Remote working brings a host of cyber security related issues, so it’s important that everyone is aware of the risks and take necessary precautions.
Sadly, our Intelligence team have discovered a number of Coronavirus-related phishing scams. Criminals will be looking to target companies and home workers at this time in the hopes of discovering weakened defences.
Here are our top tips for employees working from home…
When working remotely, emails are an important communication channel. Cyber criminals are leveraging COVID-19 and we have seen attempts to impersonate official health institutions to deliver malware. Do not click on any suspicious attachment or link before checking the legitimacy of the sender. Find out more tips on how to detect phishing scams in our blog here.
Software and updates
Ensure you have comprehensive antivirus installed on any devices you are using for business and keep all software – including your browser – up to date. Software updates are not only about the new features – they usually contain essential patches for security vulnerabilities that could lead to data breaches or cyber attacks. Activate automatic updates on all remote devices to deploy patches as soon as your provider makes new versions available.
If you still feel you can be more productive in a public environment and choose to connect to public wireless networks, always connect to a Virtual Private Network (VPN) before connecting to the Wi-Fi. This will secure all web traffic flowing through your network by encrypting it and routing it via an intermediary server. Encryption and robust management of corporate email is also a must.
Avoid unsecured Wi-Fi networks
An IPass survey revealed that 67% of CIOs believe that most Wi-Fi related security incidents occurred at cafes. Public Wi-Fi can be compromised and your phone may be susceptible to malware and hacking attempts, which allows cyber criminals to access your credit card details or passwords.
Monitor for stolen data
Cyber criminals are constantly siphoning off huge caches of data from companies they have hacked and use it to break into systems or takeover accounts. One of the most common cases is Business Email Compromise (BEC) where an attacker leverages stolen username/password combinations to log into a company email account as the victim. Once they are in, they send fake payment instructions to the person responsible for accounting and make off with sometimes vast sums of cash.
During these tense times, accounting teams may be understaffed, juggling more tasks than usual and executives may be busy with emergency plans and not watching where the money is going. Stay extra vigilant by monitoring if company data is being shared on the dark web.