Friday, April 3, 2020

Cyber safety tips when working from home

By Lori Sussman

Cybercrime has been growing with the increased use of connected technology. Recent events only confirm what we know. We all need to be vigilant when conducting business over the Internet. Hackers are using our coronavirus fears to make their spear-phishing and misinformation campaign more effective. As coronavirus infections surges, hackers are weaponizing information about the COVID-19 virus. They intend to spread malware and disinformation, according to security researchers and the State Department. The US intelligence agencies are showing examples where Russian actors, linked with Moscow through "state proxy websites," have been using "swarms of online, false personas" to spread misinformation about the new coronavirus.

Here are some tips to help you navigate cyberspace safely:

1.   Keep all software up to date.
Turn on automatic system updates for your device.
Make sure your desktop web browser uses automatic security updates.
Keep your web browser plugins like Flash, Java, etc. updated.

2.   Use antivirus (AV) software and keep it up to date. Use antivirus software from trusted vendors and only run one AV tool on your device.

3.   Use firewalls and other home security systems and solutions. A firewall helps screen out hackers, viruses, and other malicious activity that occurs over the Internet and determines what traffic can enter your device.
Windows and Mac OS X comes with firewalls (Windows Firewall and Mac Firewall).
Your router should also have a built-in firewall to prevent attacks on your network.

4.   Use strong passwords and consider a password manager tool.
Adopt user-friendly phrase-like passwords but have at least eight characters and a maximum length of 64 characters.

Don't use the same password twice.

The password should contain at least one lowercase letter, one uppercase letter, one number, and four symbols but not the following &%#@_.

Choose something easy to remember and never leave a password hint out in the open or make it publicly available for hackers to see.

Reset your password when you forget it. But, change it once per year as a good practice.

5.   Use Two-Factor or Multi-Factor Authentication. Two-factor or multi-factor authentication is a service that adds additional layers of security to the standard password method of online identification. Many platforms commonly used like Facebook offer this option.

6.   Learn about Phishing Scams. Everyone needs to be very suspicious of emails, phone calls, and flyers. In a phishing scheme attempt, the attacker poses as someone or something the sender is not to trick the recipient into divulging credentials, clicking a malicious link, or opening an attachment that infects the user's system with malware, trojan, or zero-day vulnerability exploit.

These schemes often lead to a ransomware attack. 90% of ransomware attacks originate from phishing attempts. A few crucial cyber safety tips to remember about phishing schemes include:
Most importantly – don't open an email from people you don't know!

Know which links are safe and which are not – hover over a link to discover where it wants to direct you.

Be suspicious of the emails sent to you in general – look and see where it came from and if there are grammatical errors

Malicious links can come from friends with infected computers. So, be extra careful!

7.   Protect Your Sensitive Personal Identifiable Information (PII). PII is any information that can be used by a cybercriminal to identify or locate you. PII includes information such as name, address, phone numbers, date of birth, Social Security Number, IP address, location details, pet names, or any other physical or digital identity data. In the new "always-on" world of social media, you should be very cautious about the information you include online.

8.   Use Your Mobile Devices Securely. Your mobile device is now a target of more than 1.5 million new incidents of mobile malware. Some quick tips for mobile device security:
Create a complex mobile passcode – not your birthdate or bank PIN

Install apps from trusted sources

Keep your device updated – hackers use vulnerabilities in unpatched older operating systems
Avoid sending PII or sensitive information over text messages or email

Use Find my iPhone or the Android Device Manager to prevent loss or theft
Perform regular mobile backups using iCloud or enabling backup & sync from Android

9.   Backup Your Data Regularly. Follow a simple rule called the 3-2-1 backup rule, where you keep three copies of your data on two different types of media (local and external hard drive) and one copy in an off-site location (cloud storage).

10.   Review Your Online Accounts & Credit Reports Regularly for Changes. With recent events, it's more important than ever for you to safeguard your online accounts and monitor your credit reports. A credit freeze is the most effective way for you to protect your personal credit information from cybercriminals right now. Essentially, it allows you to lock your credit and use a personal identification number (PIN) that only you will know. You can then use this PIN when you need to apply for credit.

No comments:

Post a Comment