As the COVID-19 pandemic unfolds, those working from home are put at risk of being exposed to fraudulent activity. Canadians have lost close to $100 million in reported online scams. Workers must find effective methods to protecting personal financial information.
With the hasty shift to work from home environments, there has been an increase in fraud and identity theft scams. This is because cyber criminals typically capitalize on anxiety and fear to target victims. In particular, the COVID-19 virus is being used as a way to scam unsuspecting victims into opening phishing emails that install malicious software to steal personal and financial information. Other scams are coming in the form of text messages or phone calls, attempting to trick people into divulging sensitive information.
Working from home is also increasing the risk of data breaches to businesses. If an employee is using unsecured WIFI or mobile apps, not properly storing or disposing of confidential information or letting other individuals access their devices, all these factors open opportunities for hackers to pounce on.
Many businesses do not have proper protocols in place regarding data storage and disposal when employees are working from home. Even if your employer does not have a protocol in place, it isn’t too late to start yourself even with basic security steps like never leaving your device unattended.
Businesses need to make security policies ASAP in order to avoid being subject to fraud. Training employees so that they understand how to recognize possible fraud attempts, while helping them remain vigilant is a crucial step.
Here are some tips for keeping secure while working from home:
Making cyber security a priority when working from home is one of the best steps to take against falling victim to a threat. As so many people are feeling overwhelmed and anxious, hackers are counting on people letting data protection practices fall wayside while working from home and are using this opportunity to attack.
Using strong passwords is also one of the best defenses against an attack. Whenever possible, use two-factor authentication to increase your protection.
The variations on phishing scams are endless, however, there are a few popular methods commonly used by cyber criminals.
Often phishing emails will come in the form of a known organization, such as Amazon Prime, with a message that a ‘recent payment failed’ or that ‘credit card billing information needs to be updated.’ These are classic scams, where the email looks legitimate and is trying to create a sense of urgency to trigger the user into responding. Once the link is clicked to update billing information, or whatever the request is, typically the user is directed to a fake website to enter their financial information, which is then captured by the cyber criminals executing the scam.
Emails claiming that someone has purchased a gift card for you are also common. These are crafted to look like they have been sent from a popular retailer, and with many struggling financially from this global crisis, it can be tempting to click on a link to claim a gift card to a grocery or department store. Often, if you hover over the link to display the URL the email is directing you to, you’ll notice that it isn’t the correct URL of the company that the cybercriminal is trying to impersonate.
Periodically cyber criminals try to impersonate a high-level executive or manager within the organization and send emails to employees, urgently requesting sensitive data. An employee may be hesitant to question someone in a senior position, particularly when they are working from home and are not in direct reach of upper management. Employees are advised to never transfer funds or sensitive information via email, as well verify requests from a second channel such as by contacting management.
Other common scams that go undetected during times of crises; false fundraisers. False newsletters that promise to help victims of COVID-19. These messages often contain links or attachments that re-direct users to a malicious website that install malware on their device or steal financial credentials.
Refrain from clicking on anything that is unfamiliar, keep your devices secure and use proper protocols for accessing and storing sensitive information. The last thing that people or businesses need on top of the current disruption is to become victims of a cyber-attack.
If your organization needs secure, end-user support, the team of experts at MBC can help. Contact us today for a free assessment.