The US’s Federal Bureau of Investigation (FBI), on April 6th, issued a public service announcement warning businesses on an escalated attack on cloud-based email platforms by hackers. The hackers are primarily targeting business email accounts.
These heightened attacks come against a backdrop of many corporations encouraging most of their staff to work from home. This measure was taken following a public health safety advisory from the World Health Organization (WHO) in conjunction with government authorities around the world to combat the spread of COVID-19 pandemic.
The hackers are now on overdrive, trying to access business information that was previously only available within companies’ internal networks. However, with many staff working from home, that information is now being relayed back and forth over the internet. Thus opening up a loophole for hackers to try and get their hands on the information.
FBI warns users to be alert on Phishing Scams
The FBI says the most lethal tool in the hackers’ armory is still the good old fashion phishing scams. Where hackers steal the staffer’s email credentials, log into their accounts, and scan around for financial matters. At which point, they send a bogus email request for payments and transfers of funds as they impersonate a known entity to the victim.
FBI Advisory on safeguarding against BEC
Most countries are fighting around the clock to contain the threat of the COVID-19 pandemic. Only a few countries are starting to see the light at the end of the tunnel of that fight. Most countries around the world still have some long road ahead of them with regards to containing the virus.
As such, business as usual, where employees were commuting to work in the morning and back to their home in the evening is still a mirage. At least for a majority of countries around the world. That is to say, the work from home workforce model is still going to be around for a considerable time to come.
Nonetheless, that should not mean that hackers should be having a bountiful season thanks to the coronavirus. The FBI has strongly advised companies and their employees to put up robust security systems to their accounts.
At the top of the list of that FBI advisory is multi-factor authentication for email accounts. That should be followed up by a rigorous employee education in matters of BEC strategies and good Cybersecurity practices.