Pandemic Cybercrime Soars - Top Online Security Tips For 2021

We all know we need to be as secure online as we are anywhere. We all know that cybercrime has been increasing every year – but in the last twelve months of the pandemic – cybercrime rose by 31 per cent.

The most common type of cybercrime attack was hacking through email or social media, which accounted for 53% of attacks over the year. Scams caused by the hacking of business computer servers was revealed as the second most common type of attack on businesses over the 12 month period.

In terms of losses, people and companies based in London took the brunt of cybercrime, with the West Midlands, the South-East and the South-West following behind.

Sarah Knowles, Senior Security Consultant at Nexor said:

The last six months have opened up many opportunities for malicious hackers to intercept individuals and businesses as we have been thrown out of our usual routines and away from reliable systems. Across the country, millions of people switched to work from home and for many businesses, this left the door ajar as cybersecurity took a back seat with such short notice.

The problem is that the criminals would prefer to use cybercrime than other forms of crime and are now attacking home addresses as they know so many people are actually at home and working from there. There has been an enormous upswing of online activity from home – and so this is where much of the targeting by cybercriminals now focuses its attention.

Having said all that, the fact is – cybercrime is worse than you think. The actual scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate. According to estimates compiled by the Office for National Statistics, there were 4.4 million fraud offences in the 12 months to 30 September 2020. But police-recorded offences collated through the National Fraud Intelligence Bureau (NFIB) via Action Fraud, Cifas and UK Finance, showed just 16.6% of frauds are being reported (source). That means online fraud offences are something like five times worse than we are being warned about. It also means your chances of being caught up in one is really quite a lot higher than you might think.

 

First – The Basics

The government produces its own recommendations when it comes to online cybercrime security via the National Cyber Security Centre. These basic tips are really the minimum standard you should be doing to protect your household from malicious cyberattacks that could end in identity fraud and/or financial loss, along with a whole host of other, no less stressful outcomes. If you are not doing all of these things, you are not safe and weaknesses will be found.

Top tips from the National Cyber Security Centre: are

Protect your email by using a strong and separate password

Cybercriminals can use your email to access many of your personal accounts, leaving you vulnerable to identity theft.

Install the latest software and app updates

Software and app updates contain vital security updates to help protect your devices from cyber crime.

Turn on two-factor authentication on your email

Two-factor authentication is recommended for email accounts to make sure your data is secure.

Password managers: how they help you secure passwords

Using a password manager can help you create and remember passwords.

Secure smartphones and tablets with a screen lock

Screen locks offer your devices an important extra layer of security.

Always back up your most important data

Safeguard your most important data, such as your photos and key documents, by backing them up to an external hard drive or a cloud-based storage system.

 

 

Working From Home

BusinessFirstOnline makes a simple recommendation when it comes to working from home. Have a Device Dedicated to Work. They say:

“Mixing work and personal life are ill-advised, and the same goes for devices. When remote working, always make sure that work is being done on devices dedicated to work instead of using personal devices.

The reason for this is that personal devices could be compromised. Plus, there’s always the risk of a remote worker losing their personal device, putting the company in possible jeopardy.

When possible, companies should hand out work devices to all remote workers. Remote workers should then do all of their work on said device” (source).

 

Banking Online – Minimum habits

Here are some more basics you should do (full resource source here).

  1. Don’t re-use the same passwords for different accounts.

  2. Use a strong password. Avoid passwords made up of common words, numbers or keyboard patterns (such as ‘password’ or ‘123456’), and don’t include personal information, such as your name, date of birth, or any family member’s details. Read more about password security in this guide.

  3. Never share your full password or PIN number. Banks will never ask for your full PIN or password – instead, they will ask for specific numbers or letters, for example, the first and third character from your password.

  4. Always log out of your online banking session, especially if you use a device that others have access to.

  5. Be cautious when using a public computer to access your online banking, for example, library computers. They may not have the right level of security software. Ask the library staff for more information.

  6. Only use secure Wi-Fi networks to access your online banking. Don’t use public networks, such as those in cafes or train stations – it may be possible for people on the same network to access your details.

  7. Check your balance and transactions regularly, and report anything you don’t recognise to your bank.

  8. Regularly check that your personal details are correct and up to date.

 

Beware of Scams

A common scam is where fraudsters call up, telling you your account has been hacked and to move money to a ‘safe’ account. They can even use technology that makes it look like they’re phoning from the bank’s official number. Your bank will never phone you out of the blue, asking for your PIN number or password, and they won’t ask you to transfer money to a different account.

The Royal Mail is used in so many scams that it has a specific section on its website to help people detect and report fraudulent messages. That service has been especially busy recently after people received emails and texts supposedly from the Royal Mail demanding a shipping payment.

The Royal Mail also warned customers about similar scams delivered by text. This method of attack is particularly dangerous because it’s less common and people are therefore less likely to be alert to the threat. Furthermore, both legitimate and fraudulent texts are typically very short – perhaps one or two sentences. As such, recipients have little information to determine the authenticity of the message, and they may be tempted to follow the link to find out more.

Texts also make it easier for scammers to hide their identity. They don’t need to replicate official logos or the sender’s address, and the messages come from a nondescript phone number. However, in most cases, you can find out where the phone number is registered by looking it up online. If you are ever in any doubt whether a message is genuine, you should contact the Royal Mail by visiting its website (never follow a link from an email or text) or your local delivery office.

If you are unsure visit the Royal Mail website here and you can check out any parcel or delivery.

 

Buying online

If you’re planning on buying from a website you’ve never used before or haven’t heard of, check its reviews online and run the address through Google’s Safe Browsing tool to check for security threats. In fact, you can use this tool for any website. Don’t forget to type in www first and make sure you have the correct details for an instant result.

Britain’s National Cyber Security Centre has lost of advice which you can read HERE – but the basics are:

  • If possible – type a website address that you trust directly into the address bar – not the search bar.

  • Use a credit card rather than a debit card.

  • Use PayPal, Apple Pay or Google Pay.

Using these platforms to authorise your payments means the retailer doesn’t even see your payment details. They also provide their own dispute resolution should anything go wrong. However, they may not provide the same protection as a card provider, so check their terms and conditions before your sign up.

When it’s time to pay for your items, check there’s a ‘closed padlock’ icon in the browser’s address bar. It will look like this:

locked padlock on a URL bar in browser
  • Only provide enough details to complete your purchase.

  • If possible, don’t create an account for the online store when making your payment. You can usually complete your purchase without having to create an account

We live in a digital age – and so it’s up to you to keep safe. You already have security habits such as locking the front and back doors, making sure window locks are secure and that your car is locked and so on – now do the same online to make sure you are not a victim of cybercrime.