Protecting your business from online threats
Stay alert to the latest scams taking advantage of this crisis
What are hackers doing during the pandemic and how can you protect yourself?
Businesses have had to make rapid changes to their digital operations to cope with COVID-19, and scammers have seized the opportunity to capitalize on security gaps made in the scramble. Here are a few watchouts to help you anticipate malicious attacks and keep your business secure.
What is phishing?
Cybercriminals often exploit anxiety and kindness by sending phishing emails that install destructive software on a recipient’s computer, or capture sensitive data. Be wary of emails with subjects like “Click to donate for a COVID-19 Cure”, “COVID-19 Tax Refund Deposit”, and “Secure work from home VPN set-up”, and never click a link or download a file without carefully examining it first.
Phishing red flags:
- The address or attachment is not related to the content of the email
- You do not know the sender of an email, or the username and domain name are invalid
- There are typos
- Your antivirus or anti-malware software flags it
- The email tone is urgent
- You were not expecting an attachment from the sender
- The hover-over link URL does not correspond with the sender, or looks odd
Don’t forget your phone
The more technology we use, the more opportunities we create for scammers to access our information. Stay on the lookout for Vishing (Voice/Voicemail scams) and Smishing (Text Message scams), as well as dangerous applications. Recently, cybercriminals have using tactics like falsely reporting locked debit cards and posing as public health agents. So it’s more important than ever to stay vigilant.
- Only download verified apps, and be sure to keep them updated.
- Don’t forget good old-fashioned phone scams. Never reveal sensitive information over the phone without verifying the caller.
Remember that you should never provide personal information over the phone, and that banks always use pre-determined authentication questions to verify identity. Reputable businesses will never ask you for personal information via text message.
Cyber hygiene is key to working safely while remote
Hackers have many objectives. Whether it’s crashing Zoom meetings to amuse themselves, or creating COVID-related websites to spread malware and misinformation, businesses need to be smart about what software, hardware, and websites they use.
1 - Secure your WiFi network
Change both your WiFi password and your router password from their default credentials. Learn more.
2 - Practice password safety
Password protect video meetings and file transfers the same way you’d secure any of your accounts. Strong passwords include a mix of upper and lower-case letters, numbers, and special characters, and are at least 10 to 15 characters. Also, make sure to use unique passwords for your sensitive accounts. And while that may sound like a headache, a password manager can help you remember all your passwords.
3 - Use public hotspots safely
Public wireless networks are useful, but they may not always be secure. Avoid sensitive business transactions on shared networks, or others may be able to capture the data you’re sending.
4 - Multi Factor Authentication (MFA)
Use MFA, also known as two-factor authentication, wherever possible to secure and protect corporate data assets.
5 - Software updates
Ensure all updates and patches are up to date. Many of the more harmful malware attacks take advantage of software vulnerabilities in common applications like operating systems and browsers.
6 - Security Policies
Review your Remote Access and Acceptable Use Policies for employees to ensure your policies cover employees' home computer assets.
Stay on the lookout for malicious websites and misinformation
The digital landscape is always changing, and cyber security impacts are extensive. Keep yourself informed by reading blogs and online news from the official website of trusted sources like the Canadian Centre for Cyber Security, the World Health Organization, and the Government of Canada.
More useful tips for accessing credible sources include:
- Make sure URLs are spelled correctly
- Instead of clicking a link, type the website into your search bar instead
- If you must click a link, first hover your mouse over the link to see where it’s directing you
We’re committed to supporting businesses across Canada as they adapt to the digital landscape. Follow our social accounts for more information on our initiatives, and don’t hesitate to reach out. Wishing you good business and good health.