27 Sep Help! My colleagues and employees are visiting suspicious websites!
We spend most of our lives glued to either our computers at work or smartphones when we’re on the go. As digital natives, we like to think of ourselves as people capable of differentiating a dubious website from a trustworthy one.
Unfortunately, not everyone in the organization is acquainted with such instincts. Here’s what to do when your colleagues are visiting suspicious websites! And no – you don’t have to be a cybersecurity expert to do this.
Step One: Identifying a Malicious Website
Before we begin scrutinizing our colleagues, we must first know what a malicious website is. A malicious website can be defined simply as a site created with the intent to install malware on unsuspecting computers.
What’s confusing about malicious websites is that they often look like the original website, to the untrained eye. Below, are 3 ways to identify a malicious website:
- Website Presentation: Low budget hackers will present low budget copies of original websites. Look out carefully for mistakes such as grammatical and spelling errors (e.g. ‘Facebok’ or ‘Goggle’). Or using your skills of deduction, look out for mistakes in the website layout, or even with the quality of the website.
- Encryption: Or maybe the website is more interested in storing your username and password instead? Fake banking websites are actually some of the most common malicious sites available out there. One way to detect these pesky information stealing website is by checking the address bar, to ensure you’re in the right place. I mean if you’re logging in to, g00ble.com instead of google.com, chances are it’s a malicious website.
- Content: Are you looking to download something online? Check the content of the website, to figure out its true intentions. Is the website bombarding you with countless pop-up ads, surveys, or random forms to fill up? There is a chance that the website could be a malicious one.
Step Two: Are my Colleagues Really Viewing Dubious Websites?
Using your stealth and spy training, walk quietly pass your colleagues desk to catch a glimpse of their computer screens. Or maybe you have to work with a colleague on a brand new project – and you’re wondering if they’re checking out legitimate sites.
Well, before you jump to conclusions, try to identify the type of websites they’re visiting. Are they browsing through:
Porn websites
Unless it’s a website showcasing photos of tantalizing food porn, your colleagues and/or employees shouldn’t be browsing through pornographic websites. At least, during work hours, at work. If this is the first time you’ve caught them, gently remind your colleague of the consequences your HR department has against sexual harassment. Maybe that’ll scare them a little. I mean, even food porn should be viewed in moderation. Or not at all, if you and your teammates are on a diet.
Murder Forums/ Reddit Threads/ Online Communities
There’s a lot to unpack here. Firstly, wow, that’s terrifying. Secondly, I’d probably report this to your HR department and the local police. Just….creepy
Limewire/ Piratebay
Limewire is dead people! And with Netflix and Amazon available on our mobile phones, who even downloads movies from Piratebay anymore these days? If you see someone browsing these websites at work – the first thing you’ll need to do is check your phone to see if somehow you’ve managed to travel back to the early 2000s.
Or maybe you should gently remind your colleague that Netflix and Amazon are pretty affordable. Plus the quality’s good and they won’t have to worry about Malware.
Random WhatsApp Websites
There is a certain demographic in Singapore….that’s attracted to WhatsApp and the dubious chain messages sent on the chat platform. Aunties, it’s aunties and uncles who trust everything that’s being sent on WhatsApp. It’s so common that even the Singapore government has created laws to stop the spread of fake news online.
So the next time you receive a WhatsApp text message with a strange attachment from someone. Try and fight the urge to click or download the attachment. Alternatively, you can either choose to block the contact on WhatsApp.
People Who Still Use Internet Explorer
Firstly, why are people still using Internet Explorer? Also, do people not read the news? We shouldn’t be having this conversation, but guess what, here we are. Those who choose to use Internet Explorer might be exposing themselves to vulnerabilities – which an attacker could take advantage of.
This isn’t the first time people have been urged to remove Internet Explorer from their computers. Earlier in February, a security researcher at Microsoft urged people to stop using the browser, as it has been discontinued since 2015. Additionally, even just having the browser installed on your computer, without using it, is a security risk. Why? Well, because hackers can simply steal the user’s data, thanks to a security flaw. Just uninstall the program, it’s not like you’ll be using Internet Explorer anytime soon anyway…unless you’re 90.
Step Three: What should I do when my colleagues start looking through dubious websites?
1. Keep Your Fellow Colleagues and Employees in “the Loop”
Education is one way to stop your colleagues or employees from revisiting those sketchy websites at work. Inform your colleagues or employees of how their online behaviour can affect the organization. Alternatively, encourage open communication amongst employees and the IT executives at work. More communication equals to better education.
Some great educational articles we’ve written are:
2. Use Anti-Virus and Anti-Spam Protection
Whilst firewalls are not enough to protect your computers against targeted attacks. But anti-virus and anti-spam software do make web browsing much safer. Depending on the type of software, some solutions might be able to limit the types of websites that employees are able to browse. This prevents the naive from browsing through dubious gaming and porn websites (at least during work hours)!
3. Inform HR
Depending on the type of website you’ve caught your colleagues browsing through red-handed. You might want to inform your local HR office of the browsing and online habits of the people around you. Especially if they’re browsing through murder forums during working hours.
Need some help?
Outsource your cybersecurity headache to trained tech recruiters with Cyberstein. At Cyberstein, we offer the best manpower available to act as your first line of defense. Find out more about Cyberstein’s services here. Or contact Victor at ([email protected])for more information on how outsourcing and recruiting temporary cybersecurity talents is a great option to consider when it comes to protecting your company, its resources, and reputation online.
Stay informed, follow A Very Normal Company on Linkedin for more news and updates on Cyber Security outsourcing and recruitment in Singapore.