Our everyday lives are not what they used to be three months ago. Many users have made the transition from working in an office to working from home and students have adopted distance learning. But while the world focuses on one virus sweeping the globe, criminals see an opportunity to spread other types of viruses across our networks and devices.
As users adapt to their increased time spent at home and online, hackers are taking advantage by spreading malware and other scams. Let’s break down some of the major malware scams affecting users today, as well as how they can stay secure.
Remote Workers Targeted Through RDP Ports
With recent events accelerating the WFH trend, many companies have restricted employee travel and allocated more resources to enable virtual work. According to McAfee security researcher Thomas Roccia, a key component of enabling remote work and allowing employees to access internal corporate resources remotely is Remote Desktop Protocol (RDP). RDP is a Microsoft protocol that allows communication with a remote system. At a time where connectivity is more important now than ever before, it’s critical for users to be able to easily access the same tools and apps that they would in their office from their newfound remote work environments. However, it’s likely that many organizations brought systems online quickly with minimal security checks in place, giving attackers the opportunity to infiltrate them with ease. Because RDP ports are often exposed to the internet, an attacker could gain access to an entire network and consequentially, access a remote employee’s system. What’s more, these networks can be used as entry points for spreading malware or other malicious activities.
Since March 2020, the McAfee Advanced Threat Research team has seen a significant increase in the number of exposed RDP ports. But what does that mean for users working remotely? Because exposed RDP ports grant criminals access to remote systems, they are able to implement a number of malicious threats that could not only impact users working from home but also the organizations they work for. These threats include spreading spam and malware, as well as using the compromised RDP port to disguise malicious activity and compile their tools on the machine.
Phishing Emails Spreading Malware and Ransomware
Recently, hackers have also leveraged phishing emails regarding today’s current events to lure people into engaging with malicious content and enabling threats to gain access to their systems. Once established, that foothold can allow hackers to leverage malware to steal usernames and passwords, data, monitor user activity, capture user keystrokes, track network traffic and browser activity, and infiltrate networks and cloud services beyond the home. Criminals can also impersonate their victim to send emails from the infected devices to propagate themselves on numerous other systems. What’s more, hackers could spread ransomware that encrypts system files and refuse to decrypt them until the victim sends a ransom payment.
Stay Secure in the New Digital Landscape
Hackers will always seek to capitalize on current events in order to spread cyber misfortune. The recent surge of remote employees and users taking to the internet in order to pass the time is no exception. However, there are several steps users can take to facilitate a safe online environment for themselves and their families. Here’s what you can do to stay protected from malware regarding the current health emergency and similar threats:
Secure your RDP protocol
Because RDP remains one of the most used vectors to breach into organizations and personal networks, it’s important to follow best security practices. This includes using strong passwords and multi-factor authentication, patching vulnerabilities immediately, and not allowing RDP connections over the open internet. Discover more best practices on how to secure your RDP protocol in our blog on RDP security.
Beware of messages from unknown users
If you receive a text, email, social media message, or phone call from an unknown user regarding the current health emergency, it’s best to proceed with caution and avoid interacting with the message altogether.
Go directly to the source
If you receive information from an unknown user, go directly to the source instead of clicking on links within messages or attachments. Using a tool like McAfee WebAdvisor can help users stay safe from malware and other threats while searching the web.