In light of COVID-19 and the world’s current climate, it is more important than ever to take additional precautions against cyber-attacks and data breaches. As more and more employees are working from home, the number of cyber-attacks and data breaches, along with the potential class action lawsuits, have significantly increased over the last several weeks. Many of these cyber-attacks have come through phishing emails, which result in the compromise of the user’s account and computer. The following are few red-flags that businesses and employees should be aware of to guard against an attack and a likely devastating class action lawsuit:
- Receiving an email from a suspicious source (or someone you don¹t know).
- Receiving an unexpected message from a client or someone you know.
- Links in an email that take you to a website with which you have no knowledge or affiliation (you can hover your mouse over the link to determine where the link is pointing to).
- Spoofing popular websites or companies.
- Emails not addressing you by name.
- Short and non-descriptive emails.
- Links to documents/dropboxes that you are not expecting.
- The contents of the email do not make 100% sense, the grammar and usage contained in the email is curiously and abnormally incorrect, or the contents of the writing is inconsistent with the sender’s typical writing style.
- Spoofed emails that appear to be from your company’s employees (it can be rather to spoof your company’s email address, so do not click on links or attachments if you are not sure what they are, even if they appear to be internal senders).
The following are a few suggested security considerations to assist in guarding against an attack or breach:
- Use secure wireless networks.
- Avoid using open public Wi-Fi connections because attackers can very easily take over these networks and monitor all traffic.
- Make sure your home network is password protected.
- Protect your network login password – do not share with anyone or write it down (especially via email).
- Secure your laptop and make sure to keep it locked/logged off when you are not using it/
The foregoing is not intended to provide legal advice or form an attorney-client relationship, or even offer a comprehensive list of ways in which a business can protect itself from a cyber-attack. Therefore, it is important to consult with an IT professional to ensure that all necessary safeguards are in place. And in the event of an attack or a data breach, businesses should immediately consult legal counsel with significant experience handling data breach and class action lawsuits.