Hackers are taking advantage of workers during this time of self-quarantine and remote working.
Computer hacking and email phishing are on the rise, and hackers are specifically creating facades that mimic information they think you may be interested in (like news and emails from reputable and non-reputable sources regarding coronavirus stimulus checks, the tax deadline extension, coronavirus testing, charities in need, SBA loan programs and more).
Unfortunately, individuals are clicking on things they shouldn’t. Here is what you can do to help protect yourself and your company.
Screen Your Calls
Be leery of callers who are unknown or do not sound like a person you are familiar with, even if it is a phone number or company name you recognize. A telephone number can be spoofed to look like it is coming from a specific company even if the actual caller has nothing to do with that organization. Hang up, or—better yet—don’t answer. If it is valid, the caller will leave a non-threating voicemail.
Perform the “Hover Test”
Hover (place your mouse over) the email address and verify that the later part of the email address is an address you are familiar with. Be careful to notice little things (example: @abc123.com vs. @abcd123.com). Noticing one simple modification can show you are not communicating with who you thought you might be.
Many people and many companies have been scammed by a hacker posing as one of their children or a leader within their company asking them to do something. The name pops up correctly, but if you hover over it the email address, it may not match that person’s actual email address.
Be Careful When Giving Information
Be careful about entering your unique login credentials. Go with the old saying, “trust but verify” before supplying information.
Use Strong Passwords
Use a strong, unique password that is changed frequently (every 30, 60 or 90 days). The more complex a password is, the more time it takes for it to be figured out. Use this as a guideline:
- Use upper- and lower-case letters
- Use numbers and special characters
- Use random numbers and letters rather than actual words
- Use terms or phrases rather than a word
- Use a length longer than eight characters (We recommend 12 characters or longer)
- Never use your birthday, hometown, school or brand name
Educate Your Team
Although many companies have implemented internal controls and security around those controls, during this time when many employees are working remotely, it heightens a company’s responsibilities and concerns related to cybersecurity.
Educating your employees about heightened risks surrounding breaches and phishing attempts can help minimize your risk and perhaps even prevent a crippling data breach from occurring.
Connect with a Technology Advisor
We live in a world where phishing for electronic information, hacking systems and accessing accounts happen all too often, and being out of your normal routine it can be easy to let your guard down.
If you have questions or would like to learn more about how you can protect your company about cybercrime in this unusual season, feel free to connect with your Warren Averett advisor directly or have a member of our team reach out to you.
This article reflects our views at the time this article was written and should be used as reference only. We recommend that you talk to your Warren Averett advisor, or another business advisor, for the most current information or for guidance specific to your organization.