During the coronavirus outbreak, a different kind of “virus” is growing in threat. Ransomware and phishing attacks are on the rise across all sectors of the economy and real estate is no exception.
This week, the FBI released a warning that business email compromise schemes are expected to increase in response to COVID-19. And according to a recent report, cybercrime is poised to double during the COVID-19 outbreak. The report indicates that damage costs could also double during the outbreak due to phishing scams, ransomware attacks, and insecure remote access to networks.
Businesses that adopt the right technology and offer work-from-home security protocols and training for their employees will be better protected against attacks during COVID-19 and beyond.
Why is cybercrime increasing during COVID-19?
Cybercriminals thrive in a crisis. Uncertainty and fear deliver perfect opportunities for cybercriminals to attack. During the COVID-19 crisis, individuals are fearful in the face of an invisible threat and are also navigating constant change and unpredictability both in their personal and professional lives.
Cybercriminals use this uncertainty and unpredictability to send employees malicious links disguised as helpful coronavirus information or protections. Additionally, cybercriminals use the unfamiliarity of remote work to prey on businesses that may not have work-from-home protocols in place.
What do COVID-19 cyber attacks look like?
Criminals are using COVID-19 themed phishing attacks to trick employees into clicking on malicious links that are disguised as helpful COVID-19 attachments and links. For example, the World Health Organization (WHO) recently sent a warning that attackers are sending false WHO emails to unsuspecting individuals who then download malicious attachments from what they believe to be a trusted source.
Additionally, cybercriminals are targeting remote workers and disguising themselves as IT professionals who are helping employees get set up to work from home. These false IT protocol instructions include ransomware links and other harmful attachments that enable the attacker to gain access to the individual’s device or network.
What can businesses do to protect themselves from cyber attacks during COVID-19?
Despite the rise in cyber attacks and general uneasiness surrounding COVID-19, there are a number of things businesses can do to safeguard their operations.
Educate employees on common COVID-19 phishing scams.
The first step to avoiding attacks is awareness. Qualia offers educational materials on security basics that you can leverage; however, you should also keep employees abreast of current threats by sharing news and examples of the latest scams. Encourage employees to report suspicious emails they receive so you can alert the broader team of potential lookalike attacks.
Set up employees to work from home securely with the right technology
Cloud-based workflow software is the best option for remote work. With cloud-based technology, employees can access critical files securely from anywhere without logging into a VPN. Additionally, data is protected through the use of cloud storage which eliminates any need for local storage of sensitive information which can lead to vulnerabilities.
Cloud-based title workflow software also enables title & escrow professionals to work more securely and collaboratively on files while working remotely. For example, Qualia users can take advantage of secure chat functionality and dynamic workflow management tools that enable colleagues to discuss files directly within the software system.
Ensure employees have turned on proper safeguards
There are a number of safeguards each employee should enable when working from home including:
- Turn on multi-factor authentication on all accounts—especially for core software and email. For example, Qualia offers two-factor authentication for its users.
- Ensure all devices are up to date on their anti-virus protection
- Turn on personal router encryption so that outsiders cannot read information sent over personal networks.
- Disable email forwarding. On a Proplogix webinar held recently, Qualia’s Director of Business Development warned that many attackers who have previously gained access to accounts are maintaining access to sensitive information by setting up email forwarding so that information is continually funneled to them after their access is cut off.
- Update software (Qualia’s software is automatically updated)
Provide work-from-home security protocols
While employees transition to new work environments, it’s important to guide them on how to handle different communications when face-to-face interactions are not possible. Give employees a sense of how urgent requests will be handled during the COVID-19 crisis so that everyone can better spot a false request from a manager or executive. For example, you may set a protocol that all requests for sensitive information or funds from superiors must be verified over the phone.
Additionally, employers should provide employees with comprehensive work-from-home protocols for safeguarding devices and data. Below are a few examples of protocols to include:
- Zero use of public WiFi
- Laptops must be password-protected, locked, and secure
- Physical files must be stored securely under lock and key
- Sensitive information must be disposed of securely (shredded)
Overall, education is paramount to securing your business during uncertain times. Employees who understand cyber security basics and potential threats will be better able to protect themselves and the business from cyber attacks.
For more information on how to manage changes during COVID-19, click here to access the latest Qualia Insight coronavirus articles.