Cybercriminals exploit opportunity to target remote workforces
New research reveals a concentrated drive to target workers now operating remotely as a result of the COVID-19 outbreak.
Phishing detection specialist RedMarlin used artificial intelligence tools and submissions to its CheckPhish.ai site to detect thousands of attacks by cybercriminals with the intent of penetrating networks and stealing corporate data.
These attacks use phishing web pages to intercept credentials and logins from new remote workers that may be unfamiliar with secure logins for remote working and collaboration tools, such as Microsoft Teams and Skype.
From January to February this year CheckPhish noted a 17 percent increase in credential stealing sites attempting to replicate Office.com and Outlook.com. From February to March, these spiked an additional 46 percent with criminals doubling down on the tactic as more workers moved to telecommuting. Skype has been the target of a notable increase in counterfeiting, jumping almost a third (31 percent) from February to March.
Although Microsoft products have been the main targets researchers are also tracking a growing number of scam sites targeting Zoom and other collaboration tools.
When it comes to protecting their remote workers Shashi Prakash, chief scientist of RedMarlin says, "Browser warnings are obviously the first thing I would look for, anything related to the site, software authentication, obviously is a second big thing. It's easy these days to enable two-factor authentication for logging into company networking. People should also be using VPNs because it's taking the network interface out of the user interface."
In March, the overall number of phishing sites leapt 235 percent from their February level, as criminals seek to target a population increasingly reliant on the web, eCommerce and remote services. CheckPhish is actively tracking close to 100,000 counterfeit sites on the internet.
You can read more about the report on the CheckPhish blog.