Working from home and smart working are the “new normality”. Read all the tips from Victor Insurance Italia to protect your team from cyber risks.
Working from home, smart working and cyber risks: Victor Insurance Italia’s tips to protect yourself
The COVID-19 pandemic has revolutionized our lives, and also the way we work: smart working has become the “new normality” for millions of people around the world. Working from home, however, we became more vulnerable to cyber risks: this sudden change, for which many companies were not prepared, created a perfect scenario for cyber crime threats. It is therefore more important than ever for users to pay the utmost attention, while companies cannot do without cyber risk insurance coverage.
Victor Insurance Italia, part of the largest global reality of Managing General Underwriting, has drawn up a list of the 5 technology scams that are most likely to be encountered, providing as many effective tips to protect themselves.
Scam n.1: Hacker attack
One wrong “click” from a user may be enough to infect the entire company network. In fact, ransomware viruses can cause servers to crash, preventing employees from accessing their computers – unless the company gives in to hackers’ ransom requests. To avoid this unfortunate situation, the main advice is to be careful when surfing, visiting only reliable websites and taking special care of the domain. In fact, fraudsters often imitate the name of known companies, with minor modifications (e.g. Amaz0n.com). Also, before entering any private information, make sure that the website address is secure and encrypted. At the organizational level, in order to mitigate potential attacks on the company network, it is essential to have anti-intrusion, antivirus and anti-theft software, as well as developing regular backup protocols. Finally, always and exclusively connect to secure and protected Wi-Fi networks.
Scam n.2: Phishing
We all happen to receive an email, apparently sent by an authoritative or known recipient. For example, from the public health system, an apparent government office or even a colleague, with a peremptory subject line such as “Important Update” or “Urgent”, and within it a link to an alleged login page, where you are asked to enter sensitive data. Fraudsters’ intrusion techniques are becoming more and more sophisticated and can even go as far as creating emails so convincing that they can mislead us. Therefore, be wary of unexpected e-mails, which are urgent and particularly if they contain attachments and links (which absolutely must never be clicked or downloaded without first ensuring their validity). If you are unsure whether the email was sent by the person or organization to whom it is attributed, we recommend that you contact them directly and check or contact your IT department for a report.
Scam n.3: Smishing
When, instead of e-mail, the scam attempt runs via SMS, it is called “smishing”. Again, the suggestion is to protect yourself by being wary of messages from unknown or suspicious senders. An unexpected SMS asking you to click on a link is most likely an attempt by a malicious person to infect your device or access unauthorized sensitive information. Even in this case, you should not reply to the text message at all but instead delete it immediately.
Scam n.4: Vishing
Attempts at fraud can also come through telephone calls: for example, you may be contacted by fake non-profit or governmental organisations soliciting donations or by individuals who, exploiting the vulnerabilities created by the current economic crisis, offer first aid supplies or a rescue loan. This is a form of fraud called “vishing”: the objective is always the same, pushing the user to reveal financial or personal information. In addition to not sharing any sensitive data, the advice is to hang up immediately and call the organization or charity directly to verify the validity of the call.
Scam n.5: Hacking your email account
Working remotely, you may be tempted, out of haste or carelessness, to write emails from your personal inbox. Which, of course, is not as secure as your company’s through VPN and two-factor or multi-factor authentication. A hacker could then be able to access it and learn about sensitive and confidential information, perhaps referring to customers. In addition to violating company policy, in the event of a claim, you will find yourself without insurance cover: in fact, when faced with a third party liability claim, the insurance company will not be able to provide the insurance.
In this period of generalized smart working, it is necessary to pay even more attention to IT security. Victor’s specialized team reminds companies of the need, in addition to conducting regular security checks and tests on computers and systems, to implement precise plans and protocols to react to the risk of scams and cyber attacks, which cannot ignore the need for adequate IT protection coverage. For users, on the other hand, the advice is to follow simple procedures such as not transmitting professional information on personal devices, disable or turn off voice assistants when they are engaged in business conversations and use secure platforms for video conferencing.