Cyber Advice

Most of us rely on the internet on a day-to-day basis. Whether it’s to manage your finances, communicate with friends and family or to do some internet shopping we are all becoming more and more dependent on the internet for our needs.

Unfortunately, an increasing number of people are being affected by fraud, identity theft and abuse. There are simple steps we can all take to protect ourselves, but most problems can be avoided by making sure we always follow some simple rules.

Remember:

  • A locked padlock or unbroken key symbol should always appear in your browser window when banking online
  • The ‘http’ at the beginning of the website address will change to ‘https’ when a secure connection is made
  • Never leave your computer unattended when logged in and log off as soon as you’re finished, especially on a public computer
  • Check your bank statements regularly - if you notice anything strange, contact your bank immediately
  • Make sure your Wi-Fi router is secure at all times by changing the default factory password.

The National Cyber Security Centre (NCSC) has created the 10 steps to Cyber Security (400 KB).

NCSC 10 Steps To Cyber Security NCSC-page-001 (1)

West Midlands Regional Cyber Crime Unit’s Prevention Tips:

1. Password Hygiene

Use three random, disassociated words to create a long password. The longer it is, the less likely it will be “hacked”. Introducing special characters such as “!” will make it even safer. Try to avoid using words or dates associated with you such as family names or birthdays as Criminals may glean this information from Social Media. For more information, view  Password Security (285 KB).

Use a different password for every account, so that if a criminal gets one of your passwords, they can only get into one of your accounts. In the physical world, we don’t use one key to open everything!

Password Managers/Password Vault Applications for smart phones, and digital devices are an ideal way of storing your passwords securely in one place.  

How secure is my password? Is an online programme where you can enter your password to determine how long it would take a computer to crack your password.

use strong password

2.  Anti-Virus:

Install a reputable Anti-Malware/Anti-Virus product to monitor and protect all of your devices, including those connected to both home and business networks. They are a vital layer of defence against Cyber Criminals, and you can now get these for Gaming Consoles as well. Regularly updated, these will stop the majority of Cyber Attacks.

3. Firewall:

This is your protective barrier, and another layer of defence between you and the internet, preventing unauthorised entry to your network.

 4. Update and Migrate:

Regularly maintain and update your operating system and applications. Old software such as Windows XP is no longer supported by updates, so migrate to new, supported software.

5. Data Recovery: 

Whether you use your digital devices for home, school or work, it is important to regularly back up any data of importance such as photos. This could be a physical back up drive or ‘cloud storage’. Once a backup is made, these should be unplugged from your networks as some malicious software will move across your network to all connected devices.

6. Staff/ Family Awareness: 

The most common form of attack that Cyber Criminals use is emails with malicious software attached to documents or files. Once these files are downloaded, the criminals can take over control of your computer, turn on the microphone/webcam, capture your banking details and passwords, encrypt your files and demand a ransom to unlock them or destroy or steal your data. They also try to direct you to ‘fake’ websites where they capture your passwords and credentials.

If you do nothing else, train your staff and make your family aware of ‘phishing’ scams. Teach them how to spot these emails and make them aware of the cyber risks around clicking on links or opening suspicious documents.

7. Data Encryption:

Consider using data encryption to make confidential data unreadable by unauthorised parties. Many modern operating systems include the option to encrypt as part of the software, although commercial products can be purchased that are relatively inexpensive.

8. Managing user accounts and privileges:

Adopt the principle of ‘least privilege’. Only provide staff or family members’ access to what is needed. If a member of staff changes role, their access should be reviewed, and if someone leaves your business there should be a strict ‘off-boarding’ procure.

In the context of home usage, strictly limit those with admin rights (I.e. the ability to install programmes or make changes to your device/network). This again will help protect against hackers or certain types of malicious software.

Cyber Crime

Cyber Crime is under reported. Each year fraud and cyber crime costs the UK economy £195 billion. Reporting can be easily done online at Action Fraud or call the 24 hr hotline during a live cyber attack.

fraud enablers

The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible.

You should also report cyber crime to your local police and explain that you have also reported it through action fraud. This is worthwhile as the banks investigation requires a Criminal Reference Number (CRN) to prove you have been a victim.

You can now  sign up for free to Action Fraud Alert to receive direct, verified, accurate information about scams and fraud in your area by email, recorded voice and text message.

Twitter_Social_Icon_Circle_ColorFollow @Actionfrauduk on Twitter

noun_Phone_140415_f531070300 123 2040 during a live cyber attack

How to protect your business

Running a business is challenging enough without having to deal with fraud or cyber attacks. 

Cyber Essentials is a simple and effective Government backed scheme that will help you protect your organisation against a range of the most common cyber attacks. Certification will reassure current and potential customers that you take cyber security seriously. You’ll also be listed in their directory of certified organisations.

NCSC also runs the Cyber-security Information Sharing Partnership (CiSP), designed to exchange cyber threat information in real time, in a secure, confidential and dynamic environment.

Cyber attacks and crime is not the only risk to your business, find out how to better prepare you business as well as implement a business continuity plan to mitiagte the effects of an incident or prevent it from occuring in the first place. 

Further information on how to protect your business:

247 reporting

How to help your children stay safe online

As adults, we are aware of the potential issues connected with being online whereas, children are more trusting and might not understand these risks. That’s why you need to be switched on to how to protect your children online not just with parental controls and specialist software that you may already be using, but by engaging with your children from an early age and maintaining this engagement with them as they grow up in the digital world.

Whatever their age, Internet Matters and Digital Parenting can help you to find out more about what your children might be doing online and give you some simple, practical and easy advice on the steps you can take as a parent to keep them as safe as possible. When purchasing your child’s first device it can be quite overwhelming for parents on how to set up parental controls and privacy settings. Find out how to set up safe with parental controls.

Bullying has changed and can now happen anywhere, anytime. Help protect your child from the lasting effects of cyberbullying by learning how to help them deal with it.

Is your child a computer whiz? Under the CyberFirst brand, we support the development of the UK’s next generation of cyber professionals. There is a student bursary and apprenticeship schemes, courses for 11-17 year olds and girls competition to help nurture talent for a future in cyber security.

Further information