sb-au logo
Story image

Cyber criminals continue to capitalise on COVID-19

Retarus, the threat intelligence unit of a Munich-based cloud services provider, has released an anti-phishing guide to empower businesses during this time of increased targeted cyberattacks.

According to Retarus, COVID-19 has resulted in businesses having to change familiar working procedures, primarily implementing staggered work hours and enabling employees to work from home, and this has afforded cyber criminals greater opportunities to find vulnerabilities.

In fact, the company states its teams have noticed a ‘massive’ increase in targeted cyber attacks. The company states many companies generally have email security services in place and are well protected against cyberattacks.

However, temporary workplaces and home offices set up during the time of COVID-19 related lockdowns, often don't have the same level of protection as the office.

Furthermore, the internet connection at home is not secured to the same extent as an enterprise network. This and poorly safeguarded home computers has resulted in attackers finding their way into company networks.

Specific examples of cyber criminal activity and scamming emails include, ‘official’ information about the virus pandemic, offers of high-demand products such as respiratory masks and COVID-19 test kits, or the need to install tools for the home office.

Through these hooks, cyber criminals are trying to gain access to home office computers, and thus breach a company’s networks.

Furthermore, staff working from home don't have the option of asking colleagues across the office whether the contents of an email could be trustworthy. This is being exploited by criminals committing CEO fraud or business email compromise (BEC) scams.

These incidents involve scammers hacking and spoofing email accounts, potentially to trick recipients into sending transfers to their respective bank accounts, or to request confidential information they can use to their own advantage.

By impersonating their supervisors and requesting a high degree of urgency and secrecy, specific employees are targeted to disclose confidential information or arrange the remittance of company funds.

As a result, a crucial measure in mitigating risks and breaches is employee education, and ensuring that people know what to look for and what to do when a perceived threat occurs.

Retarus Asia managing director Dylan Castagne says, "With 91% of all email-related security breaches emanating from poor cyber hygiene, never has it been more pressing to adopt good practices and invest in solutions that will better support remote working environments in the face of crisis.

“Beyond investing on email security tools, however, it is likewise paramount that businesses focus on keeping employees informed so they can be more vigilant in recognising phishing emails from valid email requests, as they shift towards implementing work-from-home schemes."

In addition, businesses need to ensure maximum control over incoming email with preventative protection, early detection of threats not yet identified, accelerated response processes, monitoring and analyses.

These components, when combined, give a business an effective defence system that will increase over the long term, according to the company.

The Retarus Anti-Phishing Guide includes information about scams such as fraudulent emails and how to approach such attacks.

Download image
74% of APAC IT leaders say security culture is essential to business success
You can join these leaders in designing security awareness and training with your employees in mind.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More
Link image
Why video-streaming companies should consider a multi-CDN strategy
Video streaming continues to grow each year, and in order to ensure quality of experience, new strategies must be leveraged.More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More