COVID-19 has been an Unexpected Gift for the Cyber Thief

Coronavirus has hit the world hard, in every imaginable way. While we deal with ill health, fear, lockdown, and social isolation, cybercriminals have seen an opportunity to pounce. Within weeks of COVID-19 hitting UK shores, phishing attacks had risen by 667%. And it would appear that no one is ‘off limits’ to these criminals with the World Health Organisation admitting that hacking activity against the agency and its partners had spiked.

By 17th April, cyber hackers had scammed £2,120,870 in the UK alone since the onset of the coronavirus pandemic. And it is not just the big boys that are being targeted. The man on the street has been plagued with bogus texts and emails from HMRC, NHS, and Tesco to name a few, in a bid to steal information and empty wallets. At the peak of this cyber plague, Google was blocking over 18million coronavirus scam emails a day, 900 advance-fee fraud schemes were removed and 471 fake PPE online shops had been taken down.

In response to this escalation in cybercrime, the National Cyber Security Centre (NCSC) gave us some top tips for protecting ourselves when we are online and from cybercriminals. Passwords were at the top of the list, and rightly so, with 123456 appearing in more than 23 million UK passwords.

So how can you protect yourself from Cybercrime?

The first thing you should do is update all of your devices to ensure they are secure and double-check your firewall and antivirus software to make sure it is up to the job.

Once you have done this, look at your passwords. Have one password for your email that you never use again on any other site and do not use anything easy to guess, including family names, pets, football teams, or any other information a hacker might be able to glean from your social media. Set up two-factor authentication on every account you have where it is available.

Most importantly, stop, take a moment, and do not react to emails, texts or calls, however official they look. If HMRC has emailed or texted you asking you to follow a link, go to the source to confirm it’s validity. And that applies to any contact you have from what appears to be an official source. Even if your bank calls you and you are unsure, put the phone down and call them on the number you use to contact them on a regular basis. No organisation minds having the phone put down on them (politely of course) or an email or text going unanswered. It demonstrates an awareness of cybercrime and how these criminals operate.

I always think, if it looks like a duck, swims like a duck and quacks like a duck, it probably is a duck. So if an email looks out of place to you, then it probably is. Don’t open it, delete it and report it.