Lots of us are working at home when we’ve never done it before. Beyond contending with pets and kids as coworkers, you also need to be mindful of the security of your home network.
Security starts with you
Humans are often the weak point in any security system. Scammers use social engineering to trick people into sharing confidential or personal information they can use to steal money or identities. They may also fool you into downloading malware that does the job for them.
They use all kinds of techniques for their tricks including:
- Phishing emails and smishing text messages. Even if a message is legitimately from someone you know, the sender’s device could have been compromised by malware that spreads to others in their contact list. Also be aware that cyber criminals have been impersonating both the CDC and WHO in phishing emails and text messages (we already posted a blog with what to watch for). Best practice is to not open attachments or click links about the pandemic you did not request. If you need information from the CDC or WHO, type the URL into your browser to ensure you reach the correct website.
- Phony apps and websites. Scammers are offering information, games, miracle cures, testing kits, and hard-to-find items such as hand sanitizer. If possible, avoid installing any new games or apps during the pandemic – you may want to check your kids’ phones, as many malware-laden games are targeting them. Avoid clicking links in ads and do not enter login or other personal information on websites you do not use regularly, unless it is a site you know is legitimate (be sure to watch for typos in the URL).
- Download it from a legitimate source. Even if you download an app from the Google Play or App Store, research the developer. How long have they been around? What date was the app published? And be sure to read the reviews and check app permissions
- Vishing (voice phishing). Reports of robocalls offering “free” testing kits or air purification services are on the rise. Some calls even impersonate the local health department and claim you have been in contact with someone who has the Coronavirus. Be wary of anyone contacting you to offer anything, free or otherwise, related to the virus. Remember that there is currently no vaccine or publicly available test kit.
- Charity scams. We always see a spike in this type of fraud during any time of crisis. Know how to confirm whether a charity is legitimate before you donate.
Secure your home network
Most of us use Wi-Fi at home to connect to the internet. That means there’s a modem or router in your home that broadcasts the internet through the air, instead of using a wire. Without protections in place, anyone could hijack your network, reconfiguring it for malicious intent. Security experts believe strong administrator passwords and secure configuration settings will reduce the threat.
This video provides overall best practices for securing home Wi-Fi networks: Creating a Cyber Secure Home).
Router tips for non-techies
Not everyone is super tech savvy. We gathered a few tips for those with little-to-no experience configuring routers. Please know that these are not intended to take the place of user manuals or instructions provided by the manufacturer or your Internet service provider.
- Find your router’s IP address; if you don’t know how to do this, see How to Find Your Default Gateway IP Address.
- Use an Ethernet cable to connect directly to the router when you’re configuring settings. That way nobody nearby can intercept your login credentials like they could if you do it over a wireless network.
- This guide includes step-by-step instructions and screenshots on how to access your router’s administration portal: Beginner Geek: How to Configure Your Router.
- For best practices when setting router configuration, see this article: How to Secure Your Wi-Fi Router and Protect Your Home Network.
Use good passwords
We know you’re probably completely sick of hearing this, but we have to say it again. Passwords are the locks on your virtual doors. Use a bad one, or use the same lock for multiple doors, and you’re leaving yourself vulnerable. If creating and remembering unique passwords is a pain, get a password manager.
Keep up to date
The more current your software is, the fewer known vulnerabilities your systems have and the harder it is for attackers to infect them. That is why it is important that your operating systems, applications, and mobile devices are updated and current. Run any updates as soon as you see they’re available.
Don’t share with guests and kids
At work you don’t have to worry about your kids, guests, or other family members using the same computer you’re using. Working at home, however, this becomes a legitimate concern. If you hand over your work device to others—even in your own home—whoever is using it could accidentally delete information, or worse, download something that could infect your device with malware.
Turn off your computer
While working at home, there’s an extra temptation to keep your computer on and ready for action. The downside is that being “always on” renders computers more susceptible to virtual attack. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.
By Vickie Lubner-Webb and Missy Kellor