What the Tech? Check Your Internet Security When Working from Home
Twitter is now explaining what happened last week when dozens of high profile Twitter users were hacked, sending tweets asking for money.
In a blog post Twitter said it believes the attackers used a social engineering scheme to trick some of its employees to divulge
The Twitter accounts of Barack Obama, Joe Biden, Warren Buffett, Elon Musk and several others suddenly sent out a tweet, announcing they would be doubling the amount of money followers submitted to a Bitcoin locker. The tweets read the offer was good for only 30 minutes.
The hackers managed to scam followers out of more than $120,000.
As you may know, Twitter announced it is allowing employees to work from home for the rest of the year. It is not known if the employees who were tricked into giving out the information were working from home at the time but some cyber-security experts believe this type of scam is more likely to be successful if employees are not in the office.
“Because people are working from home, they have their work laptops at home, especially for people working at companies where there isn’t this remote work culture,” said Alex Guirakhoo, the leader on the research team at Digital Shadows.
“They don’t typically allow for remote work and have had to adapt to this new culture of everyone being available to work from home. So people may not have that security culture awareness and they might be accessing personal accounts on their work machines, which they probably shouldn’t be,” he said.
Email phishing attacks are on the upswing. From the end of February through March, the tech security firm Barracuda Network showed phishing attacks jumped by 667% (according to TechRepublic).
Email phishing typically involves emails to people, in this case employees, with a link that installs malware on the computer. Another frequent method is to pose as a coworker or supervisor and simply ask someone to provide information or access to data.
What can you do as an employee to protect your company? Ask. It isn’t as simple as when you were in the office and you could lean over to the person at the next desk and ask about an upcoming meeting, or check with a supervisor face-to-face before divulging information or access. If you are working from home and you get a suspicious email you didn’t expect was coming, call the office to double-check.
If you are working from your company’s laptop at home or remotely, refrain from conducting any personal business, web browsing, email or social media and do that from a personal computer or mobile device.