Wait – it’s probably a scam…!

High profile and extensive breaches of cyber security have us all wondering about how safe our files, computers, and reputations are online, writes Tim Stackpool

you work for a large corporation, it’s likely the security measures already in place on your network are world class – but bear in mind that this doesn’t offer 100 per cent security, particularly if the criminals take advantage of your good and trusting nature, rather than via a relentless sledgeham­mer-type but covert hack.

We’ve recently seen major systems around the world infected and held to ransom by nefarious near-dormant viruses that work their way silently throughout networks before they’re triggered to pounce.

Of course, these clever, but often tiny, bits of code which cause such havoc have to make their way into the system in the first place. One way this happens is by the victim clicking on phoney links or imposter websites that then infect the user’s PC or network.

So, irrespective of whether you work for a large or small organisation, be aware and follow these tips to avoid a world of pain at your workstation:

  • Ensure your work is regularly backed-up and stored elsewhere; either in the cloud or separate storage. If your system is attacked or held to ransom, you can easily reformat your entire machine then re-in­stall all your data from the most recent back-up. It’s not perfect, and will only be as good as your recent back-up, but at least you can thumb your nose at those holding you to ransom – and become one less contributor to their Bitcoin account.
  • If you’re requested to enter login details after clicking on a link in an email, double check whether you’ve been directed to the expected trustworthy login page, rather than a phoney – but almost exact replica – site. Sometimes the web address is almost the same as the trusted one, but, generally the scam becomes obvious after your attempted login on the phoney site fails. The criminals who do this are ‘phishing’ for your login details and, by this time, the bad guys will have your credentials. If this happens, change your real password quick-smart on any sites where your username may also be used with that password (generally, to help stay safe online, try to avoid using the same username and password combination on various sites).
  • Email attachments can also be dangerous. These scams often target office profession­als, masquerading as ‘payment for invoice’ or ‘parcel delivery’ notifications. If the email is unexpected, or not from a known supplier, proceed with caution. Don’t for­get that your trusty supplier themselves could have had their system compromised; passing a virus or ransom threat to their contact list without them knowing.
  • Vulnerabilities exist within operating systems, too. When discovered, suppli­ers – such as Microsoft Windows – often release a ‘patch’ to correct the danger. Your IT department is likely to install these patches as soon as they’re available, but if you work in a smaller business, or from your home office, be sure to install ‘security patches’ as soon as you’re noti­fied. Failing to do so leaves your machine open to hackers.
  • While using the inbuilt security features, such as virus protection and firewalls, is recommended, you may wish to consider further third party security software if your data is particularly sensitive or critical.

Unfortunately, becoming the victim of a scam or virus infection is becoming more of a matter of ‘when’ rather than ‘if’. As such, the best chance of successful recovery comes from being prepared. Knowing your most recent data is safely duplicated elsewhere is the first step. Be vigilant about where you enter your username and password, and keep watch against well meaning emails that may be masking unexpected nasties.

Tim Stackpool
Techno expert Tim is technology writer for Executive PA Magazine. He can be heard on talk radio Australia-wide each week and is a tech presenter speaking at conferences and trade shows about technology’s impact on work and lifestyle