Working From Home has the Unfortunate Side Effect of Increased Cyber Risk.

Home users are more vulnerable to social engineering attacks, as you have less support and advice from others. e.g. you can't just ask the person next to you, or might be less inclined to just reach out to your IT help desk and ask them.

In the last month, we've already seen a dramatic increase in phishing emails, SMS messages, and even phone calls, and our own help desk has seen a subsequent increase in tickets from our clients who have inadvertently clicked on a link they shouldn't have. Thankfully, in all of the reported cases we've seen, no harm was done, as we had certain measures in place to protect them.

However, it's important to note that even though we constantly have our clients' security in our best interest, and are always working hard to improve their Cyber fitness, we can never protect them 100%. This is why social engineering is so effective, and so dangerous because unfortunately people can be manipulated or tricked, or they just simply make mistakes.

We're only human.

Over the last few weeks in self-isolation, it's encouraging to see the humanity of people shining through. For many, they are more connected to each other now than ever. Social media is alight with community groups sharing ideas, laughs, conversations, funny memes, videos, and let's not forget, fun quizzes that let you share a bit about yourself online.

Whilst these quizzes seem harmless, and may even originate from good intent, they are a smorgasbord of information for hackers.

You've all seen them e.g.

  • Favourite car

  • Favourite flavour ice cream

  • Person you'd want to be stuck on an island with

  • etc etc.

However, the sad and unfortunate reality is that all this personal information that you're sharing with your social media network is also often the basis of the passwords you use for your online accounts. They also often will be the exact answers to security questions that you've set for sites and services to recover your password.

Xero, for example, forces you to enable multi-factor authentication for your login. However, you can bypass this by answering a few security questions that you've set. And, surprise surprise, you'll find many of these questions and answers in these quizzes making the rounds.

As we always recommend, the best thing you can do is get yourself a password manager. We recommend LastPass. https://bit.ly/2xU1sPf

Not only can you reset all your passwords to be unique random and secure, but you can also store them all in one place, and then you only have to remember one password!

Think of all the headspace you'll free up!

Stay safe everyone!