Website security

Cyber Crime – prevention is better than cure

What are some of the threats from cyber criminals and what you can do to minimise attack
On 27th January 2019, the BBC did a feature on Cyber Crime UK cyber-crime victims lose £190,000 a day. As reported, most criminals gained access via social media and email accounts. There are very few people who are not on some form of social media these days, in fact most of us use at least two or three. I use at least four social media platforms and know my teenage children use at least two.

Identity theft and social media

The main risk with social media, is identity theft. How many of us add our birthdays to social media, but don’t hide it from others? I know how lovely it is when it’s your actual birthday and hundreds of on-line friends take the time to wish you happy birthday, however, by the same token, how many times are you asked to confirm your identity by giving your date of birth? It wouldn’t take a genius to look at your social media account and get your date of birth would it? The same goes for these weird apps that people play – “give us your favourite film / your first pet’s name / the name of your head teacher at primary school and we’ll tell you whether you are an introvert or extrovert” – all these questions are often used by banks and institutions to confirm your identity.

Social media and holiday pictures

Every summer I see a post from a police force, somewhere in the country, urging people not to post their holiday pictures on-line. I know it’s common sense, but showing that it’s 24 degrees in Lanzarote (where you are currently sunning yourself), whilst we in the UK are shivering is not good. How much effort would it take for a criminal to work out your address? It’ll be on-line somewhere – you may have checked-in on Facebook, talked about a new restaurant opening on the corner of your road, or taken a nice picture in the snow of the front of your house… it honestly doesn’t take much and if they know you’re on your holibobs for a week…

Social media and passwords

I know how easy it is to use your kid’s birthday, or your wedding anniversary, as a password because it seems that there is a myriad of applications that all want a different password – how do you remember them? The short answer is you don’t, so you create a ‘one fits all’ solution. The only problem is that if someone breaks into one application, then they can break into them all. As hard as it seems, you have to make your password not easy to remember or guess. The best thing to do is use a password manager for all your on-line passwords. The way it works is that you encrypt all your passwords in one file. The negative to this, is that it’s only as secure as that file’s password, but it is much more secure than not using one at all! So the lesson here is be careful with what information you share on-line.

Emails and cyber security

As soon as emails first came on the scene, dodgy email scams followed. We’ve all had the ubiquitous: “I have a zillion dollars in the bank that I can’t get access to, can I transfer it to you”. Once people had cottoned on to the scam, they soon died a death – if there’s a ‘get rich quick’ scheme involved, then it’s probably not kosher! Still, emails are a very good way for a Cyber criminal to cause damage. This could be in the form of a link to an executable virus that will infect your machine and potentially cause it to die a slow and painful death, worse still, eat away at your network, infecting other machines too. A new one, as mentioned in the BBC article, is the ‘phishing’ attack. The email looks like it’s from a genuine source – I get them mainly from reputedly my bank saying that I need to change my details. Fortunately, I have yet to fall victim, but I do understand how easy it would be.

An action plan

As mentioned above, get yourself a password manager – this is a good article on which one to choose the best password managers according to PC Magazine. Secondly, don’t share unnecessary information on-line. Check your accounts, hide your date of birth, your address and any other information that can be used to verify your identity to cyber criminals. Change your password on your home devices. Did you know that a lot of people keep the manufacturers’ passwords on their routers and devices? Now admit it…I bet you’re reading this and cringing… Don’t click on dodgy email links and if it is a bona fide email from the bank or an institution you trust, why don’t you call them and just double check? Last, but not least, keep your software and your virus definitions up to date. A lot of hacking comes from access to systems that are out of date.