Many companies have shifted to working remotely and college students are finishing the semester through online learning. The quick transition and implementation of these new work and learning conditions did not allow for adequate preparation and training of employees and students on awareness of phishing scams and minimizing the risk of a cyber-attack. Hackers and criminals utilize times like this, when individuals and companies are more vulnerable, to carry out organized cyber-attacks.
Cybersecurity firm Check Point announced that over 4,000 domains were registered that contained words such as “corona” or “COVID” from January through early March. These domains are 50% more likely to be malicious than any other domain registered in the same time frame. It is predicted that many of these domains will be used in phishing campaigns. How can you protect yourself, and your company, from this risk?
These suggestions can help protect you and your employees from cyber-attacks:
- Speak with your insurance agent about Cyber Liability insurance and what options are available to cover your organization and employees.
- Be sure to update your Virtual Private Networks (VPNs).
- Provide training and implement protocols to educate and inform employees of the risks. Some recommended protocols for employees or individuals include:
- Update all passwords to a strong combination of upper- and lower-case letters, numbers, and symbols. Avoid common uses such as anniversary dates, names of family or pets, and sequential numbers (123).
- The connection between hackers and a computer is the internet source; disconnect from the internet if you will be away from your computer.
- Do not download free software from untrusted sites.
- Mark suspicious emails as SPAM to keep similar emails out of your inbox.
- Always study the source of a suspicious e-mail, look for minor differences that would otherwise appear normal (missing one letter, one letter added).
- For example, if an e-mail is firstname.lastname@example.org it may read abc@I23.com
- If you receive an e-mail with an attachment that appears unusual, do not reply to the e-mail or open the attachment. Instead, directly contact the individual sending the e-mail to verify its origin.
- Use full-service internet security software and ensure it remains up to date.
- Keep yourself, and employees educated on major security breaches:
- For example, a few days ago the World Health Organization (WHO) put out a warning about phishing attempts from apparent WHO representatives.
- Have a plan in place if you do fall victim.
- If you believe that you, or an employee of your organization, has been a victim of cyber crime, notify the police and financial institutions where you are affiliated. Report identity theft to the Federal Trade Commission. Place fraud alerts on your accounts and obtain credit reports. If you have Cyber Liability insurance, notify your agent.
Remain up to date on security breaches. Remain in contact with your employees and encourage them to report anything suspicious.
Know that we at Seltzer Group Partners remain available to help you with insurance coverage and prevention techniques. Be safe and be vigilant!