Merseyside Police is getting behind Cybersecurity Awareness Month, which is aimed at raising awareness of the importance of cybersecurity.
Cybersecurity Awareness Month, which is celebrated every October, was created in 2004 in America as a collaborative effort between organisations to ensure everyone has the resources they need to stay safer and more secure online.
Since then, it has become a global event with governments and cyber-focused organisations promoting cyber security awareness.
In an age where personal data is a valuable commodity, individuals must be vigilant about safeguarding their information.
In 2023, there are four key behaviours that are being promoted to internet users to help keep them safe from Cybercrime. These are:
- strong passwords and password management
- multi-factor authentication
- recognising and reporting phishing
- updating software
Cyber-dependent crimes, or ‘pure’ cyber-crimes, are offences that can only be committed using a computer, computer networks or other forms of information communications technology such as hacking, ransomware, malware, DOS and DDOS attacks.
Since 1 April 2023, Merseyside has received 202 reports of Cyber Dependant Crime through Action Fraud.
The main type is hacking of social media, with Facebook and Instagram being the main social media accounts targeted.
Once a victim’s social media account is taken over, the attacker will firstly secure it so it can no longer be accessed. They will then start using the account to try and scam the victim’s contacts.
Victims not only lose access to their social media but also to photos and memories that they have stored on there.
A lot of these can be prevented by the following steps:
- Use of strong and separate password https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/use-a-strong-and-separate-password-for-email
- Install latest software and app updates – Install the latest software and app updates – NCSC.GOV.UK
- Applying 2FA to your accounts – Turn on 2-step verification (2SV) – NCSC.GOV.UK
- Password Managers – Password managers: using browsers and apps to safely store… – NCSC.GOV.UK
If you Social Media Account is compromised, NCSC provides this advice for victims
Text messages and emails impersonating well-known organisations also remains a common tactic used by criminals.
Phishing attacks, whether it’s a text message purporting to be from your bank or an email claiming to be from the HMRC are a common security challenge that both individuals and businesses across the UK face on a daily basis.
Detective Inspector John Black from Merseyside Police’s cyber team said: “If you receive an email or text message that you think might be a scam, don’t respond to it or click any links in the message or email. Instead, contact the organisation directly using contact information from the company’s official website, and not the links or numbers provided in the message itself.
“If you think you have been a victim of fraud, report it to Action Fraud at www.actionfraud.police.uk or by calling 0300 123 2040. By reporting phishing scams or suspected fraud you are directly helping us in our work to identify and stop these criminals and helping us protect others from these scams.”
Most of the phishing scams reported have one thing in common, they started with an unexpected email or text message.
Here’s some simple advice you can follow when it comes to dealing with phishing scams:
1 – If you have any doubts about a message, contact the organisation directly.
Don’t use the numbers or address in the message – use the details from their official website. Remember, your bank (or any other official source) will never ask you to supply personal information via email.
2 – If you think an email could be a scam, you can report it by forwarding the email to: email@example.com. Send us emails that feel suspicious, even if you’re not certain they’re a scam – we can check.
3 – Most phone providers are part of a scheme that allows customers to report suspicious text messages for free by forwarding it to 7726. If you forward a text to 7726, your provider can investigate the origin of the text and arrange to block or ban the sender, if it’s found to be malicious.
4 – If you’ve lost money or provided personal information as a result of a phishing scam, notify your bank immediately and report it to Action Fraud: www.actionfraud.police.uk
Merseyside Police work with the NPCC to promote Cyber Alarm, which can provide businesses and organisations with regular reports, including automated vulnerability scanning, and threat intelligence. It also directly assists Law Enforcement with access to data surrounding infrastructure used in Cyber Crime.
You can find more information about the project in the PDF Document attached, and you can sign up to become a Cyber Alarm Member at https://www.cyberalarm.police.uk/ .
Merseyside Police also work with the Merseyside Police and Crime Commissioner to promote membership of Merseyside Cyber Resilience Centre. This is a Police partnership to provide further support for businesses and organisations to protect themselves against Cyber Threats. You can sign up for membership at www.nwcrc.co.uk.
For more advice on how to protect yourself online, visit cyberaware.gov.uk