Remote workers should be aware of phishing scams

Resources
Daniel Dallmann
Daniel Dallmann
Team Leader, Information Security, Payworks

Daniel has over a decade of experience in security product and service analysis, design and development and is dedicated to continuously evolving Payworks’ security solutions to reflect ever-changing technologies in tandem with industry trends.
Chef d'équipe, sécurité informatique, Payworks

Fort de plus de 10 ans d’expérience dans l’analyse, la conception et le développement de produits et services de sécurité, Daniel se consacre à l’optimisation des solutions de sécurité de Payworks au rythme de l’évolution des technologies et des tendances de l’industrie.

How to recognize phishing and protect yourself


Whether employees are at the office or working from their kitchen table, they’re susceptible to being on the receiving end of one of the most common social engineering tactics. Phishing is a scam where people are manipulated into providing credit card numbers or sensitive personal information (like login credentials) by a bad actor pretending to be a legitimate source (like a colleague, bank or even government institution).

This “wolf in sheep’s clothing” deceives the recipient into not only opening the message but also into clicking on a link or opening a file that can compromise the security of their device and personal or business information. This opens them up to unauthorized purchases, identity theft or the theft of sensitive or proprietary company information.

With many companies choosing to practice social distancing as a result of COVID-19, our work environments have changed to the comforts of home, and we’re relying on digital communication more than ever to stay connected with our colleagues. While working remotely, we need to be mindful that phishing scams still exist regardless of what our work space looks like. In fact, cyber-criminals may look to exploit these uncertain times and unfamiliar work environments. You and your employees can protect yourselves! Here’s how:

Arm your employees with phishing awareness and education

Make sure your team knows the warning signs of a phishing email, like poor spelling and grammar, an implied sense of urgency to complete a task or provide information, appearing to come from someone in a position of authority, limited sender contact information, requests for money or personal information and attachments or links.

They should also slow down and ask themselves if they were expecting this message – does it make sense that the person this message is supposedly from would be sending the message in the first place? If not, the message is likely worth investigating more thoroughly.

Use technology as a safety net

While no anti-virus software can be as effective as applied awareness and education, it’s a great backup!
Many email systems also offer basic security functionality, and can be further configured with additional features or services from third-party vendors.

Keep the lines of internal communication open

Encourage and provide a way for your staff to report suspicious emails.

It’s always better to report an email than to take a potentially devastating risk.

Engage the experts

There are many consulting organizations that focus exclusively on combating the latest evolution of cyber threats and training their clients’ staff to do the same.

We strongly recommend researching and engaging these resources to learn best practices and implement them in your own organization. Proofpoint Inc. is a leader in email security and security awareness training. They have a variety of free tools to help you improve your end-user cyber security awareness, like this phishing identification infographic.

As you mobilize your workforce, we want you to not only stay home but to also stay safe in every aspect.

Interested in a Demo or more info?

We would be more than happy to show you how to get the most from our suite of workforce management solutions. Simply contact your sales representative at sales@payworks.ca  to start the conversation.