Copy
Regional Cyber Briefing
Tweet
Share
Forward

Current Threat
COVID-19 Themed Phishing/Fraud
We are urging organisations and the public to stay alert to phishing emails and spoof websites, and many other scams as criminals are exploiting fears surrounding the Coronavirus. There has also been an increase in phishing via text message.

Normally, our advice is aimed strongly at organisations, but the current situation isn't normal. With increased home working, increased isolation of potentially vulnerable people, and increased COVID-19 related phishing attacks, we need to raise awareness of how to stay safe not only against traditional cyber dependent attacks, but cyber enabled/fraud/scams as well. 

The chances are a lot of the people reading this newsletter have families, or are a part of community and volunteer groups, as well as working in organisations with links to people who fall into the above. We need you to raise awareness of the protective advice too, so please help us to help others. Below is some advice to help stay protected against phishing, and common social engineering tactics generally.

Advice

> Check that the message makes sense
This applies not only to the grammar and spelling, but also to the message as a whole - does what you are being asked to do sound right? Would that person typically ask you to do this action in this way?

> Always confirm that a message is genuine by calling the person or organisation involved
Avoid using any numbers featured in correspondence, look these up separately.

> Never click on links and attachments, unless you are 100% sure that they have been verified.
There is almost always another way to check (e.g. by using your web browser).

> Stop and think before engaging with any correspondence
This applies not only to emails but to calls/texts/social media messages. Criminals look to apply pressure in some way to force people into making mistakes, so take a step back, don't be rushed, and get a clear perspective.

> Only use official sources (e.g. Government website) for information around Coronavirus

> Watch out for fake login pages/URL spoofing
When visiting a page/logging in, check the URL in the address bar to ensure that you're on the correct page, and everything operates as it should do. For added peace of mind, you can bookmark important sites and only visit those sites via that bookmark.

> More information
The National Cyber Security Centre (NCSC) released a great article summarising the above situation, you can find it on their website at https://www.ncsc.gov.uk/news/cyber-experts-step-criminals-exploit-coronavirus

> Reporting
If you have been a victim of a cyber crime, please report it to Action Fraud, which is the UK's national cyber crime reporting portal. You can report through phone (0300 123 2040) or on their website at https://www.actionfraud.police.uk/

Reporting helps build intelligence for law enforcement, which can aid investigations as well as informational campaigns to prevent others from becoming victims.

Action Fraud operate a 24/7 live cyber reporting line for organisations! Further details at https://www.actionfraud.police.uk/campaign/24-7-live-cyber-reporting-for-businesses

Don't forget about the 'Essentials'

Although we are going through ‘unprecedented times’ we still need to ensure that the basics are still in place to keep organisations secure.

If your organisation is Cyber Essentials or Cyber Essentials Plus certified, ensure that you are still complying and meeting those criteria. Also, check that new ways of working maintain the cyber security of your organisation and help to protect both you and your customers.

If you don’t have Cyber Essentials or Cyber Essentials Plus, although now may not be the right time to get certified, you can easily start looking towards gaining certification when business as usual resumes.

The controls for Cyber Essentials covers some of our top tips for protecting organisations including:
  • Use a firewall to secure your internet connection
  • Secure your devices and accounts including strong passwords, and where possible, 2-factor authentication
  • Control who has access to data and services, including administrator access
  • Protect devices from malware and viruses with an up-to-date antivirus
  • Keep all devices, apps and software up-to-date by applying security updates as soon as possible
More information can be found on the Cyber Essentials website at https://www.cyberessentials.ncsc.gov.uk/advice/

Events

For the time being, some of our events have been postponed. However, if you're interested in either hosting or attending a workshop in the future, please do get in touch.

A lot of online events, networking groups, and support initiatives have been created over the last few weeks. If any of these would benefit from our cyber security advice and guidance, then contact us to let us know.

Useful Links
Action Fraud Updates
Action Fraud are contantly releasing alerts detailing the most common COVID-19 related frauds and scams, and the steps you can take to protect yourself. Please use their page and follow them on social media, more information is on their website at https://www.actionfraud.police.uk
Cyber Griffin Videos
Our colleagues over in the Met Police's Cyber Crime Unit have created a fantastic video series on how to stay secure whilst working at home. You can find it on YouTube at
https://www.youtube.com/playlist?list=PLoWZUquVJo4SLWKD5A96znBNi23UzOjiG
Take Five
Take Five is a campaign run by UK finance which looks to educate people on how to protect themselves and others from fraud. They have loads of guidance and materials which you can use and share online to help others. You can find these at 
https://takefive-stopfraud.org.uk/toolkit/

News
Beware fraud and scams during Covid-19 pandemic fraud
Criminals are using the Covid-19 pandemic to scam the public - don't become a victim. Read more (NCA) at https://nationalcrimeagency.gov.uk/news/fraud-scams-covid19
Cyber Security Breaches Survey 2020
The Department for Digital, Culture, Media & Sport (DCMS) have released a survey detailing business and charity action on cyber security, and the costs and impacts of cyber breaches and attacks. Read more at https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2020
Subscribe to this mailing list
Copyright © 2020 SW Regional Cyber Crime Unit, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp