Increased Risk of WFH Phishing: How to Stay Safe

In 2020, a lot of corporate employees had to switch to working from home. As a response to that, hackers and spammers started tripled their phishing efforts and started sending tonnes of phishing emails.

Companies specializing in computer security released alarming numbers – a well-designed phishing email deceived 47% of its recipients and tricked most of them into “changing” their password.

Popular subject lines for such emails often were related to COVID-19 and working remotely: “Remote Work Policy Update”, “COVID-19 Policy Change”, “Zoom Conference Time Changed”, and so on.

In this post, we’ll teach you how to recognize phishing emails and stay safe.

Pay Attention to the Sender and Subject

Hackers and scammers design their emails in such a way that they look very similar to legitimate emails. The most common targets for the copycats are popular social networks, like Facebook, Twitter and LinkedIn, and payment systems like PayPal.

True, these emails look a lot like legitimate ones but you can easily spot that they’re not from the company they claim to be by checking the sender’s email address. While the sender’s name might look legitimate, the actual email address they use to send the email will be wrong:

The example shows how the scammer pretends to be FedEx but their actual email address is not on a FedEx corporate domain.

Check the Content

If you can’t tell from the sender’s name and email address whether the email is legitimate or not, take a close look at the content. Often, phishing emails contain spelling and grammar mistakes that won’t be in a legitimate emails.

If there are any links in the email (and you bet there will be – these links will lead you to a phishing page where hackers will steal your private information), check them before you click on them. If you’re using webmail, hovering over the link will show the actual URL in the bottom left corner. If you’re using an email client, then look up instructions on checking links for your particular email clients.

Don’t Be Shy to Ask

If you receive an email about a Zoom meeting or something similar, don’t be shy to email a colleague and ask if there was a Zoom meeting scheduled and if its time changed or not. The same goes about any emails that look like they’re from your bank, credic card company, insurer, etc.

Use a VPN

A VPN is an excellent way to protect your privacy online by hiding all identifiable information like your location and IP address. While a VPN won’t be able to protect you if you willingly share your password or personal details on a phishing page, it will protect you if you accidentally click on a link in a phishing email and then close the phishing page immediately, as soon as you realize that it’s not legitimate.