FBI Warns of Remote Work Scams, Security Firms Respond
One security expert indicates "newly remote workers and the systems to which they are attached will be a high value target” for criminals.
Cybercrime continues to play havoc with remote workers who are not used to protecting their home devices, prompting the FBI to issue warnings and guidance, and security companies to step in to help protect workers.
Last week the FBI released guidance in response to an increase in reports of video-teleconferencing hijacking. Many organizations and individuals are increasingly dependent on VTC platforms, such as Zoom and Microsoft Teams, to stay connected during the COVID-19 pandemic.
The Cybersecurity and Infrastructure Security Agency encouraged users and administrators to follow these steps to improve VTC security:
- Ensure meetings are private, either by requiring a password for entry or controlling guest access from a waiting room.
- Consider security requirements when selecting vendors. For example, if end-to-end encryption is necessary, does the vendor offer it?
- Ensure VTC software is up to date.
The FBI’s Internet Crime Complaint Center also issued a public service announcement about attacks exploiting the increased usage of online communication platforms for remote working and distance learning caused by the pandemic.
The IC3′s PSA said, “Cyberactors exploit vulnerabilities in these systems to steal sensitive information, target individuals and businesses performing financial transactions, and engage in extortion.”
The FBI’s warning mentioned over 1,200 complaints related to coronavirus scams received and reviewed since March 30, with threat actors engaging in phishing campaigns, launching distributed denial of service attacks and deploying ransomware, as well as creating fake COVID-19 landing pages that infect victim’s devices with malware.
In late-March, a PSA published on the IC3 platform warned of a series of phishing attacks delivering spam using fake government economic stimulus checks as a lure to steal personal information from victims. “Based on recent trends, the FBI assesses these same groups will target businesses and individuals working from home via telework software vulnerabilities, education technology platforms, and new business email compromise schemes,” the federal law enforcement agency said.
The FBI also said a BEC scammer group tracked by Agari researchers as Ancient Tortoise launched the first known coronavirus-themed BEC attack specifically designed to exploit the global COVID-19 event. “Due to the news of the Coron-avirus disease (COVID-19) we are changing banks and sending payments directly to our factory for payments, so please let me know total payment ready to be made so I can forward you our updated payment information,” the crooks said in their scam emails.
A San Francisco-based fraud prevention and detection tech firm Breach Clarity, in response to the anticipated long trail of financial crime emerging under the guise of COVID-19 aid, waived its per-user costs for Breach Clarity Premium for Financial Services product to financial institutions for six months.
Breach Clarity held the large new remote workers’ pool presents cybercriminals with new opportunities around tenuous home security practices. “As cybercriminals experiment with new forms of cyberscams, newly remote workers and the systems to which they are attached will be a high value target,” Breach Clarity Co-Founder and COO Al Pascual said. “During inevitable security breakdowns, criminals will gain access to a wealth of personal information. We expect the increase in stolen data will fuel a massive wave of financial crime that will last long after consumers return to a more normal way of life.”
Breach Clarity Premium for Financial Services identifies and analyzes specific data breaches impacting FI customers. It factors the types of personally identifiable information exposed in any particular breach to predict the types of identity fraud risk it creates.
The Chicago-based Xamin, a provider of managed IT services, announced the temporary offering of its SOC2 secure remote solution at no cost to help highly regulated and reputation-sensitive companies connect their remote workforce. A SOC 2 audit confirms a service provider securely manages a system’s security, accessibility, integrity and privacy.
Xamin noted providing a secure and protected network is becoming increasingly important for employers and their employees due to the influx of people working remotely amidst the pandemic.
The Xamin SOC2 secure remote access solution helps companies securely connect their workforce from home, with encrypted remote access to their workflows and necessary documents.
“Although some companies are prepared to handle this pandemic through disaster recovery testing and business continuity planning, we’ve seen others struggling to enact plans to scale-up their remote work infrastructure to handle the massive change in users needing access to remote connectivity,” Jonathan Smith, CEO of Xamin, said. “At Xamin, we want to provide technical assistance to companies still looking to securely connect their remote employees.”