As work from home is the new norm in the COVID-19 era, you’re probably looking to enable remote desktop connections for your off-site staff. Here’s how to do it securely.
having remote access to your workstations’ or servers can enable better
management, right? However, with the current upsurge of hackers, such can be a
pipeline dream. A small security breach, such as the access of your
administrator’s login to your domain controller, can lead to massive losses of
the loss of your company’s intellectual property, the encryption of your files
for ransom purposes, or loss of huge amounts of money through dubious corporate
emails send to your accounting department and books.
In this post, we
look at the different ways you can restrict your RDP to defend it against (all
remote access software such as PC Anywhere, VNC and Teamviewer, among others,
as well as Microsoft’s RDP) attacks. Here we go!
Limit access to your resources
access only from internal addresses coming from your company’s VPN server helps
in preventing the exposure of your RDP connection ports to the public internet.
By doing so, you will reduce the chances of your RDP being attacked.
exposing your ports is the only way out, you can serve your RDP on a
non-standard port number to protect it against simplistic worms that can attack
your network through its ports.
On the flip
side, this method can’t protect your RDP from sophisticated attackers as a
majority of network scanners check all ports for RDP activity.
you will be forced to stay on constant alert regarding any login activities or
network access in your RDP server logs, since an attacker can strike at any
Utilize Multi-Factor Authentication (MFA)
Another way to secure your RDP is to ensure that your remote workers are utilizing another authentication layer (MFA), as we have discussed in this post.
Whitelist allowed IP addresses
To create a list
of allowable addresses that will have access to your workstations, you can
instruct your employees to look up for their IP addresses
and surrender them to your IT personnel. With this list, you can have control
over your resources, for instance, who can access them or not.
you can build a whitelist of allowable IP’s by enabling their subnet, since
dynamic home IP addresses would typically fall within a subnet after a router
reboot or other network maintenance on the client end.
Off late, there
is an increasing trend regarding RDP attacks; therefore, it is essential to
ensure that yours is patched to the current security level to avoid issues.
You can find
more information about securing your RDP in this post.
In case you have more inquiries regarding RDP software or any other thing to do
with it, then ESET has been here for you for over 30 years. We want to assure
you that we will be here to protect your online activities during these
uncertain times, too.
from threats to your security online with an extended trial of our
bit with this technology is that you may have already seen it in action; for
instance, when requesting access to your bank account via your smartphone. In
this case, you must enter the one-time code sent to you in addition to your
password to gain access.
such double authentication processes on all your logins can make it difficult
for scammers to access your accounts even if they compromise your passwords.
That said, you may now want to know which MFA option to use? Well, we take a look at some of the ways you can utilize MFA to bolster the security of your connections when working remotely.
First, the use of a physical token
this technique, you will require a physical device such as a security USB key, a
key fob, or a similar item that will generate a secure code for verification
You’ll mostly be
required to integrate this method if you need access to your cloud-based
applications, online office applications, or corporate office technology. The
YubiKey or Thetis is an example of such a device that you can purchase with
less than US$50.
For convenience purposes, most of these devices are designed tiny; you can carry them in your pant pocket or hang them on a keychain for safety purposes.
2. Use of a mobile phone
Most likely, you
own a smartphone, right?
If yes, you can
use it to boost your MFA security capabilities. For instance, you can download
an authentication app such as Google Authenticator, ESET
Secure Authentication, or Authy for your use.
The only caveat
here is to ensure your source has a reputable security background. This is
informed by the fact that the app is going to reside inside your smartphone,
which is also vulnerable to security threats; therefore, robust security is
required to avoid pre-emptying your security efforts.
on the lookout for spam messages when using your phone as they can trick you
into compromising your accounts.
Fortunately, if you download applications from reputable sources, you can be offered a solution in case you have an issue with the platform itself.
3. Use of Biometrics
single human being shares a fingerprint or retinal scan with another. This
unique feature has been conveniently utilized overtime to provide robust
You can also
utilize the same to secure your connections.
For instance, you can take a picture of your face or scan your
fingerprint using a biometric reader – currently, a common feature in
smartphones or other devices ─, and then
integrate it in your login procedure. These will prevent any other user from
accessing your accounts or private information.
On the flip side,
some folks feel that the technique is somehow creepy; therefore, give it a wide
bath. Besides, it can present a challenge when you need to reset your bio
features if your service provider is hacked.
When scouting for a suitable MFA option for your needs, it is vital to consider one that can easily fit your routine. This stems from the fact that without proper utilization, an MFA option can’t protect you.
MFA technique can allow some side benefits as well. For instance, in the event
of a security breach, you will be notified that your password has been
interfered with; this can enable you to implement mitigation measures. Not only
that, but you also get protected from the would-be attack since the fraudsters
wouldn’t have access to your other factors.
