Hackers always come up with new ideas to launch cyber attacks by sending emails that appear to be normal and sent from the company's internal address, and may be associated with a request to join a new mailing list, but in fact it is an electronic trap from hackers, who want to penetrate the company's network.
Experts call such cyberattacks "phishing", ie password phishing. And Andy Voss of the German magazine "Computer Bild" explained that "such cyber attacks aim to lure the user to fake websites via SMS or fake emails."
Even professional or experienced users are not able to immediately recognize phishing attacks, and these attacks are now increasingly targeting employees who work from home.
"Phishing attacks are increasingly targeting home-based employees because they are vulnerable victims, and while corporate managers exercise strict control over work computers in companies, they lack this rigor," said Ronald Eckenberg, of German computer magazine C't. When an employee works from home.
The chance of a company being at risk of phishing attacks increases when an employee relies on his or her own computer to perform work tasks in the home office.
Hackers can more easily penetrate the computers of employees who work from home; Since communications are only digital, and there is no personal communication, the employee is more likely to open fake emails, which appear to be sent from the company's president or business manager.
Ronald Eckenberg warned that “if a user’s computer at home is infected with a “Trojan” virus (a Trojan horse, which is malicious software that is entered on the victim’s computers through files that appear to be innocent or reliable), this virus may be transmitted to the company’s network via a “VPN” connection. (VPN), and in the worst case, the company can be completely paralyzed by a wrong click on a link.
No to private computers
Therefore, the German Association for Communications and Information Technology (Bitcom) advised against the use of private computers in the home office, and Simran Mann, an IT security expert in the German Association, explained that “it is better to limit oneself to only the company’s devices while working from home, with restricted access rights, and to be limited to Install programs on the system manager only, in addition to making sure that the necessary security updates are actually installed.
If the computer at home is infected with the Trojan virus, the user cannot immediately identify it. Eckenberg added that one of the goals of hackers is not to detect their attacks for as long as possible, explaining that "among the indicators of exposure to phishing attacks are the redirection of the call to the web page, the appearance of programs that the user did not install, or a sudden increase in the load on the operating system." And the user should also suspect when anti-virus programs start to work.
The German expert advises Ekenberg that work is limited to updated programs and activate the anti-virus program, and stressed that the anti-virus program "Defender" built into the operating system Microsoft Windows 10 and 11 is sufficient in most cases.
E-mail is the main gateway to cyber attacks. Simran Man believes that electronic attacks are launched through USB memory units, which automatically install malicious codes, messages and malicious software on the company's computers, and such attacks require much higher effort.
In the past, it was easy to identify cyber attacks through the poor language of email, but now the situation has changed and has become more difficult. "These messages look very professional, including the email signatures of the alleged sender," the German expert explained.
Hackers always try to access computers by phone, in which case cyber attacks are known as "voice phishing", and the traditional way is for hackers to pretend to be Microsoft support staff and try to convince the user to install programs to remote control the computers, which allows them to Full control of computers and access to all data.
How do you deal with trying to hack mail?
When faced with such attacks, Andy Voss advised to end the call immediately; Since Microsoft or other trusted companies do not make any communications or send emails requesting the disclosure of any personal data or information, common sense is one of the best ways to counteract cyber attacks.
Andy Voss added that "when the user learns about hacker tricks, he can, of course, easily identify such attacks, but under no circumstances should you open attachments to emails sent by unknown people out of curiosity."
If the user doubts the sent message, it is best to phone its sender before opening suspicious attachments or executing ambiguous instructions.
And it's not just employees, but companies can do a lot to counter cyber attacks and further secure the corporate network. "IT security should be the top priority, even if it costs a lot of money," Simran Mann added.
Tags:
technology