The easing of government restrictions on travel and social distancing, coinciding with great weather and the school holidays, has resulted in many individuals eager to jet off to somewhere hot and sunny. So it’s likely that phishing campaigns, malware and cyber security practises aren’t at the forefront of your mind…
However, as cyber security experts, we know that cyber crime doesn’t stop. In fact, cyber security researchers at Carbon Black warn that individuals, as well as organisations, are more likely to be targeted by cyber-criminals during the holiday season, as they prepare for their vacation. So, we want to share our top cyber-security tips with you, in the hope you won’t get cyber-burnt this summer…
Watch Out for Phishing E-mails
Phishing campaigns are undoubtedly the most common form of cyber crime and usually take the form of a scam e-mail, with the aim to distribute malicious links or gain sensitive data such as bank account details.As you can imagine, in the lead up to summer, phishing emails containing tempting holiday offers, great flight deals or even medical and travel insurance are rife.
Remember, if it seems too good to be true, it probably is! Be vigilant if you receive an email that doesn’t quite look right – check the sender address, any grammatical errors and verify any links included by hovering your mouse over the hyperlink to see the full URL.
If you would like more information on how to spot these scam emails, then be sure to have a look at our annotation of a real example of a phishing campaign received and spotted by one of our employees here.
Use a Safe Browser and Search Engine
When you go to book your holiday, it is integral that you book it through a safe and secure website from a trusted company. Ensure that you go directly to the official website of the company – if you are in doubt, the website address should have ‘HTTPS’ included.
Beware of Public WiFi
When travelling, it’s often tempting to use public WiFi – whether you want to share your holiday snaps or make an online purchase, virtual hotspots are so widespread individuals tend to connect to them without a second thought. However, there are multiple risks to connecting to unsecured and unverified WiFi networks. These risks include:
- Man-in-the-middle Attacks
These attacks are often compared to eavesdropping. When your device makes a connection to the internet, data is sent from your device to the intended website. If there are vulnerabilities in the connection, then cyber criminals are able to enter these transmissions and consequently gain access to your mobile data…
- Un-encrypted Networks
If encryption has not been enabled for the network you are attempting to connect to, then you are unable to protect your data as it gets sent to the wireless router. Unfortunately, there is no way to ensure whether this unknown network has encryption turned on – hence the need to be wary of public WiFi!
- Malicious Hotspots
This is where victims are tricked into connecting to what they think is a legitimate network, usually because of an official sounding name. By connecting to a rogue hotspot, cyber criminals are then able to access your sensitive data.
Sometimes, you may not have any choice but to connect to a public WiFi. If you find yourself in this scenario then we strongly recommend that you set up a Virtual Private Network (VPN). By using a VPN, a secure tunnel is created which encrypts the data sent and received whilst using public WiFi, ensuring your data is safe from prying hackers.
Secure Your Devices
Installing adequate security features on your devices whilst on holiday mitigates the potential consequences if your phone or laptop is perhaps left unattended or stolen. We recommend using original passwords for all accounts – You can use a password manager like LastPass to generate strong passwords, whilst also making sure they’re not repeated on multiple accounts.
We would also strongly advice using Multi-Factor Authentication (MFA), this setting simply requires further proof of the user’s identity rather than just a static password. By turning this feature on, an extra barrier and layer of security is provided. According to Microsoft, MFA can block 99.9% of account compromise attacks. Best of all, this feature is usually free and available for most popular apps.
Don’t Advertise Your Holiday
In the age of Instagram and Facebook it’s become somewhat normal to update your network whilst your away, however, it is becoming increasingly unwise to broadcast where and when you are going on holiday. Not only are you advertising when you are not at home, you are also letting potential hackers know that you may have left sensitive data unsecured.
We recommend posting your holiday experiences online when you return to discourage cyber criminals from targeting you when you are perhaps at your most vulnerable.
Since COVID-19, a large number of the UK workforce are now using their devices in the home and at work. As such, it’s important to ensure your organisation have the right remote access policies in place before holiday season. If you would like more information into how Stripe OLT can help you stay safe and secure, get in touch with one of our experts here and mitigate the risk of a holiday breach.