Phishing Scams Are on the Rise
As the workforce went remote, the percentage of cyberattacks on businesses increased. One organization stated that they have seen phishing and other cyber scams increase by 40%. Experts claim the numbers are even higher in some cases. We’ve highlighted some of the most popular phishing scams used on remote employees below, so you can protect yourself in the event of a cyberattack.
The Voicemail Hack
A recent report from IRONSCALES has shown that remote healthcare workers are being targeted with a phishing scam using voicemail. There were 100,000 accounts uncovered that were receiving these popular phishing scams to their cell phones. The vishing campaigns were positioned to come from various sources including the World Health Organization, NetWalker, CARES Act payments, and several others.
The Office 365 Login Scam
Hackers are trying any angle they can to access the sensitive information of remote employees. When lockdown started, researchers discovered a fake Virtual Private Network (VPN) that targets Office 365 users to log in to their account and steals their passwords. Like many of these popular phishing scams, this cyberattack targeted users with a phishing email linking them to a replicated Microsoft login page.
Stealing LinkedIn Passwords
According to Cisco Security, hackers are using fake LinkedIn invites to spam your account. In fact, sources state that 1 in every 4 spam messages has been sent using a fake LinkedIn invite. However, this is not your average spam message. This attack can embed password-stealing malware to your browser without you even knowing it.
How this scam works is the hacker sends over the fake invite and when you click the link you are redirected to Google. It is at this moment that your browser is infected with ZeuS data theft malware, that can steal all your browser information.
Other Popular Phishing Scams
Some of your remote employees might already be on the lookout for these signs, but sometimes even the most obvious flags can escape the eye. For better preparation before and after a simulated phishing test, here are some indicators of an email phishing scam.
- Empty Threats
- Spelling Errors
- Hidden Hyperlinks
- Stranger Danger
Practice Makes Perfect
To err is human, and not everyone will flawlessly pass this phishing test. Furthermore, it might take a couple of tries to get everyone on the same page. The point of these tests is to educate and prepare employees for attacks. Continue testing and watch your reporting data yield better results over time. Lessons are learned over repetition and time.