The work computer has been left in the office? It is an opportunity for stalkers
The coronavirus epidemic caused many employers to close offices and ask their employees to work remotely. SpotTheSpy security experts warn: a work computer that has remained in the office may be a backdoor for cyber-criminals into our social media accounts and mailboxes.
According to the data published by Google in the COVID-19 Community Mobility Report, in the first week of April workplaces saw a significant decrease in traffic compared to pre-epidemic times. Empty offices and unattended computers are a good opportunity for stalkers.
“Employers decided to implement remote work mode on a massive scale and at an express pace. This is a huge technological and organisational challenge, so it should be expected that criminals will try to exploit the potential security gaps that arose as a result of such a haste. It should be emphasised that hackers' targets are not only the company's resources, but also the private ones, which we often forget,” said Ole Brockhuus, founder of SpotTheSpy.
Our safety should be ensured in a situation where the employer has not equipped us with a laptop and we are currently working remotely from our private computer. Most often, this means that a work computer that could also have been used before for private purposes, such as browsing social networking sites or mailbox, is in the office.
“Let us imagine that we have left our laptop at the hotel reception or with new friends. Such a situation, quite rightly, would make us feel uncomfortable. If we do not know whether the employer controls the flow of people in the office in our absence, we are talking now about a similar situation,” said Ole Brockhuus.
SpotTheSpy experts advise on how to protect ourself against a potential attack in three steps. The whole operation can be carried out from a computer or smartphone from home.
1. Check whether someone has been logging in from the office computer during remote work Service providers such as Google or Facebook offer the option of checking your account activity. From your home computer, go to the security settings page and check the login history. Log out of all active sessions and go to the next step.
2. Remove the work computer from the list of trusted devices In the account settings, go to the security-related tab, and then find the tab that allows you to add and remove trusted devices. Remove the work computer and all other computers that you do not intend to use soon from the list.
3. Change the passwords and set a two-factor authentication for the time of your remote work Change the password and set a two-factor authentication for the time of the epidemic. This is an additional security measure for your account. After entering the password as usual, the service provider will ask you, e.g. to enter an additional code, which you will instantly receive in a message sent to your phone. This solution does not have to be as burdensome as it seems. When entering the additional code, you can set the computer as a trusted device. However, when you will try to log in from a different one, the service provider will enforce the two-factor authentication.