Thursday Thoughts - 14 April 2022

A short Thursday thoughts this week as it is a Holiday Weekend and so just going to cover the really important issues of keeping ourselves safe. I’ve chosen this focus because the NCSC have been urging UK businesses this week “to bolster their online defences in response to Russia’s attack on Ukraine”. I’m a firm believer that if you look after your own cyber security in an effective way it translates into better practice in the workplace. So here are some things to think about and discuss with your nearest and dearest this weekend.

Here are some of the cyber jobs on the “to do” list; privacy settings on social media accounts, checking passwords on new “smart home devices” aren’t 0000, having that social media talk with the children and, if you do nothing else, enable that face/thumb print on your device or set up an authenticator app.

8 in 10 of us receive scam calls and texts but fewer than 2 in 10 report it to the authorities. As this week saw the return of the “02 40% Discount Scam” no doubt there will be Budget Related scams to follow relating to Company Dividends, National Insurance etc to follow.

Have you updated the Privacy Settings on Social Media Accounts

It is surprising how many users are still willing to take risks with their privacy online in ways they would never do in public. With many being still quite happy for their date of birth and hometown to be seen by people they do not know and about 16% of users still share their contact details with anyone (or friends of friends). It's worth exercising some caution though because not everyone is necessarily who they say they are.

Most users are aware of terms and conditions and privacy statements for the platforms they use only about 25% actually read them and even fewer take the time to set up the privacy settings on their account. Very often it is put in the do “later” pile. Too many also answer those social media quizzes which ask about pets, cars, schools … harmless? Well in the wrong hands that sort of information could be used to hack one of your accounts.

The NCSC have guidance from each of the major social media platforms on how to protect your privacy while using the platform. https://www.ncsc.gov.uk/guidance/social-media-how-to-use-it-safely .... Facebook - Basic privacy settings and tools, Twitter - How to protect and unprotect your Tweets, YouTube - Privacy and safety, Instagram - Privacy settings and information, LinkedIn - Account and privacy settings overview, Snapchat - Privacy settings, Tiktok - Privacy and security settings

Social Media and Children

Most platforms require users to be at least 13 years old but it is all too easy for an individual to lie about their date of birth. If it’s time to have the “social media” chat with your child and you don’t know where to start here are some great sources of advice on how to keep children safe online:

• Thinkuknow: National Crime Agency: education programme for children (https://www.thinkuknow.co.uk/11_13/need-advice/digital-footprint/)

• Internet Matters.Org: Social Media Tips https://www.internetmatters.org/advice/social-media/

• NSPCC: keep your child safe on social networks https://www.nspcc.org.uk/preventing-abuse/keeping-children-safe/share-aware/

Have you Secured ALL your accounts with 2FA Yet

Last week’s MailChimp breach prompted many of us to check that they had set up 2FA on our MailChimp accounts. Most of us are very good at starting to secure our accounts with the best of intentions but very often the enormity of setting it up 2FA on every business and home account gets to us and we leave a couple of the less important jobs till “later”. The Cyber Aware website contains links on how to set up 2SV across popular online services such as Instagram, Snapchat, Twitter and Facebook and you will find guidance on how you can set up two-factor authentication (2FA) on your accounts on the NCSC website: https://www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2fa.

The O2 40% Discount Scam is back

About this time last year there were a spate of O2 scams going round and it looks like the same is happening this week. I’ve seen reports of individuals receiving 5-6 calls from various numbers offering a 40% discount off their O2 bill. Be assured 02 will not be contacting you by phone because “you are a good customer” or even as a “goodwill gesture”. So if you get a call and then they ask for the “one time password” that has just been texted to your phone DON’T GIVE IT TO THEM. They are almost certainly trying to get into your account. Just hang up … if you are really curious contact O2 using a different phone and the number on your bill.

And here are some other scams to be wary of:

• the Government will not email you asking for your bank details.

• HMRC will not email about a tax refund.

• banks already have your details so don’t need them from you.

• no approved coronavirus testing kits are currently on sale in UK.

• local hospitals will not email you to say you’ve had contact with an infected worker.

• PayPal will not send you an email that asks you to verify your identity by clicking on the button “Secure and update my account now!”.

Reporting that suspicious Message or Call

8 in 10 of us are likely to receive scam calls and texts each year but fewer than 2 in 10 report it to the authorities. There are no doubt a number of reasons for this but really it is very easy. Action Fraud www.actionfraud.police.uk (0300 123 2040) or the National Cyber Security Centre investigate these scammers and take them down. Use NCSC “report it” system emails can be forwarded to report@phishing.gov.uk and forward texts to 7726.