Protect your remote work environment from cybercriminals during the COVID-19 pandemic and beyond
With millions of Americans currently working from home and relying more heavily on home technology systems due to the pandemic, cybercriminals are increasing activity to take advantage of this new normal.1 In addition, with stimulus money flowing to individuals and businesses, scammers are targeting an eager population that may more quickly respond to urgent, fraudulent requests. It’s essential that you understand vulnerabilities in your home network and the fraud landscape to help protect your business assets, personal assets, and your family.
Here are four tips for keeping your information safe while working from home.
In a typical corporate environment, the Information Technology (IT) department is responsible for keeping all network devices up to date and secure. At home, the task of downloading and installing security patches falls to you. Any device on your network, from your router to your digital home assistant, could create a security risk. So a good first step is to make a list of all your network devices and periodically check for updates to the firmware, operating systems, and applications on each device.
If a device or application offers password protection, make sure you use it. Your router is a particularly vulnerable device, since it connects your home network to the entire internet. It should have a strong password—and many routers do not come with one.
To make passwords as strong as possible, the U.S. Department of Homeland Security recommends using multi-factor authentication whenever possible, and using different passwords for all your devices and accounts. You should also use the longest password allowed and avoid incorporating personal information that would be easy to guess, such as birth dates or anniversaries.1
If it’s possible to keep your business information on a corporate laptop, that’s the best way to keep your data secure—especially if you use that machine only for work-related matters. If your router allows you to set up a guest network, you can use that feature to keep less-trusted devices on a completely different network from devices that store sensitive business information. And if your employer has preferred vendors for applications such as file-sharing or teleconferencing, use those rather than similar personal accounts.
If you have devices that are used for business and personal tasks, limit sharing as much as possible, especially with children. It’s also a good idea to password-protect any work-related applications if possible, so that an inadvertent click doesn’t expose confidential business information.
Don’t let the comforts or distractions of working from home lull you into letting down your guard. Look out for potential attempts to steal information through official-looking emails containing suspicious links. Be particularly skeptical of requests involving electronic transfers of money or account information, or requests that are highly time-sensitive. If you have any doubt about the authenticity of an email, reach out directly to a known contact at a known phone number before taking any action.
Take action when needed
If you think you’re a victim of a cyberattack, take action immediately. Contact your bank for financial-related issues and your corporate IT department for work-related issues. If you believe your information has been stolen, contact the police for assistance and consider freezing your credit reports going forward.
For more information on cybercrime and additional tips about keeping safe, visit our cybersecurity microsite at www.wilmingtontrust.com/cybersecurity.
Important contact information
To report any suspicious emails appearing to come from Wilmington Trust or M&T Bank, forward them directly to phishing@mtb.com.
If you are ever concerned that your account has been compromised, please contact your advisor or call us directly at:
Wilmington Trust: 1.800.982.4620
M&T: 1.800.724.2440
[1] U.S. Department of Homeland Security, “Creating and Managing Strong Passwords.” https://www.us-cert.gov/ncas/current-activity/2018/03/27/Creating-and-Managing-Strong-Passwords
This content is for informational purposes only and does not constitute legal or other professional advice. As such, this information should not be used as a substitute for consultation with professional, legal or other advisers. Neither M&T Securities, nor any of its affiliates, offers legal or tax advice and, accordingly, nothing presented herein should be deemed or construed to be legal or tax advice.
The information in this article has been obtained from sources believed to be reliable, but its accuracy and completeness are not guaranteed. The opinions, estimates and projections constitute the judgment of Wilmington Trust and are subject to change without notice.
What can we help you with today