When working from home, employees are exposed to increased stress and are therefore more susceptible to phishing emails. But simple measures can reduce the risk considerably.
Phishing is nothing new. Cybercriminals have been using this method for a good quarter of a century, and it is still effective. After all, the weak point always remains the same. Whether it’s email (phishing), SMS (smishing), telephone (vishing) or social media—the route always leads to sensitive data about people. Employees who, due to the pandemic, sometimes hastily shifted their work to the home office, are the ideal target—especially when it comes to attacks that are tailor-made to current issues and concerns.
The Sophos Phishing Insights Report 2021 indicates that global phishing attacks on companies increased by 70 percent. Moreover, according to a current study by G DATA, brand eins and Statista, phishing emails cause significantly more damage when working from home than in the private environment or in the office. When working from home, access data or personal data was stolen in one fifth of the attacks. In the office, this was the case only 14.6 percent of the time.
According to a finding from the eco IT security study 2021, for years, the greatest threat has come from ransomware (blackmail trojans). Criminals often try to distribute manipulated PDF, ZIP or Office files as well as hidden executable programs using social engineering via email attachments. After opening, the files on the hard drive are encrypted or the compromised system is locked, with the aim of demanding a ransom from the victim for recovery.
A seemingly harmless email can turn out to be a million-dollar ransomware attack. The 7 tips from the eco Association of the Internet Industry show how employees protect themselves from this: