Posted on: 22 January 2021
With the COVID-19 pandemic disrupting so much of the UK, many businesses were forced to respond in order to manage the threat.
Most businesses who relied on IT found remote working to not only be a solution, but a new way of working that offered employees flexibility whilst working from the comfort of their own home, the majority of which can work without their performance being compromised. Because of this, it is looking likely that many workers will be remote for the foreseeable future.
However, these benefits also come with some issues, particularly when it comes to the safety of your workers’ IT equipment, which may no longer be protected by your business’ security systems. Take a look at some of these tips to protect your digital work from cyber criminals.
What are the most common cyber-attacks
As is the case with most crime, the criminals are always one step ahead, developing new ways of stealing money, data or other sensitive information by taking advantage of advances in technology. Take a look at some of these common cyber-threats and what you can do to avoid falling victim to them.
Phishing or vishing
Phishing is when a cyber-criminal will impersonate a trusted person or legitimate company in order to retrieve information from their target. Phishing usually comes in the form of an email, which will look professional and use a familiar name to gain the trust of the victim. The content of the email is designed to instil a feeling of urgency in the victim to stop them thinking clearly, or contain attachments or links to documents such as invoices to seem legitimate.
You can usually spot a fake email from a legitimate company by checking the email address, which will either be a sequence of random numbers and letters, or an @ section that is similar to the company they are impersonating, but slightly more long winded. For example, you may receive a bill from Virgin Media, with the email address as firstname.lastname@example.org, but a fake email may look something like email@example.com.
Vishing, or voice fishing, will employ similar tactics, such as impersonating a trusted person or legitimate company, and this will usually be done over the phone. Vishing has become a prevalent form of cyber-attack, so make sure that your employees know the signs of an attempted vishing attack.
Quiz Question: Which of the following looks like a fake email address?
Carry on reading to find the answer!
Malware is a the term for a computer virus that is disguised as an email attachment, link or program that will infect a computer if they are opened.
This piece of software will usually work in the background, unnoticed, and can steal sensitive data, store passwords, track activity or download personal files.
Brute force attacks
A brute force attack is when the attacker will try to gain access to as many customer profiles as possible using a the same password. This is why it is so important to change passwords regularly and not to use the same passwords across different accounts. If you use the same password across multiple accounts a hacker may gain access to one account, then use those same credentials everywhere else they can think of, eventually gaining access to other accounts.
Take a look at one of our previous articles for more information on how to create the safest passwords.
How to protect remote workers
Protecting your remote workers doesn’t rely on one single solution, but a range of solutions that all work together. Consider implementing some of these into your business to keep remote workers safe.
Behaviour analytics tracking software
This is a piece of software that you can use which tracks the usage of an employee’s behaviour when online, and can detect if there is any abnormal behaviours, such as frequently trying to access encrypted files or transferring large amounts of information or data.
These are the signs that an employee has become the victim of some malware.
Automatic threat detection software
Some computers already have antivirus protection, such as Window Defender, which can scan files and detect malware by running checks in the background.
This can give you an indication as to whether or not your computer has been infected with a virus. However, as we mentioned earlier, cyber-criminals are always one step ahead, and can create viruses that can’t be detected by some antivirus software. That is why it is important that antivirus software is only one cog in the digital safety machine.
Working from home guides and training
Whilst computers are becoming better at detecting threats, one of the best methods of preventing cybercrime is using human intuition.
Cyber training is something that you should ask your team to regularly keep up to date with, as cyber-attacks are still a threat when working from a business premises. However, as COVID-19 has caused a surge in cyber-crime due to perceived easier targets for criminals, give your team the guidance and training to keep your digital world safe.
Quiz answer: firstname.lastname@example.org contains an additional A. We would treat this as the most suspicious.
Cyber insurance with Premierline
It is everyone’s responsibility to ensure strong cyber-security, but with criminals having access to such intricate methods of committing cyber-crimes, you may need some assurances that you are protected in the event of a cyber attack.
At Premierline, we work with Hiscox to provide industry leading cyber insurance, that gives comprehensive protection against a number of cyber and data risks, specifically designed for SME’s.
Source: Zywave Inc.: Employee Well-Being Insights - Preventing Cyber-attacks on Remote Employees
Compare business insurance
The information and tools contained in this guide are of a general informational nature and should not be relied upon as being suitable for any specific set of circumstances. We have used reasonable endeavours to ensure the accuracy and completeness of the contents but the information and tools do not constitute professional advice and must not be relied upon as such. To the extent permitted by law, we do not accept responsibility for any loss which may arise from reliance on the information or tools in our Insight Hub.