It’s been an interesting couple of days for sure. We are all trying to figure out what this whole Coronavirus ordeal actually means to our families and our daily lives. Schools, restaurants, bars, movie theaters and basically everything else is closed and we all wish we had invested in toilet paper companies 2 weeks ago.

Thankfully we have the internet to keep us all up to date (maybe too up to date!)

Unfortunately many will take advantage of the increased internet usage and overall anxious feelings that many of us have. I have received questions from family members, friends and colleagues over the past weeks about random emails, websites, programs, and weird messages.

I figured it was time to publish some of these for the world to see so I can share this link each time they come in.

Standard Best Practices Still Apply…

  • Enable Multi Factor anywhere you can. Banks, utility websites, password managers, etc. If a service you are using doesn’t offer this then you should reconsider another option.
  • Do not share your username, password, social security number, or any other personal information with anyone over the phone, email or text message
  • Keep your antivirus software up to date
  • Use a firewall on your home internet router and your local computer
  • Keep your computer, router, IoT devices, smart devices, etc updated (automatically if possible)
  • Do not use the same password for any website. Consider using something like LastPass to generate random, strong passwords for each unique website you have to use for logging in
  • Watch out for phishing attempts imitating services like Google, Microsoft and many others. This may often come from a URL that looks legitimate but is not. If you suspect it is not legitimate take a screenshot and send it to someone that is knowledgeable and can help you validate. Do not ever forward an email you suspect is a phishing attempt, virus, trojan or malware.

Be weary of Coronavirus trackers

  • There is a plethora of malware, trojans and viruses using the current epidemic as a method to create fake Coronavirus trackers to take advantage of anxious users. Only get your information and/or downloads from validated, relevant sources such as the CDC, DHHS, or your local state and county health departments.

Be weary of VPN service claims

  • There has been a surge in users purchasing VPN services over the past few years to “hide activity from ISPs” and to “block website tracking.” These promises have only increased with more users working from home. They are often misleading as you move from your ISP tracking you to the VPN service tracking you. Many of these services are operated by companies in foreign countries.
  • If you are using a paid VPN service make sure it is reputable
  • If you are using a free VPN service I would recommend you stop
  • Assume anything you are doing on a paid VPN service can be (and most likely is) tracked

Be careful when donating

  • If someone calls you asking for donations ask them for their business information and a number you can call them back. Hang up, look up their information online and if it’s legitimate give them a call back
  • Make sure you are checking the URL of any online donations and it is a validated, secure connection to provide any credit card information

A good opportunity to change your passwords

  • Consider changing some of your important passwords in case anyone has your primary account passwords. A reputable source to monitor this for free is Have I Been Pwned
  • Rotate your WiFi password in case any neighbors might have it. This is good practice every 6 months even without Coronavirus.

Don’t forget to protect your employer

  • With so many employees working from home we are at a significantly increased risk of breaches to business sytems and confidential information
  • Make sure you are keeping your work-related information on your work device
  • Shut your work laptop down, disconnect your VPN and logout when you are not working
  • Make sure you are familiar with your company’s policies around VPN, systems access and what to do if you suspect your credentials were compromised
  • Be patient with your IT staff. They are definitely stressed right now with so many users working remotely.