As board communications become increasingly reliant on web-based technologies, it’s more important than ever to take proactive steps to safeguard the way you share and save sensitive information. While you may not think that your board is likely to be targeted by a computer hacker, multiple reports indicate a rise in phishing and scam attempts in this time of social distancing and working from home. Knowing the different types of malware that cybercriminals use will help you recognize a potential attack more easily.

First Service Residential is here to help our Boards and residents, protect their digital assets both during and after the COVID-19 pandemic which has drastically effected the way we communicate for business and with our loved ones. As part of this commitment, the second part of our Technology at Home Series includes expert tips on how to protect against popular phishing schemes, avoiding high-end phone attacks, and improving password security.

In case you missed part one of our series, “Choosing the Best Internet Package for Your Apartment,”  click here for steps that residents in your building can take to optimize connectivity in their homes

Popular Phishing Scams During COVID-19

Email fraud, often referred to as phishing is considered one of the oldest types of cybercrime and is unfortunately one of the easiest ways for criminals make large profits. Phishing occurs when a person or business is contacted by email, telephone or text message by someone posing as a legitimate institution to lure users into providing sensitive data and personally identifiable information. These emails and text messages are crafted to look like they’re from a company you know or trust such as your bank or credit card company, a social networking site, a virtual payment website or an online retailer.

Examples of the most valuable personally identifiable information include banking and credit card details, social security numbers, a birthdate, a physical address, and even a vehicle or license plate number.

Boards must be conscientious about protecting the personal information of residents. The board must make also sure that the condo corporation’s sensitive data is protected. Fortunately, there are a number of ways to reduce the risk of falling victim to phishing scams. You can begin by asking yourself these questions:
  • Do you recognize the sender? - Email Spoofing is when the header of an email is forged to make it look like the message came from a trusted sender. Spoofing is used to trick recipients into handing over personal information or downloading malware to their computer or their network. Double check the email address of the sender to avoid opening an email from an unknown source. A credible vendor or institution will never ask you to provide our Social Security number, ATM or debit card PIN or any other sensitive information in a response to an email.
  • Is it too good to be true? – Phishing scams will often provide a lucrative or extravagant offer to grab your attention. This might include unexpected inheritance, winning the lottery, a free mobile device or computer, or even a big discount on your mortgage or electric bill. As enthralling as this may sound, if it’s too good to be true, it probably is.
  • Is the hyperlink legitimate?  – A link in the body of an email may not take you where you think. To avoid clicking on a malicious link, place your mouse and pointer over the link without clicking. In a couple of seconds, you should be able to view where the link is actually taking you. The destination link could be completely different or it could be a popular website with a misspelling. For example, where the two 'n’s' are replaced by an 'm'. Look carefully!
  • What is the attachment? – If you see an attachment in an email you weren't expecting or that doesn't make sense, don't open it! In this scenario, an attachment may contain a hidden virus, ransomware and other types of malware that allow cybercriminals to access your personal information.
  • Is your malware software up to date?Always make sure you have an anti-malware package installed on your devices and that it is up to date. This also applies to your computer’s operating system and applications that should be updated to the most current versions. Most applications are set to automatically update by default, but it’s best to double check and be completely sure.

Password Security – The Do’s and Don’ts

There’s never a bad time to reevaluate the security of your accounts and passwords, especially now that cybercrime attempts on residents and boards is on the rise. In a worse-case scenario, a weak password could allow unauthorized user to access documents related to board finances, board meetings, personally identifiable information and other forms of private data. Following any of the tips below is a great way to help protect sensitive information related to your board, your building, and your residents.

For starters, make sure that your home Wi-Fi has a long and unobvious password. Typically, a minimum of eight-plus characters comprising a mix of both upper and lowercase letters, numerals, and symbols is best. It's not uncommon for cybercriminals to infiltrate Wi-Fi networks, looking for personal information to sell.
Avoid simple passwords, for example, your address, ‘password’ or ‘12345678’ to name a few. Today’s Wi-Fi routers from broadband ISPs typically come with a unique and complicated password preconfigured and written on the router itself.

Another way to maintain strong, unique passwords on all your accounts is to use a password manager. A password manager is a software application designed to store and manage online credentials. To protect users, the passwords are stored in an encrypted database and locked behind a master password. There are many trustworthy password managers now available from companies like Google which integrate directly with mobile devices and your web browser.

The New York Times recently published a list of their favorite password managers to help users better protect sensitive information. Click here to read the full article.

Your Management Company’s Role in Cyber Security

A strong cyber security strategy begins with an experienced property management company. Many boards only expect their property management company to manage day-to-day operations including maintenance, resident communication and policy enforcement. The best property management companies also equip boards with a dedicated technology team to help manage the specific IT needs of their building and their residents.
Having a dedicated technology team that as an extension of your property manager helps boards and residents select the best internet service providers in their building, identify cost-saving opportunities, and better protect against cyberattacks.

When hiring a property management company make sure that they:
  • Understand the unique technology requirements for your board and residents
  • Are quick to respond to IT issues
  • Provide dedicated service to your board
  • Make budget-conscious planning decisions
  • Have limited downtime for offsite hardware repairs
  • Do not allow third-party access to your board’s confidential information
The best management companies will provide you with dedicated hardware and IT support so to help your board better protect sensitive information, facilitate digital communications, and improve resident life. As a full-service property management company, FirstService Residential is committed to offering you guidance on how to stay safe both during and after the COVID-19 Pandemic. This includes in-depth and up-to-date information on policy changes, new local ordinances, coordinating virtual board meetings and how to best manage your building’s operating budget.

Click here to access our COVID-19 Resource Center featuring a collection of recorded webinars, articles and infographics from industry experts you can trust.
Monday July 20, 2020