The coronavirus pandemic has forever changed the way we interact and work. According to recent data, remote working has increased by 300% in India. Because of the lockdown and social distancing measures, even companies that were opposed to telework have accepted it. But with this development comes a menacing problem – cyber attacks. According to Kaspersky’s Security Network cybersecurity information, there was a 37% increase in the number of cyberattacks in India in the first quarter. A statement by internet service providers, ET, says that the number of cyber attacks since the lockdown has increased by 500%. At this rate, companies face the risk of cyber attacks or cyber threats once every alternate day. To this end, companies are putting efforts to increase the cybersecurity awareness of their employees.
Since most cyber threats come in the form of various phishing scams, here are some of the ten phishing attack tricks organizations are using to improve their employee’s cybersecurity awareness.
You might also be interested to read: Future Of Work Redefined By AI And Automation
Rules of conduct
Due to the rising global interest in workplace diversity and the reduction of harassment, companies are now reviewing their employment guidelines. In a situation whereby an employee reports unfair and undue treatment, the HR department is mandated to follow up. And now that remote working is taking over, companies are revising their employment and workplace guidelines.
Since employees are mandated to read the new guidelines, an organization’s IT department can send a purported letter from HR outlining the company’s Rule of Conduct. This email looks simple enough that it’s easy to click through and approve it. This situation has provided a perfect opportunity for cyber-crime infiltrating. As such, now more than ever, employees must look out before opening any emails.
Delayed year-end tax summary
With this, employees get notified about issues surrounding their tax documentation. Workers are always eager to know the duration for which their tax forms will come in so they can file returns accordingly. As a result, many members of staff open any mail with a tax-related subject link almost instinctively. This attitude makes it a perfect avenue for testing employees as a delayed year-end tax summary could be a phishing scam.
Scheduled server maintenance
The instinct for most workers when they get a notification from IT regarding a scheduled server was to ignore them. This attitude is commonplace because there’s nothing they could do about it. However, since most people are working from home and cybersecurity threats are on the rise, employees have become more aware of these kinds of messages as they try to make adequate plans.
Task assigned to you
When hackers use this medium to steal information from a company’s server, they use a message that allows the user to select a project scheduling system that their organization uses. By doing this, they ingeniously conceal the threat that an email poses. Although, this might be a semi-targeted phish, when this happens, an organization has to assume that all tools are compromised. The IT department uses the same strategy the hackers will use to increase the cybersecurity awareness of their employees.
New email system test
Everyone likes an update, especially one that increases the user-friendliness of an application and increases efficiency. For this reason, a new email system test strategy makes an easy and efficient method to get into an organization’s system. Preventing this form of cyber attack would require employees to be on high alert, which is why organizations also adopt this technique to keep employees on their toes.
Vacation policy update
As much as employees are supposed to love their work, they also like one thing almost as much – vacations. So, employees are prone to quickly and mindlessly attend to any message that addresses vacation. Besides, companies are changing their vacation policies to compensate and reflect the realities of the pandemic. As a result, employees can get sloppy, making it perfectly suited for cyber-crime infiltrating.
Car lights on
This method works for people who have an automated system that informs them when their car lights aren’t turned off. To reel employees in, the IT department would require the cooperation of the building manager then send a picture to the car owner. Using the method would naturally look suspicious because a text containing the registration number of the car is more efficient. However, most states don’t issue front registration numbers for vehicles anymore. This tactic for improving cybersecurity awareness and cybersecurity solutions is commonly employed by organizations in the US.
Courier service delivery
Crooks are everyday people just like anybody. They know what’s trending, and they try to use this to increase their efficiency. The courier service delivery is one of the phishing scams that predates the coronavirus pandemic. And they use it often because it works. People do a lot of shopping online nowadays, and they expect to get a message from the courier service chosen by the vendor. Cyber thieves use this medium to penetrate the system of unsuspecting individuals.
When a file is labeled a “secured document”, employees are easily lulled into a false sense of safety. This type of file often requires an extra step or two before accessing it. Crooks use this to attempt to steal employee information, especially their password, so they can gain access to the system. The IT department also uses this scheme to increase cybersecurity awareness of their employees and to enhance managed security services. Employees must ensure that they check in with IT to ensure there are no phishing attempts before putting in their passwords anywhere.
Social media message
LinkedIn is the most popular social media platform among professionals. In evaluating the cybersecurity awareness of their employees, IT departments would simulate a notification on an unsuspecting employee account. Since LinkedIn has gained some popularity of late, this seems like a perfect strategy. In situations where employees get an unusual email, they must alert the company’s IT department as it could be an indicator of possible cybersecurity threats.
In general, employees must be cautious and always on alert. Companies understand the importance of cybersecurity awareness. That is why, aside from using tests to improve the cybersecurity awareness of their employees, they’re also using cybersecurity firms for improved managed security services. Nonetheless, finding cyber security solutions is both the job of the employee and the employer. Employees must maintain a high level of cybersecurity awareness at all times and exercise caution before opening any mail or document. They should look out for phishing scams indicators such as spelling mistakes, misrepresented terminologies, and a mention of software tools not applicable to the company.
- Top ten phishing tricks that companies are using to test their employees’ cybersecurity smarts | Prabhjote Gill | September 21, 2020
- Work from home jobs increases by 300% in India. Know which sectors are hiring maximum employees | ET Now Digital | September 8, 2020
- 37% increase in cyberattacks in India in Q1: Report | IANS | May 25, 2020
- Cyberattacks in India surge since lockdown | Devina Senugupta | June 25, 2020
You might also be interested to read: