Cybercriminals are even more opportunistic than usual in their endeavours to exploit individuals and businesses. In the midst of the Covid-19 pandemic, they are creating scams and phishing campaigns that are related to the pandemic. This coupled with the fact employees are forced to work from home poses an immense risk not only to themselves individually but the organisations they are working for remotely.
Ten cyber security tips to follow while working from home.
Covid-19 related attacked - NB
1. A new ransomware dubbed ‘Covidlock’ was spread disguised as a coronavirus tracking app. Analysts observed numerous attempts of delivering malicious payloads including those related to the Covid-19 theme. Avoid installing software and mobile applications related to COVID-19 if possible.
2. Fake coronavirus maps, Security researchers have identified a new campaign where the attackers claim to have a ‘coronavirus map’ that people can download onto their devices. Most of these online Maps contain Malware, avoid these maps unless posted on a reputable site.
3. Be very careful when using Microsoft Teams, Zoom Meetings and Chat, Attackers are attempting to take advantage of Zoom's increasing user base since the COVID-19 outbreak by registering hundreds of new Zoom-themed domains for malicious purposes.
4. Text message scams, reports have been received of COVID-19 themed scam text messages that have a link that claims to direct people to testing facilities. This link is not legitimate and instead may install malicious software on your device that’s designed to steal your personal information, such as banking details
What next? Here are some steps to take:
5. Make sure your Windows updates are current! To check this, right click on the start button then left click on the search tab. In the search tab type in windows update then select windows update settings. Once in the windows update setting menu click check for updates.
6. Make use of anti-virus solutions. Most importantly, ensure these types of software are updated as regularly as possible. Furthermore, run scans on your device as often as possible, including running a scan on any attachments/documents before you open them.
7. Beware of misleading links,URL’s and even App’s, do not trust links or emails that you are not expecting especially once that are enticing you to make some form of payment are exchange of information. Look at the tone or grammar of the emails, generally phishing mails contain an urgent tone with bad grammar. Always ask yourself, would this particular sender generally conduct themselves in this manner? The best way is to pick up the phone and call them. With malicious URL’s if it starts with HTTPS it is secure, if it is HTTP, it is not secure
8. Keep good password hygiene, into day’s cyber threat landscape, it is very easy for hackers to make use of software that will allow them to try many combinations of passwords in a matter of minutes, so create passwords that are complex, change them regularly and ensure that you don’t use the same passwords for multiple accounts. A bad password example would be password123. A good password example would be P@55w0rD!2#.
9. Make use of backups, and preferably cloud based incremental backups.The reason being is that while most people are making use of back-up’s they are not cloud based or incremental. The problem with this is that there are types of malware, typically Ransomware that will lay dormant in your system or device. This means if your backups are not incremental and you are affected by malware, there is a strong chance that you will be restoring your system to a point in time that still has the dormant malware. Another main reason for making use of cloud based back-ups is that there are types of malware that search for back up files on your device and delete them before encrypting your device. So ensuring your back-up files are separate from your device or system, will prevent them from being accessed or deleted.
10. Securing your Home network, you are only as secure as the network you are connected to. It is important to ensure your home Wi-Fi network is secure and protected. The easiest way to achieve this is using a VPN. This will hide your IP address and encrypt all your communications to your company systems.
For more information on the security tips, please contact Cyber Safe Consultants.
Risk management services offered through Cyber Safe Consultants
Camargue in partnership with Cyber Safe Consultants offers a Cyber Vulnerability Scan (CVS) for policyholders, across all product lines, insured through Camargue Underwriting Managers (Pty) Ltd, as well as their independent intermediaries.
Cyber Vulnerability Scan (CVS) - A vulnerability scan is an inspection of the potential weaknesses in the security of a computer network. The CVS only requires the details of your externally facing internet protocol (“IP”) addresses, in order to examine for known vulnerabilities. Therefore it sees only what an outside intruder would see (like your locks, alarm and motion detectors) and tests the perimeter security – with no work required by you. Download our CVS Brochure here. For more information contact Camargue at 011 778 9140 or firstname.lastname@example.org.