COVID-19 has seen many businesses continue working from home, or from an office with a reduced team. Although it’s great to see many businesses adapt quickly to these new circumstances and working environments, the COVID-19 crisis has opened up a whole host of opportunities for cyber security. We’re here to help you get the cyber security basics nailed and give you peace of mind from a potential cyber attack.
We have created a set of posters as a useful tool, some of which are previewed below, that you can share with your colleagues or employees as a reminder to be more cyber aware and look out for things that could be the beginning of a cyber attack. If you’d like a full set of these glossy printed A3 posters for your work place for free, let us know by clicking here and we send them out in the post to you.
Email Phishing
Phishing is a cyber attack where the attacker will try and lift user data by pretending to be a trusted company. This can include login credentials and credit card numbers. This is one of the biggest threats circulating at the moment, and they are becoming more believable and more devastating.
Many people are searching for information regarding the pandemic, whether it’s medical, financial or simply food related. The issue is that there is an incredible amount of both accurate and inaccurate information being circulated. This is when cyber criminals take advantage of those people who don’t know the difference.
To prevent being targeted, you should be suspicious of:
- Hyperlinks to websites
- Unofficial “From” addresses
- “Urgent” request threats
- Email attachments
- Requests for sensitive information
- Generic “Dear User” emails
Voice Phishing
Voice phishing is the most human of social engineering scams, making it all more believable. Have you seen the advert by Barclays? This is a perfect example of how fraudsters can use simple conversational elements which we’re used to hearing from trusted establishments and take advantage of that trust. Often the call will be made on a fake ID which is made up to look like it’s coming from a familiar or trustworthy source. Once they have a hold of your personal information like login details & passwords, they can use those details to drain your bank account or commit identity fraud, emphasising why Phishing in particular is a very dangerous type of cyber attack.
During the COVID-19 pandemic, we have seen an increase in calls that are designed to sound like they come from banks, shops and other trusted institute to catch you off guard and share personal information.
If you’re unsure about the person calling you, remember:
- Be aware! Always remember that a legitimate business won’t make an unnecessary request for your personal or financial information. If it sounds wrong, don’t give your details!
- Don’t give in to pressure. If someone is almost forcing you to give them your data or information, just hang up the phone. As above, established businesses will not ask you to do this if you do not wish to.
- Be calm. Some voice phishing scams can make you feel emotional, mostly feeling scared that if you don’t do something then bad things will happen. If this does happen, remain calm and hang up the phone. If you’re still worried about this, call your bank or whichever company the caller claimed to be from and clarify with them to put your mind at ease.
Weak Passwords
Weak passwords are easy for hackers to crack. Security experts say that you should use strong & unique passwords for each of your accounts online. Most people tend to choose a complex password and use it across all of their platforms, however this can leave all of your important information across several accounts vulnerable if a hacker gets hold of said password. Using a unique password for each means other accounts are not at risk.
During this time, more people are online than ever so it’s important to ensure that you are taking care of your personal and businesses accounts by using strong passwords to re-enforce additional security.
Remember that your password should always be:
- Long & complicated
- Upper & lowercase
- Unguessable (for example, don’t use your date of birth)
- Changed regularly
- Two factor authenticated
- Never, ever shared.
On the move
As we know, many businesses have their employees working from home. But do they know that they still need to be just as responsible with data and hardware that is the property of the business?
Make sure your team or employees are aware that the equipment and information they have at home still need to be secured as they would be in the office. Any data taken offsite should be secure and protected.
Leaving your desk
This one is more so aimed at those that are still working from an office. Although your team may have been reduced, it doesn’t mean you should become more lapse on cyber security. When leaving your desk, ensure that your data is secure to avoid undesirables accessing your clients important information when you aren’t around. Don’t leave sensitive information on or around your working area. You can avoid this by storing data securely & disposing of it correctly. Ensuring that your computer and devices are locked when leaving them unattended is a good preventative solution as nobody but you can access the information on the device. Don’t make it easy for cyber criminals to gain private information.
Don’t leave sensitive information unattended
Another one that is more so aimed at those that are still working from an office. When leaving your desk or work area, make sure you remove access to any sensitive documents by locking them away or taking them with you. Remember that leaving documents unattended puts you and the company at risk.
Data protection rules are still applicable, even throughout a worldwide crisis. Leaving documents unattended may be in breach of these new regulations.
