Ian started by relating his career path from banker to prison officer to prison governor of four prisons in the Scottish prison service. Despite his many years of service, not once did Ian come across a cyber criminal in his prisons – cyber crime is a new and growing form of criminal activity that has got considerably worse during the pandemic; in fact, something changes more or less every day in the world of cyber-crime, meaning that Ian has to regularly update his presentation.
Cyber-crime is the fastest-growing crime in the world, costing the world economy $2.9 million / minute. The real figure could be higher as many companies don’t report it.
The 5 kinds of cyber-crime are phishing, website-spoofing, malware, ransomware and IOT hacking. Phishing makes up 95% of cyber-crime.
Website-spoofing is when a site is set up that closely-resembles a trusted brand. Always look for the padlock sign on a website. Domain names that begin with https:// are usually safe, but criminals are starting to get around this safety measure.
Malware is designed to cause harm to a victim’s computer.
Ransomware encrypts software on a computer so that it no longer works. Even last weekend Colonial’s pipeline was hacked by a company that appeared to be based in Russia. The company had to close its operations and there were fuel shortages on the East Coast of America for several days after the attack took place. Such hackers are a major problem for governments. The fastest hackers in the world are from Russia – an attack can take as little as 19 minutes, which beats other hackers by 2 hours!
When the NHS systems were hacked a few years ago, a hacker from Ilfracombe helped them to sort the problem.
IOT, the internet of things, includes home thermostats, traffic lights, wearable devices CCTV cameras and smart doorbells. Incidentally, smart doorbells, which can be a great boon for home security, tend to come with weak passwords, so it’s important to change these as soon as you set up for a strong password.
Phishing has been around since fax machines! In 1995, a huge fax fraud was perpetrated by Nigerians against a far eastern bank. Now it usually comes in the form of emails, phone calls, letters or text messages, purporting to be from trustworthy sources – always be careful with links.Legitimate organisations never phone to ask you to move money. If you receive a call that you suspect may be fraudulent don’t phone your bank straight away as the fraudsters may still be on the line; either wait, use a different phone to ring the bank, or phone a friend so that the connection is broken. This type of crime can be very convincing, so don’t trust your caller display as criminals can number-spoof, making it appear that the call is actually from your bank. The best way to handle a phishing call is to put the phone down. Before selling a mobile phone, erase the information on it by resetting it to “factory settings”.
“Romance scamming” is a new area of cyber-crime, using dating apps and social media sites. 63% of the victims are women. In 2018, there were over 4 500 of these frauds in the UK alone, with a loss of £50.7 million, and the figures are rising all the time.
One of the latest form of this crime is “silent stealing”, where a criminal steals small amounts of money from lots of people. This is effective as people are less likely to report or even notice small thefts – keep alert!
- If something seems to be too good to be true, it probably is
- Never click on prize draw links and be careful with quizzes on social media
- The blue tick on a Facebook page that is meant guarantee that a page is genuine is quite easy for criminals to circumvent
- Check the source of your news – fake news is nothing new, it has been around since Roman times, it just spreads much more easily now
- If you get letters about debts you don’t have, your identity may have been stolen – it’s worth regularly checking your credit rating to keep ahead of this
Password tips:
They should be treated like pants: change them often, keep them private and never share them with anyone!
Use 3 random unrelated words, preferably unrelated to any traceable activities you are involved in.