Cybersecurity in the times of Coronavirus: Here’s how to stay safe
By Anuj Bhatia
As more people are opting to work from home due to the coronavirus outbreak, they are also coming in the crosshairs of cyber attackers out to make a quick buck. In fact, Cybersecurity researchers are now warning that hackers may target the large workforce forced to work from home in the time of Covid-19. Experts claim to have already seen a steady spike in the number of phishing scams linked to coronavirus, targeting both consumers and industries.
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security’s cyber agency, said malicious cyber crooks may use this opportunity to increase phishing emails targeting teleworkers to steal their usernames and passwords. Meanwhile, the National Cyber Security Centre, UK’s signals intelligence and cybersecurity agency, warned users to avoid clicking on a link to a bad website that could download malware on their PCs.
Use a VPN
The best way to protect your company from cyber attacks is to use a Virtual Private Network (VPN). A VPN is a service that establishes a secure, encrypted connection between your device and a private server. Think of a VPN as an encrypted tunnel for all your internet traffic. But using a VPN has its pros and cons. A VPN promises better security, safe file transfer, remote access, and the maintenance cost is minimal. It has a few downsides, too. For instance, not all VPN services are reliable and trustworthy. You may also face speed issues while using a VPN, especially when a lot of people from the same organisation log in at the same time.
Do not share sensitive passwords
Employers are encouraged to warn their staff on the risks of sharing passwords with anyone within teams or with guests and interns. This will not only create awareness among employees but also minimise the impact of cybercrime in the workspace.
Use two-factor authentication
If possible, turn on two-factor authentication (2FA) on every social media platform, email services and even web services like AWS and WordPress. While the password has been the single factor of authentication, two-factor authentication basically adds a second level of authentication to an account log-in. Sure, it’s slightly inconvenient to enter a six-digit code, but it does have its own advantages. So make sure to enable 2FA when available.
Be aware of phishing emails
Cybercriminals inject malware onto your device when they lure users to click on a link or open an attachment. This is a common tactic to fetch sensitive information such as credit card numbers, Aadhaar number, bank account numbers, passwords, usernames, etc. But you can easily spot phishing emails. However, while working from home you also compromise enterprise security by clicking on such links.
Here are some tips to spot a phishing email:
*Check the sender’s email address and try to verify the domain.
*The email is not addressed to the sender. If the email has the sender’s name, hackers might have your name sourced from unverified data banks.
*Spot grammatical errors.
*Spot red flags before opening the email, like examine the context of the mail.
*If you keep getting the mail from the same email address, inform your colleagues, or employer.
Use anti-virus software
Make sure your work device has antivirus software installed and fully updated. Do thorough research before buying anti-virus software. However, experts warn that anti-virus software won’t be enough to protect against ransomware. Hackers are quick to build malware and they are coming with new ways to attack devices and networks. Check if you can be secured by your company IT security software.
To prevent cyber crooks and hackers from accessing important information from your device, it is recommended to have a sound back-up plan. Store all important files in an external hard drive or save it to the cloud. The best strategy is to backup all the files regularly.
Use more than one email account
There are multiple security benefits to having more than one email address. This comes handy, in case you use multiple services or you have accounts in multiple banks. You should have one email account for login into streaming services (say, Netflix or Amazon Prime Video) and another one for banks. Keep that secondary email account for sensitive information that you don’t want to be compromised. Anyway, email accounts are easy to set up and there’s no limit to how many you can have at a time.
More tips to secure your device/email account from hackers
*Always select a unique password for each email account, using a combination of numbers, letters and case types. If possible, change passwords regularly.
*Only shop online from trusted and reliable sites.
*Ensure your Wi-Fi connection is secure.
*Avoid using public WiFi when possible. If possible use a Mi-Fi router (short for Mobile WiFi ), which is more secure.
*If possible, keep Wi-Fi off when not in use.
*Always visit HTTPS versions of websites. It is easy to spot the HTTPS version of the site. You can tell by the green padlock icon in the upper left corner of the search bar. And be sure to double-check that the certificate is valid or not.
*Buy antivirus software from a genuine retailer; never download or install antivirus software from free sites.
*Hackers are also attacking smartphones, given everyone these days own a mobile device. Data mining through mobile apps has become a major issue. The best way to keep your phone secure is to download apps from Apple and Google Stores. Experts also suggest double-checking the app before downloading.