Working From Home

Working From Home in the Times of Coronavirus: Keeping Your PC Secure

COVID-19 has disrupted the way we work. You’re probably working from home right now, as are other so many across the world. And chances are you might continue to for a long time to come. If there is a group of people that is perfectly happy with this state of affairs, it is cybercriminals. They are practically licking their lips at the endless hacking opportunities presented by employees working from home.

Why?

The answer: lack of awareness about cyber threats, especially when working from home.

It is imperative you take the necessary steps to secure yourself from cyberattacks. Think of these steps as a part of your overall cybersecurity hygiene.

1. Believe you will be under attack – always

Cybersecurity requires a change of attitude. Irrespective of whether you are working on your corporate laptops or personal computers, you must change your attitude toward cyberattacks. Believe that you are constantly on cybercriminals’ radar. Understandably, one might think: “But, I am not important. Why would criminals waste their time on me?”

You are wrong.

For cybercriminals, you might be the weakest link in your company’s cybersecurity posture. If they can trick you into taking a wrong step, they can infiltrate your computer. This can act as a backdoor into your organizational network.

Don’t be that weak link. Awareness is the first step towards better cybersecurity hygiene when working from home.

2. Don’t get sucked into a spear phishing attack

In a traditional phishing attack, a single message is sent to numerous people. Cybercriminals depend on the law of averages to hit pay dirt. Spear phishing, however, is a targeted phishing attack aimed at a particular person.

If you are the target of a spear phishing campaign, you will receive a message addressed directly to you. The contents will be personalized. It might appear to be from your system admin asking you to click on a link and enter your credentials and not lose access to corporate resources. Or it could be made to appear as if it is from your boss and asks you to download an attachment loaded with malware. Cybercriminals have many battle-tested tactics for effective spear phishing.

Spear phishing also spoofs important agencies to get your attention. You may receive an email that appears to be from the IRS, for example. Other options include government bodies, NGOs, online marketplaces, and more. Here are a few golden rules that will save you from a spear phishing scam:

  • Check domain name and cross reference domain with the organization’s domain name
  • Check email body for grammar and sentence errors
  • Hover mouse over links in email; if it’s a phishing email, it will generally have a complicated and lengthy root domain
  • Don’t download any attachment unless you are absolutely sure it’s from a trustworthy source
  • If possible, call the sender of the mail
  • Treat every email you receive with suspicion, especially if you weren’t expecting it

3. Maintain browsing hygiene

Even the most conscientious employees feel the need to take a break from their work and browse non-work-related sites. It’s common to visit news sites, social media platforms, music sites, or any other seemingly benign recreational webpage. This is when you have to be on your best behaviour when surfing. Only access trustworthy sites – these are identified with a lock icon before their domain name. Don’t visit sites you shouldn’t be visiting in the first place, such as movie streaming websites, questionable gaming sites, pornographic websites, and other untrustworthy pages. These are the kind of sites that are most likely to infect your computer with malware.

And please do not click on the numerous pop-up ads that stare at you from your screen. You’ll encounter these when you visit trustworthy sites. You never know if these ads will take you to a site that will unleash malware on your computer.

But don’t think it’s just your computer that will be impacted. You are accessing company resources, which means if your computer is infected, criminals can infect your company’s network. This can result in data breaches, and even ransomware attacks.

Conclusion

This is just a start towards great cybersecurity hygiene to stay protected from cyberattacks aimed at your computer. If you are using a personal computer, it is imperative that you deploy comprehensive cybersecurity solutions tailormade for home computers. Don’t develop a false sense of confidence about cybersecurity. You never know when you will be targeted. We’re all worthwhile targets in the eyes of cybercriminals.

Sophos Home Free includes a free 30-day trial of Premium. Plus get an immediate Advanced Malware Removal to thoroughly clean your computer of any current malware infections.

Download Free Edition