The short answer is yes. Freelancers should be concerned with cybersecurity, just as much as if it were their own information at stake.
I work in a niche industry. Why bother?
Clients expect a quality product, but also that their financial, private, and business information is being kept safely away from the prying eyes of criminals and competitors.
Even industries that seemingly have little exposure, such as graphic designers, can cause a big headache for their clients. For example, if a new marketing campaign is leaked to the competition because the freelancer failed to secure the client’s data, the business could face losing hundreds, thousands, or even millions.
Primary threats against freelancers?
Freelancers face three primary threats:
Phishing – Freelancers are known to sign up for services such as Grammarly, Adobe Creative Suite, WordPress, and others. These services are often on the scam end of phishing emails, as cybercriminals use emails similar to those dispatched by common services to steal information such as usernames, banking information, and passwords.
Direct scams – Freelancers are at risk of accidentally revealing too much when speaking with new potential clients. Freelancers should be weary of any clients who ask to remote access in to show files, send unexpected attachments, engage in odd behavior such as sending harassing or urgent emails, and other signs of a scam.
Data leaks – Should a freelancer be on a service such as Freelance.com, Fiverr, or UpWork, data leaks are a risk. Large sites with many freelancers in one location are at risk of data theft through the service itself.
Want to join in the conversation? Talk with us on social media!
Facebook: https://www.facebook.com/secfirstit/
LinkedIn: https://www.linkedin.com/company/securityfirstit
Hashtags: #smallbusiness #smallbusinesssecurity #businessmistake #workfromhome #workingfromhome #internetsecurity
Why hack a freelancer or freelancing service?
Sometimes the problem isn’t the value of the data itself, even though that can be largely part of the equation, but the size of the pool.
Think in the terms of a lake compared to the ocean. In a lake, there are a smaller number of fish, let’s say 100, in this example. In the open waters of the ocean, there could be up to 100.000 fish floating around. Freelancing has seen an uptick over the past 10 years, with sites such as Fiverr, UpWork, and other gig-based websites offering cheap, fast, and convenient services.
The larger sites such as Fiverr and UpWork are in some ways sitting ducks filled with valuable information. Files, payment method information, user information such as email addresses and phone numbers – just to name a few. Should the right information be pulled out during a leak, criminals could easily identify targets and harvest their important data.
Let’s say my client’s data got stolen in a breach. They can’t come after me!
Well, this idea could lead to murky water. Depending on the setup, a client could potentially sue a freelancer for lack of security allowing a breach to occur, especially if documents such as nondisclosures were signed. Nondisclosures for freelancers often include such clauses that they are to ensure data security out of their own pocket.
On the other side of that coin, a freelancer is only as good as their reviews or word-of-mouth recommendations. Would you recommend a freelancer who had accidentally leaked your hard-thought new marketing campaign?
What can I do to protect myself?
Freelancers need to follow basic security guidance.
- Encrypt everything, as much as possible, both at rest and in transit.
- Utilize good antivirus and anti-malware tools on your computers
- Use long and unique passwords wherever possible
- Use a password manager to manage all those passwords
- Split work and pleasure; try to have two computers and try to keep work on a separate computer from gaming, etc.
- Do not reuse any passwords, anywhere, ever
Having trouble finding trustworthy IT support?
Please contact us to schedule a consultation.