How to Stay Protected against Cyber Attacks
Hackers, scammers and fraudsters, oh my! The Internet can be a scary place if your computer network is not cyber-secure.
Just ask Chad White. As Medavie’s Director of Corporate Security, he’s well versed in the dangers that lurk on the web, especially since COVID-19 sent us home to work remotely, outside the secure walls of our “normal” places of work.
Cybercriminals are taking advantage of the vulnerabilities that telework has created, along with our heightened fears and concerns around COVID-19, to rob us of money, steal our identity or swipe the private data we have in our possession.
To help protect you, your employer and your clients from cybercrime, we invited our resident expert on the Internet of things to identify the top risks we face in our current cyber environment and the best ways we can limit those risks.
Here’s what Chad had to say:
Limiting the Risks
How often have you received a suspicious email and didn’t know how to respond?
When cybercriminals go phishing, they’re pretending to be a legitimate organization, friend or associate to get information. (Health records are the most valuable commodity on the black cyber market a market that is now worth a total of $1.3 trillion and growing).
The next time a suspicious email arrives in your inbox, ask yourself these questions before clicking or responding:
• Do I know the sender?
• Was I expecting this email?
• Is there an urgency to act?
• Are there spelling mistakes or are they using my name incorrectly?
• Does the sender’s email address match the expected format of their organization (e.g., email@example.com as opposed to firstname.lastname@example.org.)?
When in doubt, don’t click on anything or respond.
2) Fake Websites
These websites look legit at first glance but upon closer inspection, their intent is to either scam the user or spread malware.
Not sure how to spot fake websites? Here are some things to watch for:
• Find the webpage mentioned in a search engine as opposed to a link
• Is the website from a trusted and reliable source (e.g., Health Canada, CBC, etc.)?
• Does the website address relate in some way to the content?
• Are there spelling mistakes on the page or in the website address?
• Do not submit any information on the page if asked, unless you’re certain it’s legitimate
• Always have anti-malware software installed before even touching the internet
3) Home Network Security
If you’ve been working from home since the outbreak of COVID-19, you’ve likely been inundated with multiple passwords, requirements and policies that, although intended to be helpful, can be quite confusing.
In addition, a lot of us share our home networks with others, particularly family members, but not everyone is security conscious, and that puts us at greater risk of cybercrime.
Here’s some best practices to keep your network out of harm’s way:
• Change the default passwords on everything. Those default passwords are widely known
• Do not broadcast your SSID (the name of your WIFI)
• Never turn off your firewall
• Be very careful with whom you share your network (e.g., friends, neighbors, etc.)
• Make sure that all the systems connected to your network (e.g., phones, laptops, tablets, etc.) use some form of anti-malware protection
• Do not use services that illegally stream or distribute entertainment; they typically open up your network to the world and expose you to risk of cybercrime
• Be on the lookout for suspicious or odd network behaviour like periodic spikes in traffic; you can usually tell something is wrong when everything is taking forever to load
4) Cyber Hygiene
Practicing good cyber hygiene will help to limit your exposure to illegal activity on the Internet and includes the following:
• Avoid logging on as an administrator unless absolutely necessary
• Install anti-malware software and keep it updated
• On a regular basis, patch and update your system (patches are part of essential preventative maintenance necessary to keep machines up-to-date, stable, and safe from malware and other threats)
• Where possible, use multi-factor authentication, such as when the bank texts you to confirm a transfer or log-in
• Stop using short complex passwords; instead, use long simple passphrases
• Encrypt anything that is sensitive before emailing it to another party