In case you
require a secure authentication application or consultation regarding MFA
options, then ESET has been here for you for over 30 years. We want to assure
you that we will be here to protect your online activities during these
uncertain times, too.
Protect yourself from threats to your security online with an extended trial of our award-winning software.
From malware-laden emails to fake donations, these are some of the most common cons you should watch out for amid this public health crisis
It’s beyond reasonable doubt that the COVID-19 disease has transformed itself into a pandemic that has thrown the world into a tailspin. Panic is palpable than ever before, and as a result, has led to market closures, travel bans, lockdowns, and panic buying.
Unfortunately, cybercriminals are taking advantage of this chaotic situation to defraud the vulnerable. With more than 60,000 deaths witnessed across the globe due to the virus, fraudsters are finding an opportune moment for launching their fraudulent campaigns, usually disguised as humanitarian interventions.
Therefore, the big question is, how do you sniff potential scammers a mile away? Fret not, in this post, we share some of the common despicable tactics (as identified by the ESET research team) that are currently being used by scammers to defraud innocent souls.
To appear as
convincing as possible, the current retinue of scammers have resorted to
impersonating authoritative sources, especially those concerned with
disseminating news regarding the virus. Such include the world health
organization (WHO) among many other firms.
As such, they will send you emails purporting to come from these sources that contain “vital information” regarding the disease to hoodwink you into clicking on their malicious links. Usually, such links may steal your personal information, install malware on your machine, or try to capture your password and login credentials.
Nevertheless, the good thing is that most of these organizations are aware of such fraudulent activities. And in a bid to end them, have come to the open regarding the issue. For instance, the WHO, on its website, offers advice on how it communicates and also elaborates on what to expect from their official emails.
As an example,
one of the significant points reads:
the sender has an email address such as ‘firstname.lastname@example.org’. If there is anything
other than ‘who.int’ after the ‘@’ symbol, this sender is not from WHO. WHO
does not send emails from addresses ending in ‘@who.com’, ‘@who.org,’ or
‘@who-safety.org,’ for example.”
What’s more, the organization advises that all its web content starts with https://www.who.int/ only, no other domain is used. Therefore, be sure to check on the URL of the email sent to you before clicking on it. If in doubt, input the address directly onto your browser to get the results. Most importantly, the WHO cannot start sending you emails without your subscription or prompt.
Alternatively, you can get real information from your usual trusted sources, but not from unsolicited emails.
In another case (as shown in the image below), the fraudsters are trying to impersonate the wall street journal by establishing a visually similar site (phishing site).
From the image,
you can notice that the URL starts with ‘worldstreet’ while the wording on the
webpage indicates ‘world street,’ which is a red flag.
By creating such a site, they trick people into believing that they are the real wall street journal, therefore gain some revenue from the advertisements placed there. Though the site may not track your credentials, the money generated goes to the wrong hands.
2. Appeal for donation
In another attempt to outsmart the would-be victims, cybercriminals are now packaging themselves as “genuine souls” out there to help in the war against the virus. For instance, in a recent scam, fraudsters were attempting to persuade their audience to contribute towards the development of a vaccine for children in China.
An interesting fact about this example is that the perpetrators are riding on the popularity of an existing campaign by re-purposing its content with Coronavirus details. In another 2019 publication, we talked about how criminals were threatening their victims in an attempt to extort money from them.
Often, such corona themed scams will request you to send your donations in the form of bitcoins to a particular fraudster’s wallet. Though the trick might work on a few people, if done on a global scale can rake in colossal sums of money, which makes it attractive to the criminals.
3. Dubious purchases
The increasing demand for particular products such as face masks and hand sanitizers due to the pandemic has resulted in their short supply. Naturally, this has attracted fraudsters who, according to Sky News, have conned around £800,000 (US$1 million) from United Kingdom residents within February alone.
In an attempt to
steal your money, the fraudsters will send you spam emails purporting to help
you secure face masks. In case you unwittingly click on the provided links,
your financial and personal credentials will be revealed to the fraudsters.
Therefore, you should always be on the lookout for such claims, and only purchase such items from a trusted dealer.
examples of a few tactics currently being used by cybercriminals in their
attempts of defrauding people their hard-earned money as a result of the
current confusion brought about the COVID-19 stalemate.
Thus, as a
business or individual, you need to remain vigilant regarding such antics, not
only during such emergencies but also during other times.
As a way of
minimizing your chances of falling victim to such schemes, you can always
practice some of the following basics:
Be worrisome of emails
containing alarming messages regarding the pandemic and the need for immediate
action; for instance, ordering for a vaccine or cure via the provided links.
Avoid replying to unknown
messages requiring your credentials; for example, those needing your bank
details and identification number, among other sensitive information.
Be proactive at identifying
potential crowd-funding or fraudulent campaigns.