Don’t take the bait
THE pandemic is accelerating connected devices to enable remote working, telehealth, distance learning and automation. How do you pragmatically live in a digital world with appropriate levels of safety but still not reduce your ability to work? Our guide continues to shed light on crucial actions that aid with you doing just that.
BE AWARE THAT PHYSICAL SECURITY IS A GREATER RISK FOR DATA THEFT
Many people are surprised to find that cyberattacks are often physical as opposed to electronic. In other words, it’s not always some mysterious person hacking into your computer and stealing your data. Instead, it’s more likely that someone will steal your actual computer or smartphone, such as a landlord, a disgruntled employee, janitorial staff, or a shady character on the bus or cab ride home.
If you recall, insiders performed some of the largest cyber thefts of our time – the case with the Edward Snowden leaks as well as the Sony Pictures attack in 2014.
Of course, if you’re running a firm that stores confidential client information and other critical business details, you must first make sure that all computers and servers are locked away so others can’t access them. Also, make sure that if someone does wind up getting access to your computer or your smartphone, that you’re not giving them the keys to the kingdom. In other words, make sure that a third party who finds or steals these devices can’t log in and access your information.
DON’T CLICK LINKS IN EMAILS
So-called phishing attacks are when the perpetrator sends you an email that looks legitimate from an institution you trust, such as your bank or insurance company. You click a link in the email, go to an imposter site that looks identical to the institution’s site, and hand over your username, password, and other authentication information to a bad actor. Those people now have all your login information to that site.
A PHISHING ATTACK CAN TAKE YOU TO A SITE THAT INFECTS YOUR COMPUTER
So how do you prevent this? First, make it a rule to never click on links in emails unless you’re expecting the email. For instance, if your friend texts you and says, “I’m emailing you the funniest cat video!”, then open the email.
However, if you are not expecting the email, type the Internet address directly into the browser’s address bar instead of clicking on it. So, if you receive an email from, say, Chase bank, don’t click on the link. Do this instead: Type chase.com into your address bar yourself and log in from there.
Some companies will train you and your colleagues on how to look for phishing email attacks. For instance, Wombat Security will send your organisation emails and they’ll see who’s clicking on what, and then they’ll give you a report on which employees are not very careful. Such information can be invaluable; it’s better to nip bad habits in the bud and learn from a fake phishing attack before your firm is subject to a real one.
Che-Andre Gordon is a chief solutions architect with over ten years of experience architecting, implementing, and leading software solutions across web, mobile, and desktop environments. He featured in Yahoo News/Finance in over 30+ countries, recognising his contributions towards the Caribbean’s digital footprint.