Stay smart online

As the COVID-19 situation continues to evolve globally, there has been an increase in criminal and malicious online activity by parties looking to exploit the pandemic situation and prey on individuals and businesses around the world.

GFG Alliance Global Chief Information Technology Officer Darryl Warren says, “now more than ever is a time we need to be on the lookout for phishing and email scams designed to gain access to personal and financial information, business data and assets”. Today many of these attacks are attempts to fool you into giving up your password.

“Our IT teams are continuing to improve our IT security, and some of you will have already seen two-factor authentication (2FA) rolled out as an extra security measure for Office 365. This will be phased in more broadly over the coming months,” Darryl says.

“In addition, we have also added a GFG Alliance logo and a reminder to check the URL to the Office 365 password prompt screen. This provides a visual check that you should be mindful to watch out for.”

“We all have a role to play in being vigilant when it comes to our online activity and communications.”

Here are some tips you can follow to protect yourself at work and at home during this time.

How to spot if an email or text message is phishing?
There are some key things to look for to determine if the text message or email is phishing:

• Read the message carefully, look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and URLs.
• On a PC or laptop, hover your mouse over links to see if the embedded URL is legitimate, but don’t click.
• Google for information such as the sender address or subject line to see if others have reported it as malicious.
• Call the organisation on their official number as it appears on their website (separate to any contact details in the received message) and double-check the details or confirm the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.
• Use sources such as the organisation’s mobile phone app, website or social media page to verify the message.

Protecting yourself against phishing emails
Cybercriminals and scammers can produce phishing emails that look very legitimate. By following these simple steps, you can protect yourself against phishing emails:

• Before opening an email, consider who is sending it to you and what they’re asking you to do. If you are unsure, call the organisation you suspect the suspicious message is from, using contact details from a verified website or other trusted source.
• Do not open attachments or click on links in unsolicited emails or messages.
• Do not provide personal information to unverified sources and never provide remote access to your computer.
• Remember that reputable organisations locally and overseas – including banks, government departments, Amazon, PayPal, Google, Apple and Facebook – will not call or email to verify or update your personal information.
• Use email, SMS or social media providers that offer spam and message scanning.
• Use two-factor authentication (2FA) on all essential services such as email, bank and social media accounts, as this way of ‘double checking’ identity is stronger than a simple password. 2FA requires you to provide two things, your password and something else (such as a code sent to your mobile device or your fingerprint) before you – or anyone pretending to be you – can access your account.