BioCatch is emphasizing the need for good fraud detection tools as social distancing forces many workplaces to transition from the office to the home. The company notes that there has been a dramatic spike in the number of people using Remote Access Tools (RATs) for the first time, especially in countries that have been heavily affected by the coronavirus.
Of course, that trend isn’t all that surprising given the circumstances. BioCatch is simply arguing that companies need to be on the lookout for fraudsters who might try to take advantage of the situation, especially since RATs are popular with cybercriminals. An account’s first use of Remote Access often represents a deviation from the norm, and could point to a Trojan like Trickbot or Dridex, or to a social engineering attack carried out with a platform like LogMeIn.
Thankfully, behavioral biometrics can help distinguish fraudsters from legitimate remote activity. Someone that uses the mouse wheel at work will generally continue to do so when they log in from home, and that is only one of the many metrics that behavioral biometrics software tracks when building a user profile.
According to BioCatch, most of the remote activity observed in the past few days appears to be legitimate. Remote Access is most pronounced in countries like Spain and Canada, which have enforced strict social distancing policies and public closures. The UK, on the other hand, has taken a laxer response to the coronavirus, and has lower rates of Remote Access. That suggests that the uptick in Remote Access reflects a genuine shift in user behavior during a time of crisis.
BioCatch is one of several organizations emphasizing the need to remain vigilant despite the recent disruption. The Electronic Frontier Foundation is advising people to be wary of COVID-19 phishing attacks, while Invixium warns that organizations should not abandon their current biometric security practices.
March 25, 2020 – by Eric Weiss