{"id":14184,"date":"2020-09-21T09:26:21","date_gmt":"2020-09-21T12:26:21","guid":{"rendered":"https:\/\/ostec.blog\/?p=14184"},"modified":"2020-09-21T09:26:52","modified_gmt":"2020-09-21T12:26:52","slug":"phishing-remote-workers","status":"publish","type":"post","link":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/","title":{"rendered":"Phishing: Remote workers are new targets for cybercriminals"},"content":{"rendered":"<p>Researchers in digital security have discovered a new scam that consists of sending fake e-mails on behalf of the corporate technology department, aiming to reach employees in remote work. In a recent campaign, detected by\u00a0<a href=\"https:\/\/appriver.com\/\">AppRiver<\/a>, cybercriminals sent an email to employees posing as members of the company\u2019s helpdesk team. The e-mail reported that the technology team had created a portal to help users manage tasks during remote work. This e-mail also instructed recipients to update their data on the new portal, through a link that directed them to the OWA phishing page (Outllook Web Access). Senior AppRiver cybersecurity analyst David Pickett said the perpetrators of the threat could use different media to increase the success of this type of scam:<\/p>\n<blockquote><p>\u201cCybercriminals specializing in social engineering can also carry out these scams over the phone or in person. It is common for cybercriminals to use automated tools, such as Social Mapper or the numerous tools including LinkedIn, to obtain information exposed on social networks about the targets of the attacks. The tools allow anyone to obtain data \u2013 including employee positions, organizational structure, known contacts and even technologies that the target company uses to help increase the sense of legitimacy of the approaches\u201d.<\/p><\/blockquote>\n<h2>More scams targeted at remote workers sent by email<\/h2>\n<p>The\u00a0<a href=\"https:\/\/www.wsj.com\/articles\/hackers-target-companies-with-fake-coronavirus-warnings-11583267812?tesla=y\">Wall Street Journal<\/a>\u00a0covered an increase in e-mail phishing attacks, in which cybercriminals used information about the target organizations\u2019 remote work plans. In the email, cybercriminals said they would give information to their recipients if they passed on some personal and \/ or work-related data, a means of trying to gain access to their accounts.\u00a0<a href=\"https:\/\/www.deloitte.com\/\">Deloitte<\/a>\u2018s chief risk adviser, Colm McDonnell, was a witness to these attempted attacks. He explained that these and other efforts are likely to become increasingly common as more workers move to remote work, motivated by the advance of the pandemic and the need for social isolation. It is very likely that in the coming days more and more people will choose to work remotely, making use of their company\u2019s VPNs. Some of these companies may never have had VPNs before, and since these people may not be familiar with the portal page or MFA, they may be more susceptible to malicious third-party e-mails disguised as members of the technology team, a VPN provider or genuine MFA supplier.<\/p>\n<blockquote><p>\u201cWhile adapting to this new work situation, employees may not be in the right frame of mind to identify phishing scams or make an appointment to assess the accuracy of some information received.\u201d He watched McDonnell. \u201cThis could further increase the success of these types of attacks.\u201d<\/p><\/blockquote>\n<h2>Protecting remote workers from phishing attacks<\/h2>\n<p>Companies must apply a number of resources to prevent such attacks from succeeding. Among which, it is important to highlight: Use of VPN\u2019s: The use of this type of technology is essential for establishing secure remote work. VPN\u2019s enable encryption of data trafficked over unsecured networks and implementation of controls over the use of the internet and corporate applications. Internet control also prevents malicious websites and links from being accessed and causing damage to the company. Corporate antispam: I try to keep in mind that most phishings are executed by email, it is important that companies implement technologies that prevent malicious messages from reaching the inbox of company employees. This is one of the most efficient ways to curb attacks of this type. Team awareness: Technology resources are often not sufficient to prevent the success of virtual attacks. In these moments, the human factor is one of the main safety assets. Therefore, it is very important that technology professionals and companies develop training and awareness programs to strengthen their security strategies. Are you interested in continuing reading on this topic? Then access more content through the\u00a0<a href=\"https:\/\/ostec.blog\/en\/general\/home-office\">link<\/a>. And if you experience difficulty in implementing the remote work strategy, feel free to contact one of our specialists. Via:\u00a0<a href=\"https:\/\/appriver.com\/resources\/blog\/march-2020\/scammers-targeting-new-remote-workers-fake-it-emails-0?