Cyber threats facing remote workers were analyzed in a recent report by Lookout. The report shows that 80% of survey participants admitted that when working from home on Fridays in the summer months, they are more relaxed and distracted. Another 68% revealed they are more likely to use their personal devices for work, and 13% admitted they’d fallen for a phishing attack while working from home.
Twenty-one percent of employees said that they would continue working business as usual in the event they fell victim to a phishing attack while working remotely on a Friday, with 9% indicating that they’d wait until after the weekend to report it. However, stopping employees working remotely isn’t a viable option for employers, as 65% said they’d leave their job if the rules around remote work changed.
The report also featured cybersecurity recommendations:
Start by implementing consistent policies across the board. These policies should carry forward to principles of zero trust, which can be applied to any user and any data that they try to access, including those using BYOD mobile devices. Continuous validation of users and data is critical — especially as attackers get more discreet about compromising employee credentials. Deviation from baseline behavior should be an immediate reason to have a user reauthenticate, and one of the most obvious deviations is when they access data they shouldn’t be accessing.
Organizations should be able to protect any device or user from phishing attacks — including mobile devices. Attackers have set their sights on compromising employee credentials through mobile devices because users can be vulnerable to social engineering across a myriad of apps. In the context of hybrid work, when employees constantly move between work and personal tasks on their mobile devices, then protecting against mobile phishing is a critical first line of defense.