| VECTOR | WHAT | HOW |
| Public Network | An unsecured public network is a ripe attack vector for black hats. Data in transit will be unencrypted, vulnerable to sniffing, and various MITM attacks like session hijacking. WFH devices on public networks will be high-risk, high-impact targets. Only join password-protected WPA2 or WPA3 networks. | A teen accessing a public network at school or at a cafe may inadvertently expose them to sniffing and packet capture. Vulnerability exposure can lead to infection, and WFH devices are susceptible once on a home network. WFH devices on public networks are susceptible as well. VPN tunneling to corporate network access is rarely foolproof and often gives a false sense of security. When VPN kill switches fail, WFH devices may be temporarily exposed to public network traffic, giving malicious hackers more than enough time to intrude and create back doors. |
| Phishing | Phishing is extremely successful with users uneducated about cybersecurity, and commonly targets youth and teens. WFH users may be educated to detect phishing attempts, yet phishing accounts for most corporate breaches. | When clicked, a link awarding a teen with money or any incentive can fully compromise any device. The teen may forward a compromised link to a WFH device, which in turn infects the corporation. |
| Social Engineering | Social Engineering is a broad term that encompasses all malicious actions targeting humans rather than computers. Social Engineering can be extremely powerful and effective, as it exploits the weakest link in cyber security, humans. | Commonly, teens are catfished into giving out personal details, allowing exploitation of a home network. This channel allows attackers to travel over the network to WFH devices. The malicious actor may then instruct remote workers to undermine their corporation by impersonating a superior. |