While working from home can often be beneficial for both staff and businesses, there are some dangers that often go unaddressed. One thing that can become an issue when staff are working from home is cyber security.
In order to prevent cyber security attacks on both businesses and individuals when working from home, it’s important to first understand what the attacks are and any measures to take if your business is the victim of a cyber attack.
3 Most Common Types Of Cyber Attack
Phishing
What is phishing?
Phishing is like fishing, but unfortunately, you are the fish. Attackers use emails as bait to get you to click links and open attachments that install damaging malware. Be CERTAIN before you open or click. If you are unsure, ask a member of your IT team or IT partner to qualify the link.
How to spot phishing
- It appears urgent
- It looks official (Check email address is correct and falls within the supposed companies true domain)
- The message begins and/or ends with a generic greeting
- It asks for personal information
- Layout, design and language may feel robotic and generally just ‘not right’
Vishing
What is vishing?
Like phishing, but attackers try to get you to click links, open files or tell them personal information over the phone. Remember to verify any suspicious calls by checking information with a second source.
How to spot vishing
- You have never spoken to the person before
- They called you, you didn’t call them
- Their call demands an urgent response
- Their story is that a process has failed and that their request is routine/no big deal
- They claim to be a colleague or work for company that is important (e.g. the bank, delivery provider, customer, partner)
Smishing
What is smishing?
Smishing is like phishing, but over SMS. Don’t click SMS links! (and don’t reply, as sometimes it’s to exploit a premium rate service).
How to combat smishing
- You have never received messages from this number before
- You don’t recognise the number (if shown)
- It uses the name of a well-known brand (e.g Post Office)
- It contains a link and asks you to use it
How to stay cyber-secure while working from home
Do
- Change passwords regularly
- Use strong passcodes on all mobile devices
- Keep web browsers and antivirus patched
- Verify suspicious incidents with secondary sources
- Scrutinise all URLs
- Report incidents to the IT team immediately
- Educate yourself and those around you
- Be sceptical and vigilant
Don’t
- Reuse passwords or use obvious phrases
- Assume you will not be attacked
- Volunteer information to strangers
- Click on unsolicited email attachments and embedded links
- Bypass mobile device encryption
- Plug unknown USB drives into your computer
Keeping your passwords secure
It’s easy to think that if your device or software is password protected, then you’re safe from cyber attacks. However, many users overlook the necessity for unique, complex passwords that are ‘impossible to guess.
On top of often choosing simplistic, easy-to-guess passwords, many users also stick to thesame password for a lengthy amount of time – most typically as it’s easy for them to remember.
How to use password protection to beat the hackers:
- Change passwords regularly
- Don’t use the same password across multiple systems
- Avoid names, places and colours
- The best passwords can’t be found in a dictionary!
It’s also worth noting that the most commonly used passwords are the most easily hacked.
So, with that in mind, stay clear of the below – anybody using ‘password’ as their password
is just asking to be hacked!
The top 10 most easily hacked passwords:
- password
- hello
- cat
- dog
- asdfg
- qwerty
- 12345
- p@55w0rd
- H3110
- P4$$w0rd
Combatting a cyber-attack
If you have experienced a social engineering attack, been infected by malware or believe that confidential information has been compromised, then you must act immediately. Following the below steps will help to reduce the risk and ensure that the negative impact of any potential cyber attack:
- Stop using your computer/device – turn it off immediately
- Alert your local IT team where applicable
- Forward any suspicious content to a known IT support email address
- Await further instructions
Working with a partner that can provide you with cyber security solutions is a great way to help ensure the safety of your business and staff. There are a number of solutions available, so consulting with the experts is a great way to help scope out exactly how to keep you safe.
Cyber attacks can happen to anyone. If you believe that you have been the victim of an attack, then it’s crucial that you raise the alarm to your IT support or external IT partner. The longer that a cyber attack is left without being addressed, the more dangerous it can become.