&amp;web_view=true\">AppRiver<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers in digital security have discovered a new scam that consists of sending fake e-mails on behalf of the corporate technology department, aiming to reach employees in remote work. In a recent campaign, detected by\u00a0AppRiver, cybercriminals sent an email to employees posing as members of the company\u2019s helpdesk team. The e-mail reported that the technology [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":14187,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[984,994,1001],"tags":[],"class_list":["post-14184","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","category-noticias-en","category-trabalho-remoto-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Phishing: Remote workers are new targets for cybercriminals - OSTEC | Seguran\u00e7a digital de resultados<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Phishing: Remote workers are new targets for cybercriminals - OSTEC | Seguran\u00e7a digital de resultados\" \/>\n<meta property=\"og:description\" content=\"Researchers in digital security have discovered a new scam that consists of sending fake e-mails on behalf of the corporate technology department, aiming to reach employees in remote work. In a recent campaign, detected by\u00a0AppRiver, cybercriminals sent an email to employees posing as members of the company\u2019s helpdesk team. The e-mail reported that the technology [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\" \/>\n<meta property=\"og:site_name\" content=\"OSTEC | Seguran\u00e7a digital de resultados\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ostec\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-21T12:26:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-09-21T12:26:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"928\" \/>\n\t<meta property=\"og:image:height\" content=\"534\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Thais Souza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ostecsecurity\" \/>\n<meta name=\"twitter:site\" content=\"@ostecsecurity\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\"},\"author\":{\"name\":\"Thais Souza\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33\"},\"headline\":\"Phishing: Remote workers are new targets for cybercriminals\",\"datePublished\":\"2020-09-21T12:26:21+00:00\",\"dateModified\":\"2020-09-21T12:26:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\"},\"wordCount\":657,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/ostec.blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg\",\"articleSection\":[\"General\",\"Not\u00edcias\",\"Trabalho remoto\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\",\"url\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\",\"name\":\"Phishing: Remote workers are new targets for cybercriminals - OSTEC | Seguran\u00e7a digital de resultados\",\"isPartOf\":{\"@id\":\"https:\/\/ostec.blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg\",\"datePublished\":\"2020-09-21T12:26:21+00:00\",\"dateModified\":\"2020-09-21T12:26:52+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage\",\"url\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg\",\"contentUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg\",\"width\":928,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/ostec.blog\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Phishing: Remote workers are new targets for cybercriminals\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ostec.blog\/#website\",\"url\":\"https:\/\/ostec.blog\/\",\"name\":\"OSTEC | Seguran\u00e7a digital de resultados\",\"description\":\"Empresa especializada na oferta de produtos e servi\u00e7os de seguran\u00e7a digital.\",\"publisher\":{\"@id\":\"https:\/\/ostec.blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ostec.blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/ostec.blog\/#organization\",\"name\":\"OSTEC Business Security\",\"url\":\"https:\/\/ostec.blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png\",\"contentUrl\":\"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png\",\"width\":251,\"height\":67,\"caption\":\"OSTEC Business Security\"},\"image\":{\"@id\":\"https:\/\/ostec.blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ostec\",\"https:\/\/x.com\/ostecsecurity\",\"https:\/\/www.instagram.com\/ostecsecurity\/\",\"https:\/\/linkedin.com\/company\/ostec-security\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33\",\"name\":\"Thais Souza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/ostec.blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g\",\"caption\":\"Thais Souza\"},\"url\":\"https:\/\/ostec.blog\/en\/author\/thais-souza\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Phishing: Remote workers are new targets for cybercriminals - OSTEC | Seguran\u00e7a digital de