Spooky Cyber Threats – Day 1
October is #CyberSecMonth and with this week leading up to Halloween, our Business Engagement Officer Hannah steps in to the mind of a cyber criminal to highlight common cyber security issues and help you #BeCyberSmart. Today the focus is on ‘How to protect yourself from spear phishing’.
“I know everything about you, but where am I getting this information from?
“Social Media of course! If your account is public, I can see all your posts, who you are friends with, your family connections, your date of birth, your pets’ names and more.
“How can I use this information?
“One example is when I email you, I can pretend to be someone you know and make the email more personal (commonly known as spear phishing). Subsequently, you are more likely to click on the link and provide me with your login details for Facebook so I can gain access to your account. I will then write a post from your profile, asking all your Facebook friends to donate to my made-up charity. I’m sure your friends will be thrilled knowing they have lost money to a scam!”
ADVICE - How to protect yourself from spear phishing:
- - Make all social media accounts private to be in control of who can see your information and posts. Scam emails are less personal if your information is unavailable to the fraudster. Use our step-by-step guides to implement privacy settings for popular social media platforms https://www.policedsc.com/security-advice/apps-social-media
- - Use our checklist to spot common signs of phishing emails https://www.policedsc.com/security-advice/email-security/phishing-email
- - Use 2 Factor Authentication (2FA) wherever possible to provide a second layer of security. Should you accidentally disclose login information to the fraudster, they will be blocked from access to your account when prompted for a onetime passcode. Steps to enable 2FA on popular websites can be found here https://gcatoolkit.org/tool/set-up-2fa-on-your-accounts/
Hannah Khoo is the Business Engagement Officer for Police Crime Prevention Initiatives, delivering the award winning ‘In the Community’ programme and drop-in Digital Security Clinics. Hannah’s role sees her visit local businesses with police officers to carry out cyber security assessments, provide practical support and share detailed advice about cyber crime and online security. Hannah completed a BSc Honours degree in Computer Security and Forensics at the University of Greenwich and was named as one of Britain’s top 50 business advisers by Enterprise Nation in 2020.