Online Scams Increased

After terrorist attacks, natural disasters or political unrest scammers will often increase their activities. 

Their attacks come in three main ways:

  • messages asking for help using emails, text messages or social media posts which seem to be from the victims or their families.
  • fake official emails, text messages, social media posts and phone calls claiming to represent charitable organisations.
  • providing links to traumatic or sensational footage or images connected to the incident which lead to the automatic download of spyware, ransomware or other malware.
Safeguard yourself by following this advice:
  • Do not click on links in unexpected / unsolicited emails, social media posts, instant messages, or texts.
  • Do not click on attachments in unexpected / unsolicited emails.
  • If you get a phone call asaking for donations after an inciden,t regard it as fraudulent and put the phone down.

If you become the victim of a scam, contact Action Fraud on 0300 123 2040 or at www.actionfraud.police.uk 

Children's Online Safety

The NSPCC has an excellent four step plan to help children stay safe online. The steps are formed from the idea of families working as a TEAM

The steps are: 

  • Talk About staying safe online
  • Explore their online world together
  • Agree  rules about what's ok and what's not.
  • Manage your family's settings and controls

To visit the NSPCC Share Aware site click here

To visit the NSPCC Online Safety Site for more advice on keeping children safe online click here

To visit the NSPCC guide to the social networks children use click here

Ransomware Advice

What is Ransomware?

It is a form of malicious software (Malware) that enables cyber criminals to remotely lock down files on your computer or mobile device. Criminals will use ransomware to extort money from you (a ransom), before they restore access to your files. There are many ways that ransomware can infect your device, whether it be a link to a malicious website in an unsolicited email, or through a security vulnerability in a piece of software you use. This ransomware does not discriminate between businesses and individual users so everyone should read the below advice:
 

Key Protect advice for individuals to protect themselves from ransomware:

  • Install system and application updates on all devices as soon as they become available.
  • Install anti-virus software on all devices and keep it updated.
  • Create regular backups of your important files to a device (such as an external hard drive or memory stick) that isn’t left connected to your computer as any malware infection could spread to that too.
  • Only install apps from official app stores, such as Google’s Play Store, or Apple’s App Store as they offer better levels of protection than some 3rd party stores. Jailbreaking, rooting, or disabling any of the default security features of your device will make it more susceptible to malware infections.

Key Protect messages for businesses to protect themselves from ransomware:

  • Install system and application updates on all devices as soon as they become available.
  • Install anti-virus software on all devices and keep it updated.
  • Create regular backups of your important files to a device that isn’t left connected to your network as any malware infection could spread to that too.

  There are some direct advice links below for:

  • The Home User
  • The Enterprise User
  • General advice from the NCA.

The advice can also be found by going directly to the National Cyber Security Centre’s (NCSC) or Microsoft’s site.

Microsoft have advised their customers that “This ransomware can stop you from using your PC or accessing your data. Unlike other ransomware, however, this threat has worm capabilities.” and

“The exploit code used by this threat to spread to other computers was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems. The exploit does not affect Windows 10 PCs.”

Prepare:

  • Understand the technical estate (network) that you are responsible for, and patch all software on all systems within. Microsoft have also now released a patch for legacy Windows XP systems relevant to this malware.
  • NCSC have also released additional defence steps relevant to the enterprise network defender.
  • Use Anti-Virus software at all times and ensure that it too is updated.
  • Backup your system or critical data to a storage device that is not within the same network. Consider cloud storage options where suitable.
  • If you believe that you have been a victim of a ransomware attack, report it to your Local Police and in turn Action Fraud at http://www.actionfraud.police.uk/.

Master Level Guidance for use as reference:

The National Cyber Security Centre’s technical guidance includes specific

software patches to use that will prevent uninfected computers on your

network from becoming infected with the “WannaCry” Ransomware

Important information from Industry Partners to be used as reference:

·       Also from MS who have published a relevant patch for XP: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

 

Fraudsters may also attempt to exploit this high profile incident and use it as part of phishing/smishing campaigns. We urge people to be cautious if they receive any unsolicited communications from the NHS. The protect advice for that is the following:

  • An email address can be spoofed (faked). Don’t open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for your personal or financial details. 
  • The sender’s name and number in a text message can be spoofed, so even if the message appears to be from an organisation you know of, you should still exercise caution, particularly if the texts are asking you to click on a link or call a number.

Don’t disclose your personal or financial details during a cold call, and remember that the police and banks will never ring you and ask you to verify your PIN, withdraw your cash, or transfer your money to another “safe” account.