The number of phishing attacks against remote workers was on the rise in the fourth quarter of 2020, a new report from cybersecurity awareness and training firm KnowBe4 claims. Phishing via social media social media channels, mostly LinkedIn, also grew in popularity.
Examining tens of thousands of subject lines from simulated phishing tests, KnowBe4 found that those related to potential changes in corporate policy were among the most popular. Emails about password changes, corporate meetings, vacation policies and remote working policies were the top four general email subjects.
In the wild, on the other hand, annual asset inventory was the most popular subject among phishers, followed by changes to health benefits, unusual Twitter login notifications and Amazon Prime membership being declined.
For Stu Sjouwerman, KnowBe4 CEO, it's not surprising that attacks against remote workers are on the rise.
“Just because employees may be more used to their home office environment doesn’t mean that they can let their guard down,” he said. “The bad guys deploy manipulative attacks intended to strike certain emotions to cause end users to skip critical thinking and go straight for that detrimental click.”
Ever since the pandemic forced entire countries into lockdown, criminals have been preying on remote workers. They’ve been sending all kinds of phishing emails with fake information on government stimuli, vaccine development, protective gear and many other topics.