Hello Community
With many businesses asking their teams to work remotely, security experts are warning of spikes in cyber-crime attempts.
The global COVID-19 pandemic has sparked a surge of phishing attempts on unsuspecting individuals. One such attack used the logo of the CDC Health Alert Network claiming to provide a list of local active infections, before stealing confidential information from the unprepared victims.
Cyber criminals are looking to take advantage of this period of global uncertainty, reinforcing the urgent need for everyone to be extra vigilant when it comes to cybercrime.
We strongly recommend Australian lawyers and conveyancers utilise the tools and processes available to them to mitigate this risk, including:
Install and update your anti-virus software
Ensuring your anti-virus software is up-to-date is critical. Cyber-criminals can use a number of different methods to try and attack your devices, anti-virus should always be your first line of defence in protecting you and your business.
Keep operating systems (OS) and browsers up-to-date
Updated OS and browsers add protection from security issues that could be used to compromise your information. Restart your devices regularly to make sure updates are fully installed.
Cyber-criminals use weaknesses in outdated software to scam individuals and businesses. The best way to keep you and your business safe is to action software updates the instant they become available.
We also recommend that you shut down and restart your device frequently for automatic updates to proceed.
Do not use public WiFi
If outside of the home or office, we do not recommend the use of free WiFi. Instead, use your mobile as a hotspot (or purchase a 4G mobile router). This will provide you with a safer connection online.
Public WiFi is easily compromised by hackers and your personal information easily obtained.
Virtual Private Network (VPN)
When you’re working from home for an extending period of time, use your company’s VPN to make sure that you maintain a secure connection to all your corporate services and applications, away from the prying eyes of cyber-criminals.
Phishing – protect you and your clients’ information
With reported email phishing attacks on the rise and the risk becoming more tangible across the world, it has never been more important for us and the broader e-Conveyancing network to use the tools available to us to protect against this threat.
While you’re working remotely and limiting face-to-face client meetings, bank and trust account details can be communicated safely via the free PEXA Key app between you and the homebuyer or seller. The app removes the need to use email, mitigating any risk of succumbing to email phishing attacks in the sharing of critical transaction information.
Lawyers and Conveyancers who use InfoTrack can also use Securexhange to communicate sensitive information with real estate agents.
Multi-factor Authentication (2FA/MFA)
Check the security and privacy settings of all your essential services and make sure they have 2FA/MFA available.
When logging into PEXA, members must use MFA to access their accounts. Although users have the option of receiving their MFA code via SMS or the smartphone app, we find the most reliable option to be the latter – via the PINGID application.
The code is generated immediately in the smartphone app for users to transcribe into PEXA. The SMS option can experience latency issues with some telecommunication providers, meaning the code is not received by the user for some time. If you’d like assistance moving from SMS to the smartphone app, please contact PEXA’s Support Centre on 1300 084 515.
Protect your passwords
Keep your passwords and pin codes safe. Now might be a good time to change your passwords and use a password manager e.g. LastPass and 1Password to ensure you have unique passwords for all your different accounts. This ensures that if one of your accounts is compromised, the others are protected, and the impact is minimised.
Kind regards
David Willett
Head of IT Security, PEXA
