Here are six easy tips to keep charity professionals safe from cyber criminals when working from home
Hackers and cyber criminals love home workers, because their internet connections are often protected by far less effective cyber security measures than people working in offices. But just because you are working from home doesn’t mean you have to be a sitting duck.
Here we offer six easy tips to help you stay secure on Safer Internet Day.
When you connect your home computer to the internet you are opening a door that viruses, trojan horses, worms, ransomware, and other sorts of malware can use to get into your computer.
To stop them walking through that door it’s essential that you have a good endpoint security software package. This is perhaps the most important security measure you can take. As long as you ensure software is up-to-date (most products update automatically), endpoint security should significantly reduce the risk of your computer catching a virus from the internet.
Good endpoint security software includes:
Remember that no endpoint security software is 100% effective, so it doesn’t hurt to double up with another anti-malware product: Malware Bytes Anti-Malware. This highly-regarded security software is unusual in that it can be run at the same time as other endpoint security software products.
When the current lockdown is lifted it may be tempting to get out of the house with your laptop and work in a coffee shop or somewhere else with an internet connection. But public Wi-Fi connections can be very insecure and magnets for hackers, so don’t connect to them blindly.
If you do want to use a public Wi-Fi connection, then you can keep yourself secure by using a VPN to encrypt everything you do as it travels over the public Wi-Fi. Using a VPN costs very little and although it may slow your connection down fractionally this is a sensible price to pay to stay secure.
Good VPN services include:
Cyber criminals love to trick people into downloading malware by getting them to click on links in the phishing emails they send out. So if you receive an email purportedly from your bank telling you to click on a link to verify your account details: don’t click.
Instead, if you think the email is genuine, type any web addresses into your browser yourself rather than clicking on a link. That way you have a chance to decide whether the web address is genuine.
You are probably aware that you should never use the same password on different sites. That’s because if a cyber criminal is able to hack into a site and get your password, the first thing they will do is try the same password on different sites – like you charity’s bank account, or cloud-based services that your charity uses. But remembering many different passwords is difficult.
A password manager can help by remembering all your passwords for you and entering the appropriate one automatically when you visit a particular site.
As well as making it easy for you to use many different passwords, a password manager can also protect you against phishing attacks. That’s because if you inadvertently click on a link in an email (which you shouldn’t) that takes you to a fake version of what looks like, say, your charity’s bank, the password manager will spot that it is a fake and refuse to enter your password.
Good password managers include:
Social engineering attacks often involve someone calling you on the phone and telling you that they are from your internet company or perhaps from Microsoft. They will then spin you some yarn about a non-existent problem and use it as a pretext to ask you for your internet account details or perhaps the password to your email account, so that they can fix it.
The important thing to remember is that Microsoft will never call you on the phone and it is also unlikely that your internet company will call. Neither will ever ask you for confidential information such as passwords, so if they do just hang up. If you really think they are genuine then call the company yourself and ask if they have called you.
It can be tempting to post personal information like your date of birth or pictures of your dog or cat online on social media networks like Facebook. But if you do post this kind of information, remember that cyber criminals can potentially see it very easily.
Why is this relevant? Because many people use personal information like their date of birth or their pet’s name as the answer to a security question in case they forget their password on an account. That makes it easy for a hacker, armed with this information from Facebook or other social media platforms, to change your password and get access to accounts you may use for work.
If you do like to share this sort of personal information then it can be a good idea to invent a different date of birth and pet name to use as answers to security questions for online accounts.