Six steps to stay safe online while staying at home

0
1059
NCSC Chief Executive Officer Ciaran Martin

More than 80 malicious web campaigns taken down in a day after 5,000 suspicious emails were flagged to new cyber service for investigation within a day of its launch.

The UK’s National Cyber Security Centre experts had seen a growth in the use of fake coronavirus-related services in malicious emails tricking people into online harm.

Security conscious Britons have been praised after they embraced a service launched yesterday to stop malicious email campaigns with more than 5,000 reports, leading to 83 scams being nullified.

The National Cyber Security Centre (NCSC) launched the pioneering ‘Suspicious Email Reporting Service’ on Tuesday 21 April to make it easier than ever to flag suspicious emails – including the recent trend of offering services related to coronavirus.

Empowering people to simply forward questionable emails to report@phishing.gov.uk meant that the service had already received 5,151 reports as of 12pm the day after launching.

NCSC Chief Executive Officer Ciaran Martin said:“The immediate take-up of our new national reporting service shows that the UK is united in its defence against callous attempts to trick people online.

“While we have not seen a rise in email scams in the last month, coronavirus is the top lure currently used to conduct cyber crime – exploiting public unease and fear of the pandemic.

“We hope the success of the Suspicious Email Reporting Service deters criminals from such scams, but if you do receive something that doesn’t look right forward the message to us – you will be helping to protect the UK from email scams and cyber crime.”

By forwarding any dubious emails – including those claiming to offer support related to coronavirus – to report@phishing.gov.uk, the NCSC’s automated­ programme will immediately test the validity of the site. Any sites found to be phishing scams will be removed immediately.

The service was launched yesterday alongside the new cross-governmental campaign Cyber Aware, which promotes recommended behaviours to stay as secure as possible online.

The Cyber Aware campaign will be delivered by the NCSC working alongside the Home Office, the Cabinet Office and the Department for Digital, Culture, Media and Sport (DCMS).

This Suspicious Email Reporting Service was co-developed with the City of London Police. As well as taking down malicious sites it will support UK policing by providing live time analysis of reports and identifying new patterns in online offending – helping them stop even more offenders in their tracks.

Commander Karen Baxter, City of London Police, National Lead for Fraud, said:“This new service allows the public to take the power back from the criminal, and it’s fantastic so many people have utilised it already.

“This will assist the police in tracking down those responsible for sending these scam emails, and help in bringing them to justice.”

If people have lost money, they should tell their bank and report it as a crime to Action Fraud, but sending emails to report@phishing.gov.uk will offer an automated service to people who flag what they think to be a suspicious email.

  • You can find out more about the Cyber Aware campaign at www.ncsc.gov.uk/CyberAware.
  • The 83 takedowns relate to phishing attacks. These are untargeted, mass emails sent to many people asking for sensitive information (such as bank details) or encouraging you to visit a fake website.
  • The NCSC has been taking down malicious sites since its creation in 2016, and its Active Cyber Defence programme last year took down 190,000 fraudulent sites and stopped 140,000 phishing attacks.
  • If you have any additional questions, please contact pressoffice@ncsc.gov.uk.

The Cyber Aware top tips

1. Create a separate password for your email

  • Your personal email account contains lots of important information about you and is the gateway to all your other online accounts.
  • If your email account is hacked all your other passwords can be reset, so use a strong password that is different to all your others.

2. Create a strong password using three random words

  • Weak passwords can be hacked in seconds. The longer and more unusual your password is, the stronger it becomes and the harder it is to hack. The best way to make your password long and difficult to hack is by using a sequence of three random words you’ll remember.
  • You can make it even stronger with special characters.
  • Starting with your most important accounts (such as email, banking and social media), replace your old passwords with new ones. Just connect three random – but memorable – words together.

3. Save your passwords in your browser

  • Using the same passwords for all your accounts makes you vulnerable – if that one password is stolen all your accounts can be accessed.
  • It’s good practice to use different passwords for the accounts you care most about.
  • Of course, remembering lots of passwords can be difficult, but if you save them in your browser then you don’t have to.
  • Online service providers are constantly updating their software to keep sensitive personal data secure, so store your passwords in your browser when prompted; it’s quick, convenient and safer than re-using the same password.

4. Turn on two-factor authentication

  • Two-factor authentication (2FA) is a free security feature that gives you an extra layer of protection online and stops cyber criminals getting into your accounts – even if they have your password.
  • 2FA reduces the risk of being hacked by asking you to provide a second factor of information, such as getting a text or code when you log in, to check you are who you say you are.
  • Check if the online services and apps you use offer 2FA – it’s also called two-step verification or multi-factor authentication. If they do, turn it on. Start with the accounts you care most about such as your email and social media.
  • Your bank automatically carries out an extra security check if you use online banking, so you don’t need to turn this on yourself. However, you should check your bank has your correct phone number so they’re able to text a code to your mobile or call your landline to confirm it’s you.

5. Update your devices

  • Cyber criminals exploit weaknesses in software and apps to access your sensitive personal data, but providers are continually working to keep you secure by releasing regular updates. These updates fix weaknesses, so criminals can’t access your data.
  • Using the latest versions of software, apps and operating system on your phone or tablet can immediately improve your security.
  • Remember to update regularly, or set your phone or tablet to automatically update so you don’t have to think about it.

6. Turn on backup

  • If your phone, tablet or laptop is hacked, your sensitive personal data could be lost, damaged or stolen.
  • Make sure you keep a copy of all your important information by backing it up.
  • You can choose to back up all your data or only information that is important to you.

Kindly follow us on twitter:@AfricanVoice2