“Year-round, the National Cyber Security Alliance encourages everyone to be safe and secure online,” said Kelvin Coleman, NCSA’s Executive Director. “However, during times of national hardship, such as the coronavirus outbreak, bad actors increase their fraudulent activities. As such, we urge everyone to be extra vigilant against online scams, including phishing and malware, that are more prevalent in times like these.”
NCSA offers these tips to avoid being a victim of these scams:
- Don’t reveal personal or financial information in an email. Do not respond to email solicitations for this information. This includes following links sent in email.
- Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
- Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones, and tablets – up to date to reduce risk of infection from malware.
- Establish security policies and guidelines for remote workers. Train them on these policies and the company’s expectations. Companies should also have a clear process for reporting any IT issues for remote workers, so they know who to turn to for support.
ARMOUREYE, LLC recommends the following added tips for employees working remotely on how to stay safe online when using company devices:
Connect to a secure network and use a company VPN. This is especially critical to access any work accounts. Home routers should be updated to the most current software and secured with a lengthy, unique passphrase. Employees should not be connecting to public Wi-Fi to access work accounts unless using a Virtual Private Network.
- Separate your network so your company devices are on their own Wi-Fi network, and your personal devices are on their own.
- Always keep devices with you or stored in a secure location when not in use. Set auto log-out if you walk away from your computer and forget to log out.
- Limit access to the device you use for work. Only the approved user should use the device (family and friends should not use a work-issued device)