resultados","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/","og_locale":"en_US","og_type":"article","og_title":"Phishing: Remote workers are new targets for cybercriminals - OSTEC | Seguran\u00e7a digital de resultados","og_description":"Researchers in digital security have discovered a new scam that consists of sending fake e-mails on behalf of the corporate technology department, aiming to reach employees in remote work. In a recent campaign, detected by\u00a0AppRiver, cybercriminals sent an email to employees posing as members of the company\u2019s helpdesk team. The e-mail reported that the technology [&hellip;]","og_url":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/","og_site_name":"OSTEC | Seguran\u00e7a digital de resultados","article_publisher":"https:\/\/www.facebook.com\/ostec","article_published_time":"2020-09-21T12:26:21+00:00","article_modified_time":"2020-09-21T12:26:52+00:00","og_image":[{"width":928,"height":534,"url":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg","type":"image\/jpeg"}],"author":"Thais Souza","twitter_card":"summary_large_image","twitter_creator":"@ostecsecurity","twitter_site":"@ostecsecurity","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#article","isPartOf":{"@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/"},"author":{"name":"Thais Souza","@id":"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33"},"headline":"Phishing: Remote workers are new targets for cybercriminals","datePublished":"2020-09-21T12:26:21+00:00","dateModified":"2020-09-21T12:26:52+00:00","mainEntityOfPage":{"@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/"},"wordCount":657,"commentCount":0,"publisher":{"@id":"https:\/\/ostec.blog\/#organization"},"image":{"@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage"},"thumbnailUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg","articleSection":["General","Not\u00edcias","Trabalho remoto"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/","url":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/","name":"Phishing: Remote workers are new targets for cybercriminals - OSTEC | Seguran\u00e7a digital de resultados","isPartOf":{"@id":"https:\/\/ostec.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage"},"image":{"@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage"},"thumbnailUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg","datePublished":"2020-09-21T12:26:21+00:00","dateModified":"2020-09-21T12:26:52+00:00","breadcrumb":{"@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#primaryimage","url":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg","contentUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/04\/teclado-luminoso.jpg","width":928,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/ostec.blog\/en\/general\/phishing-remote-workers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/ostec.blog\/en\/"},{"@type":"ListItem","position":2,"name":"Phishing: Remote workers are new targets for cybercriminals"}]},{"@type":"WebSite","@id":"https:\/\/ostec.blog\/#website","url":"https:\/\/ostec.blog\/","name":"OSTEC | Seguran\u00e7a digital de resultados","description":"Empresa especializada na oferta de produtos e servi\u00e7os de seguran\u00e7a digital.","publisher":{"@id":"https:\/\/ostec.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ostec.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/ostec.blog\/#organization","name":"OSTEC Business Security","url":"https:\/\/ostec.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ostec.blog\/#\/schema\/logo\/image\/","url":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png","contentUrl":"https:\/\/ostec.blog\/wp-content\/uploads\/2020\/11\/logo_ostec_250.png","width":251,"height":67,"caption":"OSTEC Business Security"},"image":{"@id":"https:\/\/ostec.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ostec","https:\/\/x.com\/ostecsecurity","https:\/\/www.instagram.com\/ostecsecurity\/","https:\/\/linkedin.com\/company\/ostec-security"]},{"@type":"Person","@id":"https:\/\/ostec.blog\/#\/schema\/person\/ca88ecd81da20ed5773cd0959c645c33","name":"Thais Souza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ostec.blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/400dde6458954de06efa803109767977?s=96&d=mm&r=g","caption":"Thais Souza"},"url":"https:\/\/ostec.blog\/en\/author\/thais-souza\/"}]}},"_links":{"self":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/posts\/14184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/comments?post=14184"}],"version-history":[{"count":0,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/posts\/14184\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/media\/14187"}],"wp:attachment":[{"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/media?parent=14184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/categories?post=14184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ostec.blog\/en\/wp-json\/wp\/v2\/tags?post=14184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}