10 tech safety tips when working from home

Amid all of the physical disruptions that have been caused by the global spread of Covid-19, and with so many people working from home, targeted phishing scams, disinformation campaigns and disruptive cyber attacks have been common during lockdown.

Phishing email attacks related to Covid-19 were up by 600 per cent in quarter 1 (Q1) 2020, according to KnowBe4’s Q1 2020 top-clicked phishing report. During the quarter, simulated phishing tests with an urgent message to check passwords immediately were most popular at 45 per cent. Following this was a coronavirus-related message as the second most popular, at 10 per cent. Social media messages are another area of concern when it comes to phishing. Within the same report, KnowBe4’s top-clicked social media email subjects reveal new login alerts, password resets, and someone may have accessed your account messages are coming onto the radar.

“These scams can steal information, create panic and worsen the economic and social impact of the virus. Individuals in particular should be cognisant of these threats. Remember even if travel and commercial activity are limited during this time, cyberspace remains relatively open for business,” cautions Penny Futter, African Bank’s chief information officer.

She provides the following 10 tips for anyone working from home:

• Be aware of any suspicious emails or other electronic activity that may come across your screens, phones and emails. Do not click on links that look suspicious, or which include requests for sensitive/ private information, unless you are 100 per cent sure you can trust the source. Phishing scams are rife and you need to be especially wary of phishing scams targeting remote workers with sensational or emotional messages. Without your colleagues around, you need to be extra vigilant of both email and phone scams. If you are working remotely for a company, ensure you report any suspicious messages to your IT security team.

• Be aware of disinformation campaigns and hoaxes, particularly on social media. These campaigns can cause confusion, increase public panic, and lead people to overreact or under-react to the virus.

• Your passwords are the key to the kingdom, so guard these closely. Without the company network to protect you, the power now lies squarely in your hands, or your passwords. Make sure your password for each critical site is strong and unique. Check the policy on password managers and use one if allowed.

• Use multi-factor authentication wherever possible. Futter says this means combining your username and password with something that you own, such as a one-time password app on your phone.

• Don’t fall for credential phishing attacks, where scammers trick you into handing over your username and passwords. Best is to not ever click on links asking you to update details. Rather bookmark the sites you frequently visit, or type them manually into the browser.

• Apply all basic security features. Keep your operating system, plug-ins and anti-virus software up to date, and apply security patches when necessary.

• Secure your home Wi-Fi network. There are two basic must-dos to set this up securely: Change your default router password and change the password for your Wi-Fi network. Whatever you do, do not run a Wi-Fi network without a password.

• Keep your work environment private. Keep your home environment safe and ensure nobody is allowed to access your work computer, including your family and kids, if you are working with sensitive information. Others could unintentionally download malicious software or access files they shouldn’t see. Ensure that your work conversations remain private, and check your policy on smart home devices like Alexa or Google Home. If possible also try and avoid printing at home, and if you must, make sure you lock sensitive documents away and shred them before discarding them.

• Use a VPN. Using a virtual private network (or VPN) provides a secure tunnel for all your internet traffic, preventing criminals from intercepting your data. Ask your security team to set one up for you.

• Last but not least, ensure you read your policies. They are there to keep you, the company and its data safe. In turn, this allows you to work in the comfort of your PJs and slippers.

“During this highly challenging time you are your company’s strongest line of defence, so remember to remain super-vigilant,” concludes Futter.