We’ve seen a major shift in the Australian workforce due to the COVID-19 pandemic with a large percentage of Australians transitioning to remote work, many for the first time. That said, working remotely full-time is different than working from home once or twice a week. And cybercriminals are actively trying to take advantage of the new remote reality and associated risk.
A majority of the attacks we’ve observed are targeting individuals—not systems—and are delivered through the email channel as it provides a direct line to potential victims. Many of the COVID-19 lures are also being used by the same crimeware and sophisticated financial threat actors that we regularly encounter, such as TA505. The difference is threat actors are leveraging social engineering at scale under one global theme: the COVID-19 pandemic. These targeted, well-crafted threats often feature stolen branding to try and trick individuals into believing they are coming from a legitimate source that should be trusted.
For example, we’ve seen cybercriminals impersonate the World Health Organisation, the Australian Medical Association, and even a major Australian newspaper. Just last week the Proofpoint Threat Insight team observed an increase in video conferencing-related lures designed to trick unsuspecting remote workers and steal credentials. The Australian Cyber Security Centre (ACSC) also recently issued an alert detailing an increase in Australians being targeted with COVID-19 related scams and phishing emails, stating “in the last three months, the ACSC and the Australian Competition and the Consumer Commission’s (ACCC) Scamwatch have received over 140 reports from individuals and businesses across Australia.”
It is essential that employees observe extra vigilance, especially regarding the links they click on and the funds they wire, because remote working often means they aren’t protected by the same safeguards a corporate office typically has in place. It’s extremely important that individuals approach their inbox with the same level of caution that they use in their non-digital, real life.
Top Tips for Safe Remote Working
When working remotely, there are a few actions that people can immediately take to better protect themselves from cybersecurity threats. At the onset of the work from home period, we recommend that individuals reach out to their IT department to discuss their company’s remote work policy and ask any questions they may have about best practices.
Additionally, the below infographic shares some top tips for safe remote working.
This new population of remote workers is also faced with something they aren’t used to: many are at home with their family. We recommend that employees keep family members away from their remote office computer, not because they are malicious, but because they haven’t been properly trained by a security awareness department on critical security controls and best practices.
For more information on COVID-19 attacks, you can access our latest webinar: Phishing During Pandemic: Actors, Campaigns & Threats Leveraging COVID-19 Lures.