Becoming a Human Firewall

You are the first line of defense to protect your organization against hackers and malicious cybercriminals. Here are some helpful tips to ensure that you are prepared and vigilant as a “human firewall.”
Make sure your internet connection is secure.
One of the biggest security holes in your home is the internet connection.
• Have I changed the default password and enabled the security settings on my router (the device from my internet provider that allows me to connect to the internet)?
• Am I using virtual private network (VPN) technology, which creates a safe internet connection that shields my online activity from the bad guys every time I am connected to the network?
Always be cautious of hackers’ tricks.
Hackers want to trick you into taking an action that grants them access to your device and your organization’s network. Remember to stop, look, and think before taking any sort of action.
• Does this information I’m about to share really need to be shared?
• Am I suspicious of all unexpected messages and social media connection requests?
• Is this email real or a phishing attack? Phishing emails are disguised to look like they are from familiar contacts or organizations and try to trick you into taking an action like opening an infected attachment or clicking a malicious link.
Proofing against Spoofing
Long before the COVID-19 pandemic, bad guys were spoofing Netflix emails in an attempt to collect your sensitive information. With more and more people looking for at-home entertainment, Netflix has gained over 15 million new subscribers. Cybercriminals are happily taking advantage of this larger audience! Netflix themed phishing attacks can vary from phony email alerts accusing you of non-payment to offering you free streaming access during the pandemic. Both of these strategies include a link that takes you to a fake Netflix page designed to gather your information and deliver it to the bad guys.
These types of scams aren’t limited to Netflix. Other streaming services like Disney+ and Spotify are also being spoofed. Remember that if something seems too good to be true, it probably is.
Never click on a link that you weren’t expecting. Even if it appears to be from a company or service you recognize. When an email asks you to log in to an account or online service, log in to your account through your browser – not by clicking the link in the email. This way, you can ensure you’re logging into the real website and not a phony look-alike.
Know your organization’s policies and procedures.
Making sure you know your organization’s expectations when working from home is critical.
• Have I reviewed the appropriate policies and procedures my organization has in place related to working remotely?
• Do I know who to ask for assistance or clarification of these guidelines?

We hope these tips are helpful today, but also as we gradually return to work at our offices. Stay safe and secure!