Working at home comes with a lot of perks: flexible hours, no commute, free eats in the kitchen, and casual clothes. But given all that, and whether you work for yourself or remotely for an employer, there are also more risks — making you vulnerable to fraud and scams without the built-in protections of the modern office. Everything you do from your home office opens you up to possible identity theft as well as email/phone/text scams. This is truer than ever as COVID-19 continues and cyberthieves, hackers and scam artists find new ways to reach you at home.
Keep cybersecurity top of mind so you can enjoy more peace of mind.
Protect Yourself from Scams
Scammers are clever cons looking to steal money or information from you under the guise of a legitimate request. Where they used to specialize in fake phone calls and emails, now they’re targeting you through digital channels including text messaging. Be on alert to suspicious activity at all times:
Screen Calls: Only answer calls/respond to texts from names you recognize and have reason to trust. Scammers are clever and often “pose” as a contact you’d recognize, like a family member, a company you interact with, or the I.R.S. To block calls and reduce unwanted ones, add your name to the Do Not Call Registry. Just call the FTC toll-free at 888-382-1222 from the phone you want to register. Or visit: donotcall.gov.
Don’t “Go Phish”: Cyberthieves send phishing emails and texts to hopefully get a hold of sensitive information like passwords and log in credentials. They might come from your boss, manager, HR or a coworker, so you’ll think it’s okay to share. But look at them closely. Does the message make sense? Are there typos? If they ask you to click on a link or download an attachment, BEWARE. You could be exposed to a virus or malware. If you don’t trust what you’re seeing or the request seems out of the ordinary, always double-check with a contact before you respond or take action.
Do Some Research: If you’re on the fence as to whether a company seems safe or not, search for them online. See if any news comes up on them regarding complaints or scams. Look up their correct phone number and call directly. Check out their website to see if they seem legit. Does it look professional or is it filled with errors and no contact information?
Hang up, Hang up, Hang up! When in doubt, disconnect. Scammers know how to impersonate caller ID information to fool you. If you do answer a robocall, don’t get roped in. Don’t talk as they might record your voice. If a recorded message asks you to press a number for more info or to get off their call list, don’t do it. It’s another way for them to send you even more calls and get information from you.
Never Send Money: No reputable business or government entity will demand that you need to send them money, and fast! If it’s a serious issue, you’ll be contacted by regular mail. Scammers will try to fluster, confuse and scare you so you’ll agree to their request.
Scammers Move Fast: If you feel you have been taken advantage of or your information was compromised, you’ll have to act as fast as the criminals do —
- Call your bank and/or credit card company immediately. The sooner they know, the faster they can freeze your account or card or set up an alert.
- If you suspect your identity has been stolen, contact the Social Security Administration and inform one of the credit-reporting agencies (Equifax, TransUnion or Experian).
Stay in the Know: Stop scammers before they get to you. Go to ftc.gov/scams to sign up for free scam alerts to be sent to your email. Get the most current guidance so you’ll know what to do. You can also report any scams to ftc.gov/complaint.
Protect Your Devices
Working at home gives us the flexibility to get out and about. No matter if you have company-issued equipment (and if you do, follow their security practices) or are on your own, take these extra precautions:
Lock Up Your Laptop: Laptops can easily be stolen when you go work at a cafe, library, workshare space or elsewhere. You step away for coffee, go to the restroom, or walk over to talk to a friend and it can be gone just like that. All good reasons to password protect your laptop and carry a lock to secure it when not in use. You don’t want anyone gaining access to your data.
Mobile Phones: We’ve all felt that fear: you reach for your phone and it’s not in your pocket. You check the car, all over the house, the store you were just at ... no luck. The last thing you want is for a thief to get access to all your personal info including photos. Set up a password to access your phone or require a facial/fingerprint I.D. Download a find my phone app and always keep it turned on.
Protect Your Personal Information
You have to look out for yourself when you work at home. And you have to be vigilant about the things you can do to safeguard your data, files, communications, and sensitive information.
