While many Americans are worried about their health and livelihood, and the state of the economy during the COVID-19 crisis, they’re not so concerned with protecting their data — but they should be.

Only 31 percent of Americans are concerned about their data security while working remotely amid the COVID-19 outbreak, according to the new 2020 Unisys Security Index, which revealed the results of surveys conducted in March and April 2020 of more than 15,000 consumers across 15 countries.

If your remote workers aren’t concerned about their data security during the coronavirus pandemic, you’ve got a problem, for a couple of reasons.

Cybercriminals are profiting off of fear

With everybody so curious and concerned about COVID-19’s impact on everyday life, cybercriminals are having a field day. They’re taking advantage of the coronavirus pandemic in various ways, one of which is particularly disturbing.

Exploiting human emotion, which some say is the most significant cybersecurity vulnerability of all, malicious actors are deploying COVID-19-related attacks to con targets unsuspectedly. For example, according to the FBI and Secret Services in an April 2020 memo, cybercriminals use COVID-19 as a lure to deploy ransomware, malicious software designed to lock a computer system until the user pays a ransom.

By staying vigilant and informed, remote workers can avoid falling for COVID-19-related cyberattacks. But here’s the thing: Their employers are ultimately responsible for providing the necessary resources and tools to stay up to date on the ever-evolving threat landscape. When employers fail to deliver what’s required of them to protect their employees, cybercriminals win, and employers and their employees lose.

Remote workers at significant risk of cyberattacks

It’s no secret that cybersecurity professionals have been worried about the increase in the number of remote workers during the COVID-19 crisis. One of the main reasons is when employees are working from home, they’re typically working on less secure networks, and cybercriminals know this.

So, looking to take advantage of the situation, cybercriminals have been targeting remote workers specifically for several reasons (including the fact that many employees are refusing to follow basic cybersecurity practices). Remote workers aren’t the only ones to blame for this shift in focus.

Malicious actors attack remote workers by targeting remote desktop protocol (RDP) ports, which allow IT professionals to manage users remotely. When these ports aren’t adequately protected, cybercriminals can infiltrate networks and systems. The lack of protection can allow the installation of malware, including ransomware. To prevent this from happening, cybersecurity professionals should be more mindful of security guidance for remote desktop adoption.

Protecting data during the COVID-19 pandemic should be front of mind for both employees and employers. When it’s not, businesses put themselves at risk, and as a result, cybercriminals profit.