The following recommendations show how employees can make their home network environment more secure and practice cyber distancing with appropriate behavior to maintain a digital distance between home and work:

Optimizations For The Home Network

Some home network recommendations sound complicated, but they are easy to implement. All users have to do is access the home page of their router. Usually, this information is located on the router itself and the default password. When users enter this information in the navigation bar of their web browser, they are prompted for a username and password. You can then modify the default settings.

• WiFi network SSID not broadcast: If the SSID or network name is broadcast, it means that anyone in the vicinity can pick up the signal and try to access the network.
• Change default passwords: It is recommended to change the administrative password on the router. Sometimes the device already comes with a complex password, but it is even better if only the user knows the password.
• Secure password for WLAN access with WPA2 encryption: A secure password is usually more than 20 characters long and consists of numbers, letters, and symbols.
• Make sure remote access is disabled: This setting allows remote control of the network but also opens a backdoor for hackers. Users should therefore ensure that this setting is deactivated in the configurations. To do this, you can search for the keyword »Remote Access. «
• Updating the Router’s Firmware: Routers generally do not have an automatic update facility, but the firmware must be up-to-date and free of bugs and vulnerabilities. This should be checked approximately every six months.
• IoT devices: IoT devices can cause massive security gaps in the network, especially since many devices are equipped with weak standard credentials and user-defined ports that can inform attackers of their existence. Users should therefore update the password and modify the standard ports. This requires what is known as port forwarding on the router to a new harbor that the user assigns.

Basic Recommendations For Working From Home

• Don’t click on email links and attachments: Email’s primary attack vector for COVID-19 phishing attacks. There has been a massive increase in campaigns that use the pandemic to their advantage.
• Validate links: Users can first move the mouse pointer over links to see which web address they lead to. If you want to check the specified website, it is advisable to enter the web address into the browser instead of calling it up directly from an email.
• Validate email sender: When users receive an email, they should check the full sender address and not just rely on the displayed name.
• VPN: If possible, users should stay connected to their work environment via a VPN. Most organizations already have a VPN for remote work connections, but adding an extra layer of security to your network is also a good idea. Cyber ​​distancing the device and ensuring that all data between the work and home network is sent over an encrypted channel can protect data and company resources.
• Antivirus solution and patches: If employees use their private laptop in the home office for work, it is essential to ensure that it is always up to date and that updates and patches are regularly updated. The installation of an antivirus solution provides additional protection.

With the above essential tips, employees can make their home office much more secure to protect themselves from attacks by cybercriminals.

The post Cyber ​​Distancing – Working Safely From The Home Network appeared first on TechReviewsCorner.

However, there are some things that you can do yourself to help improve your cybersecurity and make your current defenses perform better.

Knowing what methods and devices that cybercriminals use to infiltrate devices and software can make your life easier when it comes to avoiding an attack and protecting yourself. Not opening suspicious links or sending money to people you don’t know when asked to can be relatively easy ways to avoid malware, such as Trojans or viruses, getting into your computer systems. As well as that, here are a few more tips you should follow to protect yourself and your data when online.

You should start to take more responsibility for how you use the internet

You need to be careful of what you download and always make sure that your network is secure. Ensuring you have a secure network stops Advanced Persistent Threats (also known as APTs) from occurring and getting a hold of any data that might be entering or leaving your device.

It’s one of the many reasons why you should never do a money transaction over the internet when using public Wi-Fi, as they are unprotected networks and can be infiltrated by hackers easily. 

You should also change your passwords regularly

This is to stop hackers from gaining access to any accounts you might have that will allow them to get to your sensitive data. Just because your personal cybersecurity is strong, it doesn’t mean to say that the company with whom you’re trusting your data does.

Another thing you can do is invest in multiple security services to keep you safe

Investing in services such as authentication services like nfc systems or in network security services to put up a stronger defense against APTs (which we mentioned before) can help protect your information really well. They put up a more robust layer to boost your security so you are better protected against identity fraud.

Using services such as operational security (or otherwise known as OPSEC) will give additional security to your systems as it will analyze the data entering and leaving your device and processes it to see if it will be useful to a hacker if grouped and analyzed properly to reveal more data about you. 

Final thoughts

While these are not all of the ways you can protect yourself against cybercrime, these methods can be quite easily implemented but can significantly improve your level of protection, and as such should be the first things you consider.

Also Read: The Art Of Cyber Risk Prediction And How To Stay One Step Ahead Of Cyber Attacks

The post Tips On How To Protect Yourself Against Cybercrime appeared first on TechReviewsCorner.

The abbreviation for Business E-Mail Compromise is BEC. An alternative term that is sometimes used is CEO fraud. Business E-Mail Compromise is a fraud method that uses spoofed e-mail or unauthorized access to business e-mail accounts. The cybercriminals send e-mails with business content that appear to come from executives, employees, partners, customers, or service providers. They ask the recipient to take certain actions in their favor. Since the e-mail recipient believes the message is authentic and actually comes from the specified sender, he or she reveals confidential or sensitive data or carries out a business transaction such as a money transfer to a given account. The fraudsters arrive at their criminal target with bogus business correspondence. Potential victims of business e-mail compromise can be companies, organizations or public institutions. BEC is an online threat with great potential for financial damage.

Process and types of business email compromise

In order to impersonate a specific email sender, the criminals use various methods. They use e-mail spoofing to fake identity, use a previously hijacked e-mail account to send messages or forge e-mail signatures. The cyber criminals obtained the information required for this through social engineering , spear phishing , malware or from publicly accessible sources of information and other methods. Authentic-looking e-mails are written on the basis of the inside information and known names of executives, customers, partners or employees. Business E-Mail Compromise is used in different variants. For example, the fake business emails come from:

• from a supplier requesting payment of an outstanding invoice
• by a member of management or the CEO asking an employee to make a payment or provide them with information
• from a customer of the company requesting a pending delivery
• by an employee of a company who sends fake invoices to customers
• by a lawyer or other specially authorized person who requests the disclosure of sensitive data

Typical identifying features of BEC

Typical distinguishing features of business e-mail compromise are:

• E-mail recipients are put under time pressure
• E-mail recipients are requested to maintain confidentiality
• In a departure from the usual processes, it is requested to carry out transactions, transfers, or the release of data
• the transfer account is located abroad
• the financial transaction cannot be precisely assigned to a company process
• the sender uses an unusual address or spelling
• there are spelling mistakes or grammatical errors in the message
• the sender e-mail address or the signature of the message shows slight differences
• the unusual number and date formats are used
• the reply address does not match the sender address

BEC protective measures

Customary protective measures such as searching for malicious file attachments or fraudulent sender addresses are usually ineffective in the case of business e-mail compromise. Rather, employees and managers must be made aware of this type of cyber threat. The typical characteristics of the BEC messages must be conveyed in training courses. A healthy mistrust in dealing with business emails that prompt certain transactions is recommended. If in doubt, it helps to reassure yourself by calling the sender of the message. In order to prevent misuse or the hijacking of business e-mail accounts , strong authentication procedures and multi-factor authentication should be used.

The post What is Business Email Compromise (BEC)? appeared first on TechReviewsCorner.

94 percent of all attacks come via email

For many years, the most necessary vector of incursion thru which cyber criminals assault the IT structures of authorities organizations and corporations has been email. For example, ninety four percentage of all cyber threats that companies blocked in 2019 have been transmitted through malicious emails. In order to be in a position to ward off such attacks, no longer solely worker education however additionally contemporary technical protecting measures are necessary.

However, traditional virus scanners are now not enough: Like all IT, cybercriminals are additionally evolving. They are continuously refining their assault techniques and their malware (malware) in order to come to be even greater successful. Conventional, signature-based antivirus options can’t maintain up with this speedy pace. They consequently do now not provide any superb protection.

Constantly new attacks

Another phenomenon that traditional virus scanners are overwhelmed with is polymorphic malware. While it adjustments some of its look traits independently, its unsafe function, for instance as ransomware, stays unchanged. Six new malware samples (individual variations of malware) are created round the world each and every second. This versatility ability that many assaults in their particular structure solely show up once. In order to guard itself correctly towards this, the malware ought to be detected the place it takes its form: in the enterprise itself.

Sandboxing corresponds to the state of the art for mail security

Sandboxing is one of the most high-quality applied sciences for this and corresponds to the nation of the artwork for mail security. A sandbox is a vicinity remoted from the relaxation of the machine in which the software program can run in a blanketed manner. This permits the conduct of software to be determined except endangering the relaxation of the device environment.

The post How To Protect Yourself Against Email Attacks appeared first on TechReviewsCorner.