With cybercrime on the increase since people started working remotely, it pays to work securely, says Craig Atkins, managing director of computer support company 1-Fix Limited
The dramatic rise of remote working since March due to lockdown has caused a noticeable increase in the activity and targeting of cyber criminals and scammers exploiting the loopholes created by home working.
Regardless of whether you are small travel agency or a larger firm, you and your staff can avoid becoming victims of cybercrime by ensuring you follow good security practices.
Here are some simple tips that you can follow without needing to be an IT guru to ensure you are working as safely as possible.
Make sure you have antivirus software installed and that it is up to date. This may be provided by your company’s IT team, but with many users working from personal devices it is a key thing to check first.
If you do not have antivirus installed, or it is outdated or has expired, you can utilise Windows Defender for free as part of Windows 10.
Mac users – you’re not off hook regardless of the common opinion that Macs do not get viruses. In actual fact, they do. You can download Sophos Home Free antivirus (home.sophos.com) to get your Mac secured.
You should always be on the lookout for spam and phishing emails, but now more so than ever. We have seen a huge increase in spear phishing attacks – essentially scammers pretending to be someone from your company or a supplier or customer – targeting payments and accounting staff.
Never send money to a bank account that you are not familiar with. It might sound obvious, but the common trick is for the fraudster to impersonate being a supplier and send you an email asking you to change their bank details on file and send a copy invoice for payment.
This threat is heightened in the current situation as it is harder to speak to people and verify information, but it is better to be safe than sorry.
Likewise, text and WhatsApp scams are on the rise, using targeted Covid-19 specific messages around rebates, business loans and government and HMRC support.
Always delete anything you do not recognise. And always call your supplier or customer to verify changes in payment information, but don’t call the number in their email signature – use the one on their website or your contact database – as the signature can be altered to provide a number to the scammer rather than to the person you expect to be speaking with.
For anyone working outside of their office environment, it’s crucial to ensure your laptop or home PC is encrypted if you are working with company data.
Encryption is a key part of both the General Data Protection Regulations (GDPR) and Information Commissioners Office (ICO) best practice, and any device holding client records should have encryption enabled to avoid heavy fines if it is stolen or lost.
Windows users can use Bitlocker – a free tool within Windows 10 Professional – or “Device Encryption” in the Home edition of Windows 10.
FileVault is the Mac equivalent, which has been included in the system since 2011 but is not enabled by default.
Just like your PC, you should also use encryption on your email when sending any message containing personally identifiable information (PII).
Encryption is not included as standard in many company email services, so consult with your IT team to see if they have a recommended solution. If they don’t, or you do not have an IT team, then ProtonMail (protonmail.com) is a good option for free, although it is a little basic.
For a service that gives your customers a secure mail portal that is fully branded to your travel agency, take a look at AppRiver E-mail Message Privacy (appriver.com), which also allows you to send documents for e-signature.
This is especially handy when you can’t meet up face to face due to the current conditions.