Stay Safe - Take extra care with security when working from home.

Due to the nature of some dark DNA strands of the human genome, unfortunately these days when most people are working from home, it is also a great opportunity for hackers and cybercriminals to take advantage of a golden situation for them like this coronavirus pandemia, when we are all worried for several things like education, economy, health, family, future, etc.

Therefore to maintain everybody safe from cyber-crime, please try follow these recommendations or at least be well aware of them:

1.- Do not facilitate your personal details (like: passport number, credit card details, usernames, passwords, mobile phone numbers) to anybody.

2.- If you are buying online, double check that you are in a secure site (https:// instead of http:// and check that their certificate is validated by the browser), and never facilitate your credit card's PIN number (not even your own bank will ever ask you for this information).

3.- Do not download contents nor documents regarding COVID-19 from unknown websites or from unsolicited email, since some documents (microsoft office, openoffice, PDF) can carry an unwanted malware loaded as a macro, or might be able install malware apps in your mobiles or tablets.

4.- Do not install unofficial apps in your mobile to follow COVID-19 infections or news.

5.- Do not reply to questions from marketing representatives, or technical teams from outside your own company about your technical infrastructure, since it might be undercover phishing to elaborate detailed attacking plans. 

6.- If you have banking apps on your mobile phone, do not use them while connected to an unsecured WiFi like those available in airports, cafes, restaurants, or co-working facilities. Also check regularly your bank account (when on a secure connection) for unrecognized charges, and act quickly if you detect something unusual.

7.- It is safer (and usually a lot faster), to use a network cable connection from our PC/laptop to the router that to use WiFi (we can see this often when using video-conferencing, cable connections even a lot slower than WiFi connections, perform a lot better due to their lower network latency and error rates).

8.- The most elaborate phishing attacks seem to come from people or departments that actually exist in your own company (usually from management or human resources), impersonating their identity to ask us for sensitive data or to perform unusual transactions (the IT department can check if this requests are genuine or have been falsified -spoofed-). This also applies to members of our family and circle of friends, since some virus/malware use the contacts info in our PCs to extract a list of candidates to carry on further attacks and infections. Here common sense applies: if your boss asks for something strange, call him/her directly and confirm the operation requested, or contact with your IT department.

9.- This days there are plenty of fake news & fake facts about COVID-19 going on around chat applications like whatsapp & telegram on our mobiles, so if we are not 100% sure that one of this facts is true, do not pass it on! it usually does more harm than good.

And the most important one:

If you have a doubt regarding the security of a contact/email/application/document/phone call/procedure, do not do anything with it and contact with your IT or Security Department, so they can assist you and help you decide what action to take with the least security impact to you, your family and your company.

Best Regards, and Stay Safe!