NASHVILLE, Tenn. (WKRN) — The pandemic forced many employees to set up home work spaces, and even though some have gone back to the office, it seems the days of working from home are here to stay. But with that change comes challenges for online security.

Companies are seeing some benefits from having their employees work from home, like dollars saved on office space and a larger talent pool to hire from. But it’s not all good news, as online attacks are higher than ever.

“When the pandemic started, the bad guys were realizing, oh, this is really big. I mean, we saw like a 240% increase in phishing attacks related to pandemic, they’re capitalizing whatever is the hot thing in the news,” said Weston Morris, Director Global Strategy – Digital Workplace Services at Unisys.

Phishing is when a hacker gets your personal information through your email, a text message or a phone call.

“There’s a few telltale signs of a phishing email. One way is where the email address that the email is allegedly coming from actually doesn’t match the email address that you see when you when you hover your cursor over the address itself,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “We also know that a lot of phishing emails have grammatical mistakes or just look a bit off.”

Experts say the best way to prevent phishing attacks is to educate your employees. “An email might pop up and it’s gotten me, I will admit it,” explained Morris. “Around the time the bonuses are coming around, there was an email that came in on my work computer and it said ‘hey, here’s information on your bonus.’ I just immediately clicked on it and a pop-up occurred and says, ‘Hey, this was a phishing a fake phishing test, you failed.’”

The typical barriers for cybersecurity in the office just aren’t there for those who are working from home, which makes it even easier for bad guys to cause real damage.

“Now you’re working from home, and it’s kind of difficult to make sure you’ve got the right hat on,” said Morris. “Do I have my work hat on or my home hat, I’m allowed to do these things, right, I can install my own software, I can click on links, and now something bad happens. That’s on me. But now, you’re potentially exposing the entire company to something bad happening.”

A new Unisys study shows 58% of Americans admitted in the last year to downloading applications on their corporate gear that they knew was against policy. Other risks for at-home employees: malware and ransomware. Hackers can gain access to your devices through a website you click on or an unwanted pop-up ad.

Easy ways to protect yourself: make sure all your devices are updated, don’t re-use passwords and change default ones. Also try looking for accounts that use multi-factor authentication like a text message.

If you think you have been compromised, Morris said it’s always best to just contact your IT person immediately.

Morris also said he’s seeing trends where companies are penalizing employees who knowingly put the company at risk.