The Dangerous Secrets Our Working-From-Home Photos Reveal
Cybercriminals can glean many clues from scrutinizing shots of home offices and webconferences. The Dangerous Secrets Our Working-From-Home Photos Reveal
As more people work from home during the Covid-19 pandemic, they are sharing photos of their online meetings and remote-working setups—and that’s putting their security at risk.
My research into oversharing online shows that people often don’t realize how much personal information they are revealing in photos—images of their houses and hobbies that provide clues about their usernames, passwords and other personal information. And hashtags like #WorkFromHome and #HomeOffice make it convenient for crooks to zero in on photos that contain those details.
While we have yet to see any documented crimes based on photos shared during the pandemic, it is clear the boom in sharing exposes people to all sorts of dangers. The crisis is the perfect background for malicious snooping—because people are stressed and anxious to make any kind of personal connection, even if it is just revealing some small part of their home life.
Let’s look at a few avenues of exposure that put people at risk.
Spotting Your Vital Stats
First, crooks can scour your photos to find personal information that you would never think of sharing, precisely because you know it can turn against you.
Consider a phishing email that claims to be from your bank. It says there is a problem with your account, and you need to log in immediately, using a provided link. To seem believable, the email would need to include your name, birth date and home address.
Now imagine that you had recently published two posts on social media. In one post, you shared a picture of your home-working setup, which displayed—in addition to your MacBook Pro and adorable cat—an Amazon package showing your name and address.
In another post, your colleagues shared a photo from a Zoom conference in which they surprised you with a birthday party. There’s a lovely cake pictured, and it also includes your age. Your friends included the hashtag #Birthday, which means a criminal could figure out your date of birth from looking at when the picture was posted.
Now go back to the phishing email. It has your name, address and birth date. And you click on it.
Criminals also can glean information about your passwords based on photos that are shared online—and are already tempting because of hashtags. It is well-known that passwords are often based on hobbies and names of loved ones and pets. Posting photos of your home office may suggest your interests and hobbies—for instance, Harry Potter books, fishing trophies or posters of your favorite sports team. Similarly, photos that name loved ones or pets can also provide hackers with hints to passwords.
My research shows that hackers may combine these hints with databases of common, or previously breached, passwords to boost their chances of success. For example, if you have Liverpool Football Club posters around your room, criminals might deduce you are a supporter and that your password may contain “liverpool.” By analyzing a list of breached passwords, easily found online, hackers can see that most people who use “liverpool” in their password add a significant numeral after it, such as liverpool11 or liverpool10, the numbers of two popular players.
But people don’t just expose their own secrets when they post home-office photos—they potentially expose their employers’ secrets, too.
My preliminary analysis of photos from the new wave of work-at-home postings has found that people unwittingly reveal images of sensitive internal corporate correspondence and webpages on their screens—a trove of information for criminals.
People can also inadvertently reveal more-complex information, with photos that show technical details about their machines, such as the serial number of a computer. With the right piece of information, a criminal might be able to email an employer’s IT help desk, pretend to be that employee and obtain information that will help them get access to the system or carry out other scams.
Likewise, hackers and corporate competitors might take advantage of photos that show the software companies use.
Awareness of the software means knowing what software platforms to target and what security exploits to prepare. In some cases, the organization is using an outdated version of software, such as Microsoft Windows or Office, that hasn’t been updated to guard against new vulnerabilities.
Crimes such as burglary and theft are also still a serious threat. As individuals post photos of new remote-working setups, they also are including a range of expensive devices, the layout of their homes, and the locations of the nearest windows and doors. In combination with some of the other information mentioned above, this provides burglars with exactly the insight they need to determine what homes to break into, where to find the expensive tech, and how to get in and out.
To keep safe during the pandemic, we need to protect ourselves both in person and online. Cybercriminals are on the lookout!
Researchers Say Ransomware Attacks On The Rise As More People Work From Home
Proofpoint research shows that phishing-based ransomware attacks are on the rise amid the COVID-19 pandemic.
A study published by cybersecurity firm, Proofpoint, shows an increase in email-based phishing attacks used to deliver ransomware over the last few months.
According to the report, first-stage deployments of ransomware are reportedly on the rise and have mostly been targeting the United States, France, Germany, Greece, and Italy.
The attacks appear to be capitalizing on the influx of people now working from home amid the COVID-19 pandemic. Research additionally indicates that the ransom demands are very low compared to the amounts usually seen in these attacks.
Lower Than Average Ransoms
A ransomware application called “Mr. Robot” has mostly targeted people and companies across the U.S. in the past. Findings suggest that this has changed in recent months, however, with home users becoming the main victims of the attack. To reflect the software’s new use case, ransom amounts have dropped as low as $100 in Bitcoin (BTC).
A ransomware known as Avaddon distributed over one million messages in a single week. It too is known to target U.S. companies and individuals.
“24/7 Support” Offered By Avaddon’s Hackers
The hackers behind Avaddon often demand $800 ransom payments in cryptocurrency such as Bitcoin. Interestingly, this particular team provides a “24/7 support” service to its victims which offers them advice on how to pay the ransom and how cryptocurrencies work.
In recent days, Cybersecurity firm Symantec blocked a ransomware attack directed at 30 U.S.-based firms and Fortune 500 companies.