Cyber crime awareness and Security best practice.

During the pandemic there has been a rise in cyber crime with malicious organisations and individuals taking advantage of the situation. Below you will find guidance on how you can be more aware to protect yourself from:

  • Loss of money giving away credit/debit card data
  • Loss of identity giving away personal information
  • Unknowingly giving away secure data and information of any kind
  • A compromised / hacked computer or email account

Keep alert for Phishing emails

Phishing is the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to obtain sensitive information or data, such as usernames, passwords, credit card details or other sensitive details, by impersonating oneself as a trustworthy entity.

This is particularly on rise during lockdown as more people are ordering products and services online for home delivery. Malicious emails that look like authentic courier branded emails will take advantage of people expecting a delivery under the guise of the order requiring action. Always track your packages and deliveries directly through the official courier website or app to be on the safe side.

The same with banks and building societies as people are actively focused on their spending, accounting and budgets. Banks will never ask for information or actions to me made over email. Likewise HMRC will never request payment or threaten action over email. Be on the lookout for scammers calling or emailing claiming to be HMRC at this time of year when Self Assessments are due.

Similarly many government organisations are understandably issuing updates as a trusted source of information at this time through their websites and emails. Be mindful of imitation addresses in emails that will seek to ask for forms to be filled out or links to be clicked.

Spear Phishing

These are more customised targeted emails that are received from a known person requesting information or an action. This usually occurs if the trusted senders email account has been compromised / hacked OR imitating the emails address only very slightly.

Always double check with a phone call or separate line of communication if a trusted person has sent an email requesting action which seems out of the ordinary or unexpected.

Please see this poster below on what to look out for to avoid being hooked:

View or download poster

Password Best practice

Your best defence against hackers is a strong password but remembering passwords for so many logins and systems is understandably frustrating at times. Below are some tips that should make things a bit easier whilst being more secure:

  1. Pick a sentence you can remember easily. This could be a significant event, a description of your favourite place or a quote from somebody. eg: Laughter is timeless or Toms birthday in Rome
  2. Combine word segments to form a new string. Make sure the string is at least 10 characters long. Combine word endings and beginnings. eg laughteristimeless or tombirthdayrome
  3. Capitalize two or more characters where it makes sense. Pick the “words” that convey your sentence’s core message, eg: LaughterISTimeless or TomBirthDAYRome
  4. Introduce two or more numbers, dots, ampersands or other special characters. Convert letters that into numbers that look the similar, eg: 1aught3rIST!mele55 or T0mB!rthDAYRom3

REMEMBER: Your password’s length is the prime ingredient for security.

What to do in summary

  1. Always double check the sender email address – it can look genuine and only be 1 character different.
  2. Be suspicious of any request to click on a link or send confidential information over email. Double check to be on the safe side.
  3. NEVER make a financial transaction using your card from an email. Double check using a legitimate and trusted method.

A warning about COVID-19 vaccination scams

The launch of the mass vaccination of people in the UK against COVID-19, is being accompanied by a rash of attempts at fraud, as reported by Trading Standards departments around the country.

Exploiting people’s desire to receive the vaccination as soon as possible and, more recently, increased fear of infection in the light of the new, more virulent strain, scammers are using phone calls (both in person and automated) and text messages to offer the chance to ‘jump the queue’. In the most commonly reported cases, the recipient is required to respond by clicking a link in the text message, or pressing 1 on the call.

If you receive an email or phone call from anyone purporting to offer you the vaccine other than the NHS, you should assume it is a scam. In reality, the vaccine is being offered by the NHS to people most at risk from Coronavirus, with groups at lower levels of risk following, and so on. It is being administered in some hospitals and, from last week, hundreds of local vaccination centres run by GPs.

Get more free expert advice on the Get Safe Online website which covers all the major news and developments in cyber crime.