Coronavirus pandemic creates 'perfect storm' for cybercriminals to exploit people working from home: Experts

Employees unfamiliar with remote work can be particularly vulnerable.

As the country grapples with the burgeoning coronavirus pandemic, cybersecurity experts are warning that employees working from home are increasingly being targeted by aggressive cybercriminals trying to capitalize on their unfamiliarity with remote work.

The dark web is buzzing with coronavirus-related activity, experts said, with hackers selling other hackers COVID-19 scam “kits” complete with fraudulent email templates to target workers at home.

“Hackers are trying to exploit this moment in a time when everyone’s forced online,” said Dave Baggett, CEO of cybersecurity firm INKY, which is using artificial intelligence to track a “massive explosion” in corporate email attacks that began in late February and skyrocketed this week.

In recent days, federal law enforcement officials have warned the public about several coronavirus-related schemes that have emerged since the advent of the public health crisis, both online and offline.

The most prevalent online attack is called a phishing scam, in which emails that appear to be sent from an employer or another official organization attempt to get recipients to click on a link and input credentials and personal information. Hackers can use that information to access the corporate network, an individual’s personal accounts, or download ransomware on a device requiring users or businesses to pay sometimes staggering amounts of ransom in order to regain access.

According to Diana Burley, a cybersecurity professor at George Washington University, employees working from home simply don’t have the same protections they had while working in an office.

“That is coupled with the fact that people are very nervous, and they have a lot of distractions at home and are multi-tasking,” Burley said. “It’s become the perfect storm for cybercriminals to exploit the situation and do harm.”

Cybersecurity firm RedMarlin is also using artificial intelligence to monitor phishing attacks, detecting thousands in recent weeks trying to penetrate office networks and steal corporate data, an increase of 72 percent from January to March. On Tuesday, the group debuted a “threat intel feed” in an attempt to bring the cybersecurity community together to collect and share data on coronavirus scams proliferating online.

According to RedMarlin chief scientist Shashi Prakash, bad online actors are “creating fear” in fake emails that often use terms such as “reset password” or “business continuity” to spark urgency. Scammers are also targeting home workers with fake sites that replicate popular teleconferencing platforms, he said, with domain names that may be off by only one letter.

“We might not understand the implications of people that were phished until months down the line,” said Jason Alafgani, marketing director for RedMarlin.

Experts recommend individual email users use different passwords for different accounts, change passwords regularly, log out of accounts when they are not in use, back-up data on a hard drive, and have up-to-date virus protection software.

And for workers suddenly adjusting to working from a home office, one expert said “a general paranoia of email is healthy.”

“If an email is asking you to do something sensitive, be very skeptical of that and, if possible, use another way in,” said INKY’s Baggett. “Go directly to the website, try not to use email as the only channel to that source.”

What to know about coronavirus:

  • How it started and how to protect yourself: coronavirus explained
  • What to do if you have symptoms: coronavirus symptoms
  • Tracking the spread in the US and Worldwide: coronavirus map
  • Tune into ABC at 1 p.m. ET and ABC News Live at 4 p.m. ET every weekday for special coverage of the novel coronavirus with the full ABC News team, including the latest news, context and analysis.