As the world continues to deal with the COVID – 19 pandemic, many of us are finding ourselves working from home and maybe even going a little stir-crazy. Everyone has worked hard, even before most of the shelter-in-place orders, to ensure a large percentage of our workforce could work from home. While many of us have been blessed with the ability to realize a solution to keep going, we must also remain aware that cybercriminals are now going after remote employees through enhanced phishing techniques. A large percentage of these phishing attempts can be blocked at a corporate firewall, but some will ultimately make it through to the end user.
The remote workforce must understand what to look for and not fall victim to these malicious actors!
Cybercriminals are sending emails with screenshots to sites that look legitimate or embedding links to such sites. Some of the correspondence is attempting to make the site look genuine by acquiring a security certificate. However, anyone can acquire a certificate. Several of us have been told that if a website address starts off with https://, the s at the end of the http signifies the site is secure. This, however, does not mean the site is not malicious in nature. A site with an https:// does not provide any guarantees that the site is actually legitimate! Some of these websites even have a “This site is secure” statement. Specifically, it says, “The https:// ensures that you are connecting to the official website….”
Here’s the deal: The https:// part of an address (also called “Secure Sockets Layer” or SSL) merely indicates the data being transmitted between your browser and the site is encrypted and cannot be read by a third party.
However, the presence of “https://” or a padlock in the browser address bar does not mean the site is legitimate, nor is it proof the site has been secured against intrusion from hackers.
In other words, while readers should never transmit sensitive information to a site that does not use https://, the presence of this security feature tells you nothing about the trustworthiness of the website in question.
Here’s a sobering statistic: According to PhishLabs, by the end of 2019, roughly three-quarters (74 percent) of all phishing sites were using SSL certificates. PhishLabs found this percentage increased from 68% in Q3 and 54% in Q2 of 2019.
As stated before, anyone can acquire a security certificate and use https://. Always make sure a site is legitimate prior to accessing. Cybercriminals are becoming more sophisticated each day in their attempts to trick individuals into taking some type of bait such as clicking on a link, inputting private information into a request form, or entering a malicious site made to appear completely secure and legitimate. DO NOT FALL FOR THESE ATTEMPTS!
Tips to Remember to Avoid Phishing Attacks
- Be cautious when opening emails
- Do not click on suspicious links or attachments, especially if the email was unexpected. If there is a link for a URL that looks legitimate, DO NOT CLICK THE LINK. Go to your browser and enter the URL to the actual browser bar
- Messages that appear urgent and state that you have a limited time to respond is a tell-tale sign of a phishing attempt
- If you receive a message that looks like it’s from someone you know, but appears suspicious or is asking for sensitive data, call the person or meet with them face-to-face (Facetime, MS Teams, etc.) to confirm the legitimacy of the communication
- Check for Spelling and Grammar errors
- NEVER enter credentials or other details into a form received via email or text. Cybercriminals are good at making their phishing attempts appear to come from legitimate sources such as Microsoft, Facebook, Credit Card Companies, Banks, IRS, etc. They are dependent on individuals falling for these malicious emails. Just clicking on a link or going to a site is enough to infect your system and compromise the security of your information. DO NOT FALL PREY TO THESE CRIMINALS!
- If you receive an email with an offer that seems too good to be true, it probably is
- Make sure your account has been set up with multi-factor authentication (MFA). If you are unsure if MFA has been activated on your account, contact your company’s security team or IT department
- Report suspicious emails to the security and/or IT department of your organization
As always, thanks for reading and stay safe and secure!