This is an important information on the use of Two-factor (2FA) or Multi-factor (MFA) authentication on business and private online accounts.
Using 2FA and MFA means that even if criminals compromise an account password, they will be prevented or disrupted from gaining access, because they will not know the code generated by your account and sent to your mobile phone, or whatever option you have used in the MFA setup.
A quick example of its importance. The person has a Gmail account with 2FA set up on it, a couple of days ago the person received a text message from Google that stated an attempt had been made to access their account from Taiwan. If that person had not have 2FA setup, the cyber criminal would have been in the account quietly stealing private data, and possibly sending out phishing emails to all his contacts which would have appeared to have come from him.
For businesses and individuals using Office 365, please bear in mind the following fact:
Microsoft has reported that 1.2 million Office 365 accounts are compromised every month, which could be cut by 99.9 per cent if organisations enforced multi-factor authentication.
For advice about setting up 2FA and MFA, please visit:
https://www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2fa
The National Cyber Security Centre. (NCSC) Helping to make the UK the safest place to live and work online. www.ncsc.gov.uk
Message from Mr Nigel Sutton 8517, Cyber Protect Officer
Action Fraud are aware of a rumour currently circulating via WhatsApp, SMS and social media which references the City of London Police Fraud Team and claims that Danske Bank customers are being targeted by a particular text message (smishing) scam. The content of this message is false.
However, smishing scams are common. Don’t click on the links or attachments in any suspicious emails or texts, and never respond to messages that ask for your personal or financial details. It’s important to remember that your bank would never ask you to move money out of your account, or contact you out of the blue and ask for details such as your full banking password or PIN number.
Anyone who has divulged information after receiving this type of message should contact their bank immediately.Fraudulent websites are also being set-up, which offers an antivirus program to protect users against the coronavirus. Fraudsters trick users into downloading a remote access Trojan and install malware that could infect the user’s device. Once access has been obtained, the fraudster could act as a legitimate user but use this access to steal data and seek financial gain.
To report fraud or cyber crime, and for advice on how to avoid it visit www.actionfraud.police.uk
Businesses are contacted by someone pretending to be one of their suppliers and told they have changed their bank, requesting they amend the direct debit to reflect this. The genuine supplier then gets in touch to ask what happened to the monthly payments.
Verify all invoices, as well as requests to change bank account details. To check a request is legitimate, contact the supplier directly using established contact details you have on file.
To report fraud or cyber crime, and for advice on how to avoid it visit www.actionfraud.police.uk
The video conferencing application ZOOM has rapidly gainedpopularity during the current situation. It’s easy and free –it is a popular way to stay in touch.
There are several reports in the media, both mainstream and Cyber, raising doubts about the security of ZOOM.
In the current unprecedented circumstances the need for effective channels of communication are vital. NCSC guidance shows there is no security reason for Zoom not to be used for conversations below a certain classification. The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. In this case, the most important aspect is to use the latest version of the application and follow vendor security advice. More information can be found at: https://zoom.us/security
Top tips for video users:
• Think about location -what can be seen in the background?
• Do you have Alexa, Siri or Google Assistant listening in the background?
• Sharing your screen –think about what else can be seen when you “share”
Reporting is CRUCIAL. If you think you’ve been a victim of fraud report this to Action Fraud either onlineat or by calling 0300 123 2040.
Santander have reported that an alarming amount of people under the age of 25 are being tricked into clicking on fraudulent hashtags and becoming money mules – a crime which can see lead to a prison sentence of up to 14 years. Money mules are individuals who allow criminals to use their bank accounts to transfer money associated with illegal activity, and are more often than not offered cash in return for doing so. Santander says that the amount of money mules has increased by 29 per cent in the last year alone, with 49 per cent of them being under the age of 25 – 70 per cent of people are said to be unaware about what a money mule actually is, which a factor which illustrates just how valuable unsuspecting social media users can be to criminals.
These are the hashtags NOT to click on:
#Moneyflipsuk
#Mflipssss
#Deetsandflips
#Deetsandflipping
#legitmoneyflips
#flipsanddeets
#PayPalFlip
#RealMoneyTransfers
#UkFlips
#EasyMoney
For more information please visit the media article below:
https://www.mirror.co.uk/money/ten-hashtags-clicking-can-land-19349453
What is SSL Certificate?
SSL stands for ‘Secure Socket’ Layer Certificate. It is also known ‘Digital Certificate’. SSL Certificate creates a secure link between a website and a visitor’s browser. This is to ensure that all data passed between the two remains private and secure. SSL encryption prevents hackers from stealing private information such as card numbers, names, addresses and any confidential informations you fill on the webpage.
We are still working on our website adding new information on a regular basis. Please drop us a line if you can’t find what you are looking for.
To view my posts on online securities, please select the link Online Securities on the right.
I collected information on this subject from reliable sources like the police online scurity team and the Neighbourhood watch team. Sometimes we can be overhelmed with so many messages bombarded at us