Hello Webroot Community,
I wanted to create a space for us to come together and discuss Webroot and COVID-19.
Consider this our office hours.
In case you might have missed it, we created a page here where we’ll keep a running list of articles, blog posts, and other pieces of content about our COVID-19 response.
If you have specific questions on what we’re doing as a company during the pandemic and our tips for how you can stay cyber resilient in these uncertain times.
Please add your questions below.
@GeorgeA and @TylerM for joining us today! FYI, we’re going to be taking a little break from Office Hours starting next week.
We’ll be back in the future though so keep sending in your questions and letting us know what you think!
What sort of phishing attacks are we seeing as a result of the pandemic? - David J.
This year is all about the pandemic and almost all the malspam phishing lures used by malware are based on COVID-19. The most common lures are around safe guidelines on how to protect yourself pretending to be from the CDC, WHO, NHO and White House asking you to download a word doc. We also saw fake pandemic stimulus lures and expect those to resurface if there is another stimulus approved. Once the word doc is downloaded from the attachment or link, it will ask the user to click the “enable content” button. This is what’s known as a macro, which if the user clicks on, will deliver the malware to their machine and is the scam that users should avoid at all costs. Macros are the most popular way criminals get victims to turn a word document into a malicious payload that can infect the entire network.
What are the new kind of vulnerabilities born during this period and how they are managed? - Andrea R.
I wouldn’t say “born” but more apparent for sure would be the unsecured RDP attack vector. Remoting onto computers is great for productivity but it has to be done securely. The unsecured RDP vector has only grown 40% during the pandemic. This is business adapting their office so their workforce can do their job remotely during lockdown, but it’s just not being done securely. Criminals can scan and find these machines on TCP and then brute force the credentials. Look for premium solutions that encrypt the traffic and have 2fa
I understand from your recent report, that phishing attacks are up. But what other security issues are you seeing that are directly related to working at home during the Covid pandemic? - Owen Rubin
The biggest issue beyond phishing adapting to pandemic lures that have been very effective, is probably insecurities with people working from home on their personal devices. Personal devices are twice as likely to get infected than corporate issued machines. Out of date operating systems and applications are usually the biggest culprits along with security and data protection suites that are on the corporate machines, but not personal ones
Do you think more employers will be more open to allowing employees working from home? - Ashley D.
I think because the wheels have not fallen-off, and in many cases productivity is up, many employers’ have become more open to WFH in the future. However, company culture, onboarding new employees, collaboration and other areas have suffered – so its not as clear cut across the board. What I definitely expect is depending on role/function/contribution is a more balanced approach to WFH than in the past.
Have you seen an uptake in people investing in security since the start of the pandemic? - Martin H.
There was initially an uptick to help people WFH. More recently we’ve seen increased interest in DNS Protection and Security Awareness Training to help with WFH as extra layers. Also endpoint backup and M365 backup and recovery have all picked-up too. The research points to greater spend too. So I’d say there is an uptake in areas people have gaps. But of course there are businesses not spending at all as they are suffering from the pandemic. So yes, a little more investment, but tempered by the business situation.
Why do people click on phishing links - Vasilis T.
I’m going to be cheeky here. There are lots of reasons and we have published and last week an excellent and comprehensive report on why globally:
COVID-19 Clicks: How Phishing Capitalized on a Global Crisis.
There’s also a blog linked from this Community at:
The Blog gives lots of tips.
One of the key findings from the psychologist we asked to look at the results was:
“People aren’t great at handling uncertainty. Even those of us who know we shouldn’t click on emails from unknown senders may feel uncertain and click anyway. That’s because we’ve likely all clicked these kinds of emails in the past and gotten a positive reward. The probability of long-term risk vs. short-term reward, coupled with uncertainty, is a recipe for poor decision-making, or, in this case, clicking what you shouldn’t.” – Prashanth Rajivan, Ph.D.
What would be your top 5 tips for users working from home? - Russell Harris
Apart from always being vigilant and not rushing or being distracted as we have seen mistakes happen because of the less than ideal work environment – dogs, kids, cramped etc. I’d suggest the following.
And, most important down time is down time, take holidays and don’t do ANY work on PTO. It piles up I know and it will be there when you get back – but that’s work. PTO is about taking the complete break and enjoying life not work!
Hey everyone, I hope you’re having a great week and staying safe.
We’ve got a few questions for our expert panel this week
@GeorgeA and @TylerM .
We’ll get started in a little bit.