
Mobile security firm Lookout published findings that a malicious Android application has been posing as a Covid-19 tracking map from Johns Hopkins University, but actually contains spyware connected to a surveillance operation against mobile users overseas.
At Turnkey, we only recommend tried and tested products to ensure your data is safe. That’s why we recommend ESET to provide the best possible security during COVID. If you need advice on the following, get in touch.
- Mobile Security Apps
- Setting up secure VPN Access
- Require multi-factor authentication (MFA)
- Invest in full-featured endpoint security for home workers
- Require encryption if employees will work on sensitive files