Cyber Risk: Protecting Your Family During the Pandemic
JANUARY 19, 2021
The need to protect accounts, home networks and family members from cyber hazards has grown exponentially with the increase in work from home arrangements due to COVID-19. While insurance companies develop new policies and programs to protect consumers, individuals must proactively limit their personal cyber exposures.
Last spring, USI Insurance Services outlined strategies to keep safe while working from home. As we embark on a new year, it’s time to reassess the current situation and consider what cyber safety measures need to be updated. USI personal risk experts recommend the following to help you limit your risk.
Recognize and Avoid Threats From Hackers and Bad Actors
In 2020, USI warned about the malicious threats that were taking advantage of the massive increase in employees working remotely. Threats included interactive maps purporting to track outbreaks of the virus, as well as phishing emails with malware and fake domains. Today, many of these same dangerous conditions still exist.
Clicking on a link in an email from an unfamiliar source remains one of the most common ways to infect your computer with a virus — or to aid a criminal in stealing your personal information or identity. When in doubt, do not click the link. Taking simple steps, such as hovering over the link to identify the actual site you will be directed to, can often reveal that the email is fraudulent. Alternatively, you can close the email and navigate to the website directly to avoid the trap of the email bait.
The latest threats are emails (phishing) or texts (smishing) that offer scheduling access to one of the approved COVID-19 vaccines. The U.S. Centers for Disease Control and Prevention (CDC) will not contact you via email or text, and there are no third parties sanctioned to make these arrangements.
Practice these cyber threat mitigation efforts:
- If you do not recognize the sender, delete the text or email.
- Navigate directly to trusted sources via your web browser (if you’re on your computer, your browser should be protected by antivirus and spyware software that you’ve purchased and installed).
- Be wary of social media offers, articles or links that promise vaccine information, as these can be fraudulent attempts to access your personal information.
- Never provide personal or financial information online or via a telephone solicitation.
- Do not allow your computer to autofill passwords.
- Do not access financial or other personal accounts on public Wi-Fi or on a mobile device.
- For more best practices, download the PDF to view USI’s Cyber Safety Checklist
Conditions have changed very little since the onset of the pandemic — large numbers of employees continue to work remotely, providing an unprecedented opportunity for bad actors to gain access to a trove of confidential data from employers that could include employee and client information. The bad actors’ methods remain largely the same, but they are switching the messaging to the vaccine rollout or protocol changes due to this winter’s surge in COVID-19 cases.
Secure Your Network
If you hope to avoid these threats to your personal information and finances, you should also take security measures to prevent access to your network and Wi-Fi. Simple but practical steps can create enough obstacles to deter hackers.
For starters, change the name of your router — which serves as the gateway to your personal information — to one that does not identify you. For instance, having “[Your Family Name] Network” is a poor choice for a router name, as it identifies your last name to potential hackers. It’s also a bad idea to have the router’s manufacturer in the name (e.g., Linksys, Netgear), as that’s also information perpetrators can use to compromise your network. Your router should also have WPA2 or WPA3 security, as well as a unique password that has a minimum of 12 characters and includes a mix of letters, numbers and symbols.
With the rise of smart devices and the smart home, the connection to appliances or other devices should be separate from the computer on which you store your financial information. Alexa, Xbox, refrigerators and other appliances should connect individually to a guest network (i.e., a separate network from your home network). Reserve the home network for your computer with your financial information saved on it.
Additional loss control measures you can take to secure access to your home Wi-Fi and internet:
- Change the administrator credentials on your network from the factory settings.
- Arrange a guest network for visitors, family, and mobile devices.
- Disable all smart home devices with recording capability when not in use.
- Enable security features offered in any devices, such as PINs, fingerprint and facial recognition.
- Consider using a password management system (e.g., LastPass, DashLane, NordPass).
Your first effort should always be to create obstacles to accessing the gateway into your home computer, and then to design and coordinate additional layers of protection. For more recommendations on cyber security related to COVID-19, please contact your USI personal risk advisor or visit USI’s Public Health Emergencies site.