134% increase in cybercrime!
Fraud costs the UK economy £193 billion a year. That equates to more than £6,000 lost every second of every day. While fraud comes in all shapes and sizes, one area worth focusing on is cybercrime: what it is, how to identify it, and what you can do to protect yourself.
What is cybercrime?
Simply put, it is ‘cyber enabled crime’, where a criminal uses computers or the internet to carry out their crime.
Where it gets more complex is the number of ways in which criminals can carry out a cyber-attack: from business to personal, hacking, ransomware, phishing. All of it is intended to take something from the system, device or user that is targeted, whether money or intellectual property. Sometimes they will want to gain access to your personal information, from your full name, date of birth, telephone number and more, and this can be referred to as ‘data’. In the UK, you can report cybercrime to Action Fraud.
One soft touch for scammers is social media. It is incredible how much information we freely give away on our social media accounts, whether personal or professional. With a 134% increase in cybercrime over the last year, we run through some tips to help keep you safe on social media.
How to prevent cybercrime
Data security on social media
This blogger’s father-in-law was in hospital when his Facebook account was ‘hacked’, or rather ‘duplicated’, with a scammer lifting all of his recent photographs to create a new account, and make it appear authentic. The scammer sent my father-in-law’s contacts, who were publicly available, a connection request saying he couldn’t access his old account and wanted to reconnect using his new account.
Of course, father-in-law confirmed it wasn’t him when we spoke to him, but we accepted the invite to find out who it was. We then received a request for ‘money to buy a motorhome for retirement’. Sadly, father-in-law died during this time, and my husband was having to respond to friends and relatives asking him why his dad was asking them for money.
The scammer had tapped into psychology, which could well have earned them some cash. This type of connection request wasn’t out of the ordinary, it was ‘plausible’. We have elderly relatives with five Facebook accounts each as they keep forgetting their log in details and set up new profiles, or create new profiles every time they purchase a new mobile or tablet, so the request itself wasn’t particularly unusual.
The key point here is to ensure you shut down any profiles you don’t use – and lock down the ones you do use – as they may well be picked up by a scammer.
If you spot any account you believe to be fake, report it to help keep the community safe.
All social media platforms have privacy settings which follow a similar ‘flow’ of ‘Account’, ‘Settings’, ‘Privacy’ or similar. Here is one to start with.
Lockdown your Facebook account:
Run a privacy check-up – available under your ‘Account’ dropdown, then ‘Privacy Settings and Tools’. This will tell you who can see your profile, your data settings and offers tips on how to keep your account secure.Ensure you understand your level of privacy on the account(s) that you do use.Where possible, ensure your contacts and images are private to your connections only. These options are located in the ‘Account’ dropdown, then ‘Privacy Settings and Tools’.Hide your date of birth via your privacy settings, you can also opt to display your birthday but without your year of birth.Deactivate old profiles. You can do this via ‘Account’, then ‘Your Facebook information’ and ‘Deactivation and deletion.’.Facebook’s Help Centre has advice if you have lost your account details. It will also give you an option to ‘Fix a Problem’.Change your password and ensure it is at least 10 characters long (see our table below)!
How to make a secure password
Every year, NordPass reviews the most common passwords, globally, and despite the warnings, the most popular password in the UK remains ‘123456’, which would take less than a second to hack.
The password ‘password’ is number 2, again, less than a second to hack. Hackers will know that these passwords will likely be the same across all logins for a user so will try it on several websites.
Length of password is important! The table below illustrates the time taken to crack an 8-character passwords. For a long time, the 8 characters password (which includes upper and lower case, number and special characters) has been the default and acceptable length for a password. It would now take just 8 hours to crack it. Just by adding another 2 characters, it increases the time to hack it to 5 years. By increasing your password by just one more character, to 11 characters, it increases the hack time to an incredible 400 years!
Image courtesy of Hive Systems
Have I been Pwned?
The term ‘pwned’ has grown in popularity over the last decade, originally believed to be a typo of ‘owned’ by less experienced developers! Now, the term is searched every day.
To be ‘pwned’ means your email address and/or password has been digitally compromised, and that a hacker has obtained your details entered them into another site. It usually occurs following a data breach, for example, in April 2021, 500 million Facebook users saw their data (names, email addresses, date of birth, location, employer and more) made available for download.
So, what can you do about it?
Haveibeenpwned.com (HIBP) is a public service website, set up by Microsoft Regional Developer Troy Hunt, to help you check your exposure. Enter your email address, business or personal, and the website will tell you whether your email address(es) have been compromised (or ‘pwned’/’owned’), in a data breach.
The site is safe to use and doesn’t record any user data. It will confirm whether or not your details have been breached, and you can then decide if you want to change your passwords or switch email address. Go ahead and check your work and personal emails now, you may be surprised by the results.
Make sure you follow us as we will keep you updated with various tips to keep you cyber secure during 2002.
