With the world switching to digital methods so rapidly in response to COVID-19 and the lockdown, it is important to reiterate just how vital it is for people and businesses to practise safe digital habits.
With digital technology comes cyber threats, and in uncertain times like these, individuals take advantage of those who are vulnerable or not as tech-savvy. We’ve seen examples of people sending emails pretending to have a cure, fake texts claiming to give out Government grants or COVID-19 tax refunds, and impersonations of the World Health Organisation.
Viruses and phishing attempts are nothing new to us, and scammers are always coming up with new ways to phish data. It isn’t just our own personal data that’s at risk, it also puts businesses at risk, who may have hundreds or thousands of records of consumer data that they need to protect.
What security risks are there?
There are plenty of risks out there, and here are some examples of the most well known:
Phishing Attempts
This is the fraudulent attempt at gaining sensitive information from others. Information includes passwords, security information, and bank details. Common attempts are tried over email, with cyber-criminals looking to gain access to your accounts. Methods include impersonating a company over email or SMS or phone to get you to ‘sign in’ or provide information regarding your accounts.
Non-secure website
It is vital that websites use an SSL certificate (Secure Socket Layer) to establish an encrypted connection between the web server and the browser. Using an SSL will result in the URL being prefixed with “HTTPS” rather than the standard “HTTP”, which isn’t secure and leaves information vulnerable and open to attackers.
Computer Worm
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers.
Social Networking
Social networking also poses cyber threats. This is especially scary because hackers can pose as your friends and family, which many people would trust without assuming the worst.
Social media is also a method of sharing your life with your close ones, but if you don’t have the right privacy settings in place, it can be a target to gain crucial information to get into your accounts. They could get information linked to security questions, and even help to guess passwords. Think about how many people use their pets name in their password, and then how many of those people share photos of their pets with their names on their social media.
The Risks to Business
Businesses are at a higher risk because it provides an opportunity for hackers to gain multiple sources of information, rather than just focusing on one person. Hackers attempt to gain this information through phishing and viruses, and if your security isn’t up to standard, it could result in them gaining access to your customer’s data.
A method that’s often used is an impersonation of Microsoft, for which hackers will send an email pretending that a user’s account has been jeopardised and asking them to change their password immediately. This will lead them to a fake website asking them to log in with their details. They then have access to your accounts, it’s as easy as that.
Data breaches can lead to hefty fines and result in a distrust of your business, ruining any consumer loyalty that you once had. Less trust equals fewer customers and a loss of income.
Using your own equipment for work
A lot of people might now find themselves in a position where they’re using their personal equipment for work. It’s important to know the company’s IT policy and to ensure you are being compliant with the policy. Some companies do not allow private equipment to be used with the company’s infrastructure at all, so it will also be worth checking.
If you’re using your device for both work and personal use, you should be careful what you’re browsing online and any attachments or links that you’re opening. If your device has been compromised, it could mean company data has too.
Top tips for staying safe online
Store data safely
Keep sensitive data secure to reduce the risk of it getting into the wrong hands. This includes using a secure cloud service if you need to have your files accessed by more than one person and also using password protection for an extra layer of security.
It is also important to make sure your account password is strong, so people can’t hack into your account and gain access to this information.
Reduce the permissions
Make sure the permissions are set to only those that need access to it. Companies using sites such as SharePoint or Google Drive might have permissions set to everyone in the organisation, which increases the risk of a data breach. Ensure you limit it to only those that need to view the files or information.
Using a VPN
Using a VPN increases our online safety and privacy when surfing the web. When you connect to the network through a VPN, the data is kept secure and encrypted and can help prevent any potential threats.
Avoid public networks
Public wifi is a hotspot for cyber-criminals to gain access to your data. A great threat is ‘Man-in-the-Middle’ attack, which is essentially a form of eavesdropping. Attackers can get between the transmissions between A and B and which can result in capturing sensitive data.
Use an anti-virus
If your computer doesn’t have an anti-virus, you might have a virus that you’re unaware of. Anti-virus software protects your computer and allows you to do full scans of your computer to remove any potential threats.
Firewall
A firewall will monitor and control incoming and outgoing network traffic. It will notify you of any threats when you download files or browse the web so you can feel more secure.
Want to learn more?
The B2W Group offer a fully funded ‘Introduction to Digital Technologies’ qualification to prepare learners for their careers in digital. It is available to those who are currently unemployed, live in the Greater Manchester or South Yorkshire areas and are 16+.
During the qualification, learners will learn IT, Digital and employability skills, which includes potential cyber threats, protecting data and staying safe online.