Ep.5: COVID-19: Phishing for At-Home Workers

COVID-19-related cybercrime is on the rise so we brought in Jason Norton from VIPRE Security to share best practices to keep you and your customers safe.

Endpoint security was a challenge before COVID-19 and now it’s become even more so for two reasons:

  1. We have more people working remotely than ever before, so it’s harder for IT pros to control the environment – devices being used to access corporate data, website behavior, etc.
  2. Cybercriminals, not surprisingly, are trying to capitalize on this moment. Phishing emails have spiked by more than 600% since the end of February, according to Barracuda Networks. Additionally, the FBI recently reported a 4x increase in cybercrime during this pandemic.

To help protect yourself and your customers, XaaS Journal sat down with Jason Norton, product marketing manager at VIPRE Security. Norton shares how VIPRE’s partners are dealing with these challenges, including best practices they’re following and how VIPRE is supporting them.

Like other guests we’ve talked with during this pandemic, Norton’s advice is a mixture of technology-focused best practices about staying safe and sane during these unusual times.

One tip that stands out is advising solution providers to sign up for alerts from CISA, an agency under the umbrella of the Department of Homeland Security that focuses on internet safety — at home, in the workplace and in the community. To sign up, visit CISA.gov and navigate to the “Join the Campaign” tab.

Another practical tip he mentions is the importance of keeping software updated — especially VPN software, which plays a vital role in enabling remote workers to connect to their business servers and applications. As we’ve seen with major exploits in the past, like the WannaCry ransomware attack a few years ago that infected more than 300,000 computers worldwide, every computer had one thing in common: Their software patches were at least six months out of date. So, although the frequency of attacks is going up, cybercriminals still prefer low hanging fruit.