The Coronavirus outbreak and the work-fromhome ‘ new normal ’ served as a catalyst for the evolution of phishing emails . Traditionally , phishing emails were easy to spot because of typos , poor wording and the lack of authenticity . Only spear phishing emails , which directly targeted specific individuals and organizations , were sophisticated enough to create a sense of legitimacy .

All that changed when the pandemic hit , as cybercriminals started focusing on creating mass phishing emails that lack typos , use reader-specific jargon , and even abuse the legitimate logos of the organizations or companies that they ’ re impersonating . More than that , these new phishing attacks quickly leverage popular topics in the media and exploit the way users have started to engage with financial and delivery companies in a work-from-home context .

The social engineering component of these new phishing campaigns has reached new heights of sophistication , with attackers focusing more on increasing the success rate of their campaigns , rather than boosting the volume of spam sent . This increase in efficacy and sense of legitimacy in phishing campaigns makes it more difficult for the untrained eye to discern fake from real .

Here are some tips on how to fight back :

• Use a protected browser designed to keep your online banking , e-shopping and any other type of online transaction private and secure

• Install a security solution on your PC and smart devices to locally protect your data and ward off e-threats including fraudulent websites , malware and phishing attempts that could ruin your holiday

• Monitor your accounts and credit card statements for suspicious activity so you can put a stop to fraud and limit the chances of becoming an identity theft victim

While these are general cyber hygiene tips that anyone can start implementing immediately , there are technologies available that offer even greater protection . When these online best practices are combined with technologies that protect your passwords with a password manager , offer an integrated virtual keyboard that makes it impossible for hackers to monitor keystrokes , or built-in hotspot protection to protect your device when connected to unsecured Wi-Fi networks , you can defend yourself against even the most advanced phishing campaigns .

Security solutions with integrated threat intelligence offer great protection against these modern phishing campaigns . Every day , we collect data from hundreds of millions of endpoints , analyze it , identify malicious sites , and use this centralized feed to protect various devices , from laptops , through network routers , to smartphones .

• Be aware of lookalike websites . Check the address bar for typos and look for poor grammar . If anything seems off , leave the website immediately

• Don ’ t use public Wi-Fi to make purchases or do your banking . If you do need to connect to a public network , use a VPN to make sure that no malicious individuals can intercept your sensitive info

We are seeing more cases where spoofing sites are indistinguishable from the legitimate ones , and the machine is better at detecting these malicious sites than the human eye and brain . These security controls were traditionally deployed on the network perimeter – but with work-from-home and mobile workstyle , threat intelligence needs to be available to every device .

www . intelligentcio . com INTELLIGENTCIO APAC 33

Intelligent CIO APAC Issue 31 | Page 33