Workers suddenly finding themselves working remotely are extremely vulnerable to phishing attacks. This is due to a unique combination of two factors that amplify the problem: bigger target and poorer security behavior.
The first factor making remote workers move vulnerable is that hackers are going after them more vigorously now that they’re working remotely. This is especially true of hackers leveraging the Google brand. According to an article on National Cybersecurity News, “Remote workers are being ‘bombarded’ with Google-branded spear phishing attacks. This is according to a new report from Barracuda Networks, which claims that in the first four months of the year, almost two thirds of spear phishing attacks that impersonated big name brands were Google-themed.”
The second factor making remote workers more vulnerable is that it seems that once they’re out of the office, employees aren’t as security conscious as they were while at the office. Perhaps this is because they feel that since they are outside the perimeter of the company, they’re not putting the organization at risk, which is far from the truth.
According to an article on Help Net Security, “Employees [are] abandoning security when working remotely. 48% of employees are less likely to follow safe data practices when working from home.“
The statistics confirm the assumptions. “52% of employees believe they can get away with riskier behavior when working from home. 48% cite ‘not being watched by IT’ as a reason for not following safe data practices.”
It’s a perfect storm which is placing organizations right in the crosshairs of attackers. Employees working remotely, with corporate email, are just as vulnerable to phishing attacks compared to working in the office. And because they are outside the corporate perimeters, they are even more vulnerable because they are not protected by end point security systems like firewalls and secure email gateways. What these employees need is email security which extends beyond the perimeter of the organization.
What they need is cloud-based email security from Phish Protection. Cloud-based phishing protection means employees using corporate email are protected from phishing attacks no matter where they work and no matter what device they use. And Phish Protection works with all major email providers so every remote worker at every organization can be protected.
Since Phish Protection is cloud-based, not only is there no hardware and software to buy, but it sets up in 10 minutes with a simple change to a DNS entry. And since it sets up in 10 minutes, that means you can protect every remote worker in your organization in 10 minutes, even if there are thousands of them.
The hackers are coming for your remote workers and your workers don’t care, but you should. Try Phish Protection for free for 60 days.