As people physically distance and work from home, cyber criminals have taken advantage of this uncertain time to gain access to corporate and personal systems.

In a recent Twitter takeover, Cat Coode (BASc ’01), founder of Binary Tattoo, a full- service data privacy agency, answered some of your online privacy and security questions and offered some tips on how you can stay safe online.

Cat Coode in an Ask Me Anything

Who is the most vulnerable to cybercrime during a pandemic?

Seniors and the less tech savvy are the most vulnerable for online scams. Small businesses also have less cyber security in place and are often the gateways to bigger companies they may work with.

What are your thoughts on Contact Tracing?

There are pros and cons to Contact Tracing. It is a recognized method to stop the spread of disease however the tracking of the digital devices poses a bigger privacy risk that needs to be evaluated.

Google and Apple Contact Tracing do these well:

  • Uses anonymous IDs (which also change periodically)
  • Asks user consent to share
  • Stores only 14 days of information
  • Uses Bluetooth which limits location data shared

On the flipside, here are some privacy concerns of using Google and Apple Contact Sharing:

  • Nothing in the world is unhackable
  • Bluetooth is not the most secure
  • Could be de-anonymized via other data
  • Governments could one day argue they need the data for surveillance

Is it safe to use Google and Apple Contact Sharing?

Your phone and social apps are collecting way more personal information on you than these applications. The mic on your phone is probably on, and it is tracking everywhere you go. To stop being tracked, take the time to review every privacy setting you have and turn off the mic/camera/location where not needed.

Younger kids are jumping into all kinds of platforms to stay connected with their friends right now, such as Kids Messenger. Parents approve all contacts but longer term, could this data be kept and used in other Facebook owned platforms as they get older?

Kids messenger is the gateway drug. Facebook is not allowed to collect and sell their data under COPPA (Children's Online Privacy Protection Act). But Facebook does have the data and investigations have shown them using it in ways that breach COPPA.

There is no 100% safe way for kids to be online. You could use a signal encrypted app or more realistically the chat apps baked into iOS are better than social media chat apps.

CAT COODE, Cybersecurity expert

Tips to Cyber Secure Your Home Office

Tip 1: Secure your router by setting a password. Apply any and all updates available (typically security patches).

Tip 2: Use all the tools provided by your company. Especially VPNs (Virtual Private Network) for safe transfer of emails and files with encryption.

Tip 3: Watch out for IoT (Internet of Things) devices. They are an entry way through your router to your entire home system. Change the default passwords!

Tip 4: Phishing scams are up 700%. Do not click on any links you do not recognize. Via email, text, or even fraudulent URLs about COVID19. For government assistance, go directly to those sites.

Tip 5: Separate accounts on your computer! Between work and personal, between you and kids/roommates etc. Cookies track you between sites.

Tip 6: All privacy regulations still apply. Limited access to PII (Personally Identifiable Info) is key. You can't leave confidential files out at home. Take precautions.

Tip 7: You should have privacy policies for your company that also apply for home such as acceptable device use, social media policy, photo consent and safe disposal.

Tip 8: Stop sharing screenshots of your zoom meetings. This has so much social engineering data in it including names of your colleagues, their faces, and sometimes personal information in the background.

Tip 9: If you have kids in online learning teachers should only be using approved apps. No school board has approved the use of social media. Especially TikTok.  

Tip 10: Remember that if you are not paying for the product you are the product. Decide if the value of your data is worth the service/app you are using. You usually need to spend money for privacy.