Keeping yourself safe online
When it comes to online safety, we’ve all heard horror stories about people who have opened malicious emails or accidentally downloaded a virus onto their work computers. Back in 2017, there was widescale panic when hackers attacked NHS systems with the WannaCry cyber attack. This security breach showcased the realities behind using out of date software as hackers were able to lock out more than 200,000 users. It is estimated to have cost the NHS £92m and led to 19,000 cancelled appointments.
It’s not just NHS Trusts who are vulnerable to cybercrime. A recent report in Computer Weekly suggests that in 2019, local authorities in the UK were hit by an average of 800 cyber attacks every hour. From January-June 2019 alone, more than 263 million incidents were reported.
We share some tips to help you feel confident in knowing how to spot a potential phishing scam and/or potential cyber breach.
What is a phishing scam?
A phishing scam is when hackers use fake emails to try and steal valuable data. It may be trying to gain access to your bank account, or it could be attempting to guess your password to gain entry to your computer.
If you receive a suspicious email, a good tip is to always check the senders' email address. A legitimate, professional email will never come from a Gmail or Hotmail account. In some cases, hackers may use a similar-sounding email address to make themselves look genuine – always check for spelling mistakes.
If you have concerns, always ask your IT department to check the legitimacy of the email before opening it. When it comes to cybercrime, it is always better to be safe than sorry.
Don’t open unknown attachments
You should already know not to open unknown attachments or click suspicious links because this will inevitably be a stringent part of your internal IT policies. But mistakes do happen, so it’s wise to be able to spot the signs of a malicious link.
According to Tech Radar, a staggering “90% of data breaches are caused by human error". If you’re working in a large organisation where computer systems are networked together, it’s easy to see how a simple mistake can lead to disastrous consequences.
Your IT system may have warning alerts to make you aware of suspicious content – if this does happen, make sure you pay attention to it and ask your IT department for further guidance.
You can also hover your mouse over the link – a destination address should appear in a small bar at the bottom of your browser. If you are accessing a link on your mobile phone or a tablet, you can easily press and hold the link to allow a pop up to appear with the destination link. This will allow you to check its legitimacy.
Be aware of smishing scams
We are accustomed to being able to take advantage of free WiFi almost everywhere we go, but it’s important to understand the risks involved in using unsecured networks.
It is believed that in 2020, the latest security concern could relate to ‘smishing’ scams – this is where hackers attempt to gain access to your phone via SMS. Hackers can easily find your phone on a public WiFi network, so it’s crucial to reject any notification from an unknown phone to prevent a hacker from gaining access to your personal mobile phone and data.
Pay attention to your IT policies and procedures
The most effective thing you can do to protect yourself online is to pay due care and attention to your internal IT policies and procedures. Your IT department will have prepared systems that limit the risks of security breaches, but these are dependent upon every single employee paying attention and spotting the signs of a malicious attack.
If you have any questions or concerns about an email or a suspicious link, inform your IT department and ask them for their help and support. We have also written a selection of pieces around starting and navigating your social work career.