As many workers across the Bay Area have shifted to working from home in recent weeks, cyber-criminals have taken notice.
Netskope, a Santa Clara-based technology security firm, is keeping tabs on the surge in telecommuting. Its CEO Sanjay Beri says work-from-home traffic now makes up about 70 percent of all business online activity.
"That's a massive shift," Beri said. "In many cases, [workers] are connecting from their own personal devices. Those systems can be infiltrated and used to steal company data."
Beri described several scenarios crooks use to target employees working from home:
- Posing as a company agent. They'll call you and claim to be with IT, needing your user name and password to address a problem. Or, they might say they're with HR, and they need to update your personal information.
- Pretending to be your boss. Some hackers can easily spoof email addresses, then assume the online identity of a company manager or executive, to ask workers for help accessing sensitive company data.
- Asking you to open files and attachments. Another use of the spoofed email technique convinces you to open a file or click a link, which then secretly installs spyware on your computer or phone. That hidden app gives crooks access to everything you type, including passwords.
- Sending phony texts to gain access. Criminals aiming to gain insider information might text you, claiming to be a boss or colleague, asking for access to a conference call or group video meeting. Once inside, they can quietly listen to what's discussed -- or even disrupt the meeting.
Beri says there are two simple rules for telecommuters to follow that will go a long way to protect their data -- both their own, and that of their employer.
"The number one thing they can do: never give any personal information to anybody over email, a cell phone, let alone a text," Beri said. "Number two: don’t go to any website via an email that has a link in it. Those two things alone will save organizations and people 95 percent of the problems that we see today."
It's not just workers at home falling prey to cyber-criminals. Thieves are targeting children, too -- while they take online classes as schools remain closed. Hackers might pose as teachers or principals, aiming to get spyware or malware installed on your family's computer or tablet.
The National Cyber Security Alliance and Anti-Phishing Working Group created this website with resources to help workers and families protect themselves from cyber attacks.