October is National Cybersecurity Awareness Month, encouraging businesses and individuals to be vigilant during online activities. During times of national hardship, such as the coronavirus outbreak, bad actors increase their fraudulent activities. According to findings by Proofpoint, cybercriminals are seizing on coronavirus fears by using online scams to extract internet users’ personal and financial information. Scams – sent through email, texts or social media – claim to provide coronavirus awareness, sell virus prevention products and/or may ask for donations to a charity. They can often appear to be from a legitimate organization or individual, including a business partner or friend.
National Cyber Security Alliance offers these tips to avoid being a victim of scams:
- Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
- Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
- Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.
Additionally, as more employees are working from home due, NCSA urges companies to establish security policies and guidelines for remote workers and train them on these policies and the company’s expectations. Companies should also have a clear process for reporting any IT issues for remote workers so they know who to turn to for support.
NCSA recommends the following tips for employees working remotely on how they can stay safe online when using company devices:
- Connect to a secure network and use a company-issued Virtual Private Network to access any work accounts. Home routers should be updated to the most current software and secured with a lengthy, unique passphrase. Employees should not be connecting to public WiFi to access work accounts unless using a VPN.
- Separate your network so your company devices are on their own WiFi network, and your personal devices are on their own.
- Keep devices with you at all times or stored in a secure location when not in use. Set auto log-out if you walk away from your computer and forget to log out.
- Limit access to the device you use for work. Only the approved user should use the device (family and friends should not use a work-issued device)
For more information and tips on how to stay safe online, visit NCSA at www.staysafeonline.org.
LEVERAGE partner Pivot Group offers cybersecurity solutions for your credit union.
Please contact your LEVERAGE BDC for additional details:
Karen Frazee karen.frazee@myleverage.com 850.545.4825
Steve Pullara steven.pullara@myleverage.com 813.404.6877
Donnette Logan Donnette.Logan@myleverage.com 205.294.4227
Taylor Sheffield taylor.sheffield@myleverage.com 205.457.4261