At a time when remote working has been the new buzzword, and when it has ensured seamless business operations, a lot many times it has come to notice that organisations have faced cyber threats now more than ever. How to sail through such times?
Working from home accounts for people using their home networks, and not getting connected to global servers, the home networks often aren’t really as secure and reliable as security networks. It’s worth mentioning that although consumers today are increasingly aware of cybercrimes, data breaches, and other online threats, the measures they adopt to help protect their online identity are often not adequate.
In an exclusive conversation with Express Computer, Ritesh Chopra, Director Sales and Field Marketing, India & SAARC Countries, tells us how can we prevent such situations. “Recent incidents of data breaches or the phishing emails that are being sent out in the name of banks, seeking personal data, KYC data, and sensitive details such as credit/debit card numbers, have shown yet again that consumers and business owners are at great risk online. Cybercriminals are giving a new twist to old tactics by exploiting the COVID-19 situation to send emails that appear to be sent by government agencies, employers, and organizations like the World Health Organization, but which actually contain dangerous links.
The NortonLifeLock Cyber Security Insights Report (NLCSIR)-2019 reveals that nearly 39% of the Indian respondents that were surveyed have been victims of identity theft that year. The risks in 2020 are greater, given the heightened dependence on digital tools and platforms. The report also suggests that while Indian consumers are indeed concerned about the misuse of personal information, they are happy to share such details if they get something in return.
With “teleworking” becoming the new norm, employees are the front line of their organisation’s information security. Most organisations have robust cybersecurity policies but cyberattacks can still occur on home networks despite all precautions. We need to understand that being cyber safe is a shared responsibility that begins with every individual.”
These seem to be worrisome, and individuals as well as organisations must take this very seriously. Yet what kind of threats are consumers most likely to face and what are some of the key measures they can take to curb this? “Individuals can be vulnerable when using public/private networks, especially when there are no measures in place to help protect their online identity. This is a big concern today, as people continue to work from home using their personal Wi-Fi networks. This new way of working has led to a rise in the number of cyberattacks. Furthermore, there are more instances than before of hackers and cybercriminals targeting individuals and organizations through phishing emails to exploit personal and confidential data.
Given the large amount of misinformation that exists in the public domain, it is essential that users pay attention to the source of information and take measures to help protect themselves against cyberthreats. Consumers can adopt some basic measures to falling prey to cyberattacks.
- Beware of online requests for personal information. A coronavirus-themed email that seeks personal data is likely to be a phishing scam. Legitimate government agencies will not ask for such information. Do not respond such emails.
- Check the email address or link. You can inspect a link by hovering the cursor over the URL to see where it leads. Sometimes, it is obvious the web address is not legitimate. Even otherwise, be careful, because phishers can create malicious links that closely resemble legitimate addresses.
- Phishing emails are unlikely to address you by your name. Greetings like “Dear Sir or Madam” are an indication that email might not be legitimate.
- Avoid emails that urge you to take immediate action. Phishing emails often try to create a false sense of urgency. The goal is to get user to click on a link and divulge personal information. If you receive a suspicious-looking email of this type, delete it.
Under such circumstances, how can personal information be secured and would the use of a VPN (Virtual Private Network) come to aid? “VPN (Virtual Private Network) was initially meant only for enterprise use but is now also available in security solutions for consumers. A VPN creates an encrypted connection between your device and a server controlled by the VPN company. Your traffic travels through the tunnel, hiding it from snoopers on a local network and from your ISP. When your traffic reaches the VPN server, it then exits out to the internet before making the return trip. This does effectively put VPNs in the role of your ISP, in that they can potentially see everything you do online. It’s one of the big concerns about VPNs as an industry.
For example, when you are shopping online, you often see related advertisements pop up on other online platforms even after you have finished browsing through the shopping website. These ads are monitored at the backend by advertisers and various other groups, who have access to data from individual servers. If you do not want your online activities to be tracked, a VPN can mask the IP address and encrypt all data being sent and received online. A VPN can help protect Internet connections not only on desktop and laptops, but mobile devices as well. Handheld devices can be more vulnerable to open networks, as they tend to connect to a wide variety of networks. VPN can help protect your connected devices against rouge Wi-Fi attacks, evil twin attacks, DNS spoofing, ARP spoofing, HTTPs vulnerabilities, and other such online threats.
Having said that, a wrong VPN provider could eavesdrop on your online activity and sensitive information, sell your information on the dark web, to ads agencies, or to intelligence agencies. So, by using a wrong/ poorly secured VPN service you could still be exposing your data. One should avoid using a free VPN as there may be no data privacy.”
If you have an interesting article / experience / case study to share, please get in touch with us at firstname.lastname@example.org