I hate to break it to you, but in addition to worrying about your health, keeping your distance from others, and whether your company is going to survive lockdown, you really need to think about fraud. The current environment of economic upheaval, uncertainty about the future, and the new work from home culture combine to make perfect conditions for fraud.
My focus today is on risks associated with working from home. While a segment of the population worked from home pre-COVID-19, lockdown orders throughout the world forced companies to hastily cobble together arrangements to ensure as many employees as possible had the appropriate hardware, software, and internet access to be productive from home. Management has focused largely on keeping staff productive and in touch with each other. As face-to-face interactions have been restricted, the volume of emails, instant messaging, and video conferences has increased exponentially. Unfortunately, all of the stressors and uncertainties that come along with this pandemic are distractions from people’s normal state of alert against fraud, and they are putting themselves and their companies at risk.
It is extremely important to remind yourselves and your employees to slow down and continue to exercise caution when reading and responding to emails, clicking on links, and opening attachments. Fraudsters are exploiting the chaos associated with the pandemic to launch phishing scams and social engineering attacks against vulnerable targets.
If your company has implemented cybersecurity training for your employees in the past, remind your people of what they have already learned and offer a refresher course to bring the issues to the top of their minds. If you have not ever trained your employees about cybersecurity risks, it is not too late to do so.
At the very least, consider sharing the following pointers:
- Think twice before opening an attachment of any kind in an unsolicited email. This may be an avenue for a fraudster to plant malware on a computer, and ultimately, your network.
- Do not click on a link that has been forwarded in an email. Instead, open your browser and search for the website. Links included in phishing emails will take you to a website that looks authentic, but is simply an imposter site used to gather sensitive information that will later be used to access protected data.
- If you receive an urgent email from someone you know asking you to do something unusual, like transferring money to a new account number, or sharing sensitive payroll information, use an alternate form of communication, such as a phone or video call, to contact that person directly to confirm the request.
We are all distracted right now, and the last thing anyone wants to worry about is losing money or data to fraudsters. For that reason, it is crucial that we continue to be vigilant against these threats, and remind ourselves and our employees to continue to exercise caution in our new work from home lifestyles.