Guard Your Social Security Number: This is the #1 number fraudsters covet. With it, they can steal your I.D. to open credit card and bank accounts, withdraw funds, submit tax returns in your name to collect a refund, get medical care, and so much more. Only share it when you are required legally to do so, as with banks and lenders, the government, and your employer. Take note, doctors and hospitals might ask, but they’re not entitled to it unless you are a Medicare or Medicaid recipient. When in doubt, leave it blank on a form.
Limit Social Media Sharing: Every time you post on Facebook, Twitter or Instagram, you’re giving away information to smart crooks who know how to abuse it. Many times you won’t even realize you’ve done it. Some things to watch out for:
- Don’t put up pictures and posts until after your vacation. Otherwise, you’re letting people know you’re away and your home is fair game.
- Don’t talk about an upcoming business trip or vacation.
- Don’t share your home address, your birthday including the year you were born, any banking information, social security numbers, medical information, and definitely not anything confidential related to your work or employer.
- Turn off location services.
Shred It and Forget It: Thieves can’t steal what they can’t find. Get in the habit of regularly destroying confidential documents once you no longer need them. Don't take anything sensitive to the dump. Don’t put it in the recycling bin. Many towns have public shredding days. There are also secure shredding services where you can bring your materials or a mobile shredder can come to you.
Protect Your Connections
Working at home has meant more communicating and collaborating with coworkers, employers, clients, and customers via email, text, and video chat. There are a number of things you can do to maintain a safer environment.
Connect through a VPN: If you’re working remotely, most likely your employer has set up a Virtual Private Network or VPN so you can securely access corporate systems over the internet. If you don’t have this, get your own private server to encrypt all your internet traffic — keeping your computer and all its data safe from hackers.
Keep Passwords Strong and Long: Password-protect all your devices, any apps you use, social networks you’re on, as well as financial websites you visit, etc. Be as creative as possible when choosing a password (or use a password manager) and keep the following in mind:
- Use a long string of upper and lower case letters, numbers, and special characters
- Think of a phrase that only makes sense to you and use the first letter in each word (ie: “I need to get out more and see the world” or In2GOM&sTW!
- Change your passwords every three months
- If your account is hacked, create a new one immediately. You will receive confirmation by text or email. Even if you’re not sure, better safe than sorry.
- Never use the same password for another device or account
- Don’t rely on your browser to “save it” for future use
Add Two-Factor Authentication: More layers mean more security. If you enable two-factor authentication (2FA) for access to a website or app, another step will be required to prove it’s you. So if someone fraudulently tries to log in a request for “approval” will go out via email or text for verification. This can entail providing a personal identification number (PIN), a password, entering a code, or answering your secret questions.
Be Wary of Public WIFI: It’s so convenient to use free WIFI when you’re hunkering down at the library, working outdoors near a hotspot, or waiting for a flight at the airport. But it’s too risky and too easy for scamming eyes to intercept info you’re sending and receiving. Try to connect through a VPN or turn on the personal hotspot on your smartphone.
Close Your Network
You rely on your home network to get business done, including your internet provider, WIFI and your router, which, if unprotected, can give cybercriminals a fast route to your data. Most people just adopt the password that’s supplied during set-up. To boost your defense from data breaches, neighbors riding on your network, and other snoops, change the default password and hide your wireless WIFI name [also known as SSID, Service Set Identifier] so others can’t access it.
Keep Up-to-date with Updates
Do the most you can to limit your vulnerabilities. Upgrade your web browser. Download that patch. Invest in the latest security software and operating systems. Perform regular backups. For simplicity, schedule automatic updates and backups during off-hours so your system doesn’t slow down while you’re working. And that’s one less thing for you to worry about.
Meg Schutte is a Bank of Hope Blog contributor.
The views and opinions expressed in this article do not necessarily represent the views and opinions of Bank of Hope.