Just the simple fact of working from home due to coronavirus leaves you more vulnerable to phishing attacks than if you were at work. Why is that? Because it’s almost certain that the cyber defenses on your home network are not as good as those on your company’s network.

With regard to working at home, an article on Help Net Security points out that working at home effectively increases an organization’s attack surface. “This is because employees who use their own devices for work can introduce new platforms and operating systems that require their own dedicated support and security. With so many devices being used, it’s likely that at least some will fall through the security cracks.”

A compounding factor is that most organizations have not yet deployed cloud-based phishing protection for their suddenly remote workers. That means emails sent to remote workers completely bypass the company’s cyber defenses leaving their employees completely exposed and on their own.

So, just by the very nature of you using your working at home, you are more vulnerable to the recent spike in coronavirus-based phishing attacks. But now there’s another factor which makes you even more vulnerable: social isolation.

From another article on Help Net Security, “Research from the Better Business Bureau (BBB), the FINRA Investor Education Foundation, and the Stanford Center on Longevity found that people are more likely to lose money to a scam when they are socially or physically isolated from others.”

“According to our research, social isolation is a key risk factor for susceptibility to scams, as is financial vulnerability,” said Melissa Lanning Trumpower, executive director of the BBB Institute for Marketplace Trust, BBB’s foundation that conducted the research.

So, what should a suddenly remote worker do in response to these threats? Two things. First, have a heightened sense of awareness about them. You’re working at home, your network is not as safe and there is a rash of COVID-19 phishing emails floating around out there. Be paranoid! Don’t completely trust any email in your inbox. If you have any suspicions at all, contact the sender through some other channel.

Second, get on the phone, call your IT department and tell them they need to deploy cloud-based phishing protection software like that available from DuoCircle.

You can tell them that Phishing Protection from DuoCircle works with all email providers, sets up in 10 minutes and only costs pennies per employee per month. Oh, and you can try it free for 30 days.

Well, what are you waiting for?

Pin It on Pinterest

Share This