"Because the system isn’t immediately locked down, the user is unlikely to release that information is being extracted. Now, the cybercriminal can see who you’re working with, emulate your business and identify the more effective ways to target you.”
Cybercriminals are also using geofencing, allowing them to trigger a pre-programmed action when the mobile device enters a certain location.
“Nefarious actors can see what you do and what accounts you have, but who knows how long before they act on what they find---or they may not,” Willett said. “These hackers are less grab and go; instead, their approach is to go in and obtain information before acting on it. They’re using malicious sites to steal data and gather intel, and it’s not unusual that we haven’t heard much about it since they typically don’t do anything right away.”
Willett emphasized employees should not be permitted to access the shop’s private WiFi with a phone they use in public.
“You’re inviting their friends and enemies into the system where you are looking up OEM repair procedures and accessing customers’ personal information," he said. "They can access the shop’s network through their work devices, but they should be using the public WiFi at your operation when they’re on their personal devices.”
Willett warned against two types of sites specifically: “Food sites have always been the worst for nefarious attempts, and right now, everyone is researching new recipes. Also, make sure you are utilizing reliable, secure sites for information on COVID-19 because these can be a watering hole that lead you to dangerous sites.”
Currently, beta testing of risk management tools to block these new aggressive measures are underway.
“Hopefully, we will be able to share some information on those soon, as they become available,” Willett said.