Staying alert and vigilant is key to staying safe online in an increasingly unsafe environment. Scammers are employing ever more sophisticated tactics to gain access to your systems. Human error is often a factor at play and that is why it is crucial for all end users to be able to identify when they are targeted and react accordingly.
- Do not ignore updates – your operating system and your antivirus software should be updated regularly/every time they are available. Do not forget your phone/mobile devices as well if you use them for work. Most updates are released to tighten security or prevent known malicious software from accessing your systems and data, so this step is crucial.
- Choose strong passwords, change them regularly. Even the most advance antivirus software cannot do much for you if your password is “pasword123”, or if it is on a “post-it” left on your screen, or if is the name of your dog, which you post about all the time on social media. Passwords that are hard to guess, with more than 12 characters, symbols and numbers are best.
- Do not leave your devices unattended. Set up screen lock at sensible times so no one can access your data even if you are engaged elsewhere unexpectedly.
- Avoid using free or public Wi-Fi as much as possible. If you absolutely have to do it, then make sure you delete the network after that, so your devices do not login automatically again you find yourself in range.
- Do not ignore warnings about pages and websites. Ask us about ad blockers or plugins we can install that will keep these from even loading.
- Keep sensitive data to the minimum on your device/workstation. Make sure that you keep only data that you need at the moment or use on a regular basis synced on your work device. All data not in use should be backed up and deleted from workstations to minimise the impact of any breaches and protect client data and privacy.
- Be suspicions of emails from people you do not know. Double check the name and the domain of the sender email match the person in the signature. Emails from services such as Gmail or Hotmail, but claiming they represent a business or a government body, or ones from domains with spelling errors, should not be responded to. Forward the suspicions emails to us and delete from your device/work station.
- Do not click on links or open attachments when you do not know the sender or you have not requested the document yourself that they are providing.
- Always verify independently. Always type your bank’s URL in the browser yourself (or any other online service you use, such as your accounting software, or government agency such as IRD), and never follow email or website links to access these services. Always look up the contacts details online and never use the contact details in the signature if you have to verify the sender.
- When in doubt, do contact us right away. We are here to help and sort these issues for you. Please forward the suspicious email as soon as you see it or ring our help desk right away if you are worried your system might be at risk. As your IT team, we will look into it and make sure that your network is safe and all necessary precautions are in place. We really need to be aware of these issues and investigate all instances of suspicious behaviour, so do let us know if you have been targeted.
For more information also check: