5 Cybersecurity Tips to be Mindful of.
1. Use strong passwords
It’s as important as ever to ensure that all accounts are protected with strong passwords. Unfortunately, many people still use the same password across multiple accounts. This means that all it takes is one compromised password for a criminal to take over all of your accounts. They take leaked usernames and passwords and attempt to log into other online accounts, a tactic called credential stuffing.
Passwords should be unique for every account and should comprise a long string of upper and lower case letters, numbers, and special characters.
2. Secure your home router (when working remote)
Do you know if you changed your router password when it was first installed? Many people didn’t, leaving their home network vulnerable. It’s important to take simple steps to protect your home network to prevent malicious parties having access to connected devices.
Changing your router password is a good first step, but there are other actions you can take. For example, you should make sure firmware updates are installed so that security vulnerabilities can be patched. The encryption should be set to WPA2 or WPA3. Restrict inbound and outbound traffic, use the highest level of encryption available, and switch off WPS. If you need help with this you can reach out to your Internet Service Provider or submit a request using the Technology Help Portal.
3. Back up your data
Data can be lost in a number of ways, including human error, physical damage to hardware, or a cyberattack. Ransomware and other types of malware can wipe entire systems without you having a chance to spot it. Make sure you are putting your work files on One Drive.
4. Lock your device
If you do have to work in a public space, or if you live with people who you can’t share work information with, then it’s important to keep your device secure. Password-locking your device will protect the contents you are working on until a password is entered.
5. Look out for phishing emails and sites
Phishing emails, as well as voicemails (vishing) and text messages (smishing) are used by cybercriminals to “phish” for information. This information is usually used in further schemes such as spear phishing campaigns (targeted phishing attacks), credit card fraud, and account takeover fraud.
With the rise in the number of people working from home due to the coronavirus pandemic, there are plenty of cybercriminals looking to cash in on the trend. It’s highly likely that phishing emails will target remote workers in a bid to steal their personal information or gain access to company information.
To spot a phishing email, check the sender’s email address for spelling errors and look for poor grammar in the subject line and email body. Hover over links to see the URL and don’t click links or attachments unless you trust the sender. If in any doubt, contact the alleged sender using a phone number or email address that you find somewhere other than in the suspicious email.
If you do click a link and end up on a legitimate-looking site, be sure to check its credibility before entering any information. Common signs of a phishing site include lack of an HTTPS padlock symbol (although phishing sites increasingly have SSL certificates), misspelled domain names, poor spelling and grammar, lack of an “about” page, and missing contact information.