Not just a pandemic but a breach of security as well.
As we all know since the world has been badly hit by COVID-19, the panic amongst everyone has just increased which has forced e-learning, shopping platforms, businesses, etc. to be shifted completely on the web which is allowing everyone to work remotely from home and also keeping them safe but along with heath, the concern of security breach has taken a rise rapidly which means now that all the data is being transmitted online it can be easily breached as well and can cause harms to no extent.
“At the end of the day, the goals are simple: safety and security. -Jodi Rell
What you are going to read:
The problems the world is facing currently on the world wide web and other networked applications during the current pandemic situations and how to overcome such problems.
Recently the target of all cyber attackers has shifted towards the term corona-virus where the world is under panic and scared with no choice but to sit back at home and work using remote connections and the world wide web along with which they are also curious to know about the corona-virus situations around them due to which they use the search engine and then land upon several websites unknowingly which have certain ads and certain links which is just an advantage taken by the attackers in the public interest of COVID-19 and are playing by the fear and desire to remain safe.
Attackers are running a lot of behind the front phishing and malware campaigns where they are impersonating to be COVID-19 authorities to quickly grab the attention of the user and engage them in a manner which makes them believe everything they are reading and clicking-on is true. With a lot of flow of information going on our mails, we might be exposed to a phishing mail or a site unknowingly which might lead to a breach of security
Since now we are all exposed to do the office work on our home personal network which lacks a strong-secure connection and on our in-house computers on which we have multiple applications with multiple allowances which proves to be insecure as-well.
The question is how do we combat such situations? For which I am going to mention a list of tasks we must follow:
- Every organization’s IT-Department must generate a list of security check for every employee find any loophole in their systems which they need to follow and check if everything on their personal computer/device is the same as prescribed by the company’s checklist and later make all the employees sign a declaration which states that the security check was performed by them.
- It’s most important to ensure that we store sensitive data or information separately from our personal data and personal computer (eg. pen drive). and use only the personal device that was secured followed by the guidelines of the organization or company and make employees aware of dual-factor authentications and other security services which the company or the organization followed by proper training to all the employees to ensure less breach of security and data.
- All communications and data must be sent in an encrypted format.
- All video conferences and meetings must be held on platforms that provide end-to-end encryption.
- To make sure its not a phishing mail or a phishing site we must always check:
To check for a phishing mail:
- The email which we receive might be poorly written.
- Most importantly pay attention to the domain name as it might be miss-spelled but we read it right in our head.
- Make sure the emails have been received from a legitimate public email domain if anything at all.
- Never click on suspicious attachments or links in such emails as they have viruses attached to them.
- The most common phishing emails show a sense of urgency “Pay attention”.
To check for a phishing website:
- Firstly we must check the URL of the website that we are browsing and then the validity of the web address if possible. We must look for a lock symbol in the address bar and make sure our website URL begins with an ‘https://’ or ‘shttp://’. Also, we must pay close attention to the name of the website.
- Judge from the content of the site. If it is an official website the content and every data will seem to be sharply presented and will give a different experience whereas a phishing website even if it is a clone of the original website is going to lag in some way or the other.
- If we have time and its something related to downloading or shopping always check the reviews of the website and decide accordingly.
- Always look for trusted methods of payment on the website if paying online using credit/debit card or internet banking.