The importance of cybersecurity when working from home

Here at Progressive Recruitment, we have always been advocates of strong cybersecurity and are continually undertaking stringent measures to ensure the online safety of not only our employees, but also of our clients and candidates. Whilst we are working from home, we are regularly sending security updates to our employees with the latest recommendations and what to look out for to keep everyone aware and vigilant.

Now more than ever, keeping yourself informed and safe when using the internet is essential.

Cyber attacks - Why have they increased recently?

More businesses than ever before have had to adapt to remote working due to COVID-19, resulting in an even greater reliance on the power of the internet and technology in general.

You may think that, as the world is in quarantine, hackers may slow down – but this couldn’t be further from the truth. In times of economic downfall and uncertainty, Cyber criminals play to people’s anxiety and fear - for them it’s the perfect opportunity to attack vulnerable people.

A worrying aspect of the current wave in cybercrime is the increase in fake COVID-19 websites, which claim to offer treatment and further information regarding the virus but in reality offer cyber criminals the chance to access your personal information.

To help keep consumers safe, Security companies such as Risk IQ have begun to compile comprehensive daily reports which give the main highlights and updates on essential cybercrime data which can further help you keep abreast of the situation.

Another target for hackers has been the popular video conferencing software Zoom.

With an increase in VC due to remote working, cyber criminals, have registered domains using the word ‘’zoom’’ and the "zoom-us-zoom_##########.exe" naming scheme. This naming scheme delivers an attachment which when opened attempts to install unwanted apps or potentially malicious software on your hard drive without you being aware. Global cybersecurity firm Herjavec Group has put together some best practice guidelines to follow when installing Zoom to help avoid you becoming victim to an attack like that. Another option is to use an alternative software such as Microsoft Teams which provides similar functions to that of Zoom.

 

COVID-19 – What to look out for?

Attacks come in a variety of formats, most common are: phishing scams (emails or texts) and malware. According to Google’s Safe Browsing Transparency Report, the figures from March confirm a 350% increase in phishing websites since the start of the year. Now is as important a time as ever to ramp up in terms of cybersecurity, and to be aware of the various threats to your devices which could be coming your way.

 

What exactly are phishing attacks?

Essentially, phishing attacks are a type of fraud which involve the attacker attempting to gain sensitive information from the victim(s) such as credit card details, usernames or passwords. They can be enormously deceptive as the attacker generally disguises oneself as a trustworthy body or reputable organisation in order to build trust. With the rapid growth of the internet use in recent years, it is little wonder that phishing attacks have become more common.

How can you spot them?

It can be hard to remain vigilant in the combat against cybercrime. It is even more difficult when working from home, as you are less likely to sanity check an email with another employee when away from the office.

It’s essential to pay close attention to the emails and messages you are receiving and to the links you are going to. The URL of the page you are visiting is usually the best clue to if a website is genuine or not. Ensure you are only opening emails that come from a trusted source, and avoid all spam. Using a password manager such as LastPass can ensure that you adhere to the latest recommendations in terms of secure passwords which can also help. You should also be using a VPN to keep your information and privacy as safe as possible.

If you’ve opened a message and can’t decide whether it is genuine, here are some things to look out for:

1) Legit companies don’t request your sensitive information via email

2) Usually, legit companies call you by your name

3) Check for the domain email – if it looks wrong, it probably is!

4) Spelling or grammar mistakes? We’d hope a real company can spell!

5) A real company won’t force you to their website

6) Look out for unsolicited attachments

7) Check the URL – does it match the company?

 

Think you’ve received a phishing email - what should you do?

First things first, if you’ve received an email from a person or an organisation you are not sure about, you shouldn’t open it or click on any of the links in it until you have verified the source, and certainly do not open the attachments in such messages.

You can also hover your mouse or cursor over any links until you can see the web address and clarify that it looks legitimate. Do a quick Google search of any of the extracted information to see if anybody has reported it as cybercrime, then report it to your Cyber team so that they can advise your colleagues to look out for similar attacks!

 

What can you do to reduce the chances of an attack?

Our advice would be:

• Change your Wi-Fi administrator’s password from default to a bespoke option with a mix of characters
• Be wary of any pop-up messages from organisations claiming to be the WHO (World Health Organisation) or the CDC (Centre for Disease Control).
• Never hand out personal details over email

 

Are you and your business new to remote working? Interested in hearing more about the importance of cybersecurity in the new normal of working from home? Please don’t hesitate to get in touch to discuss this and any more of your cybersecurity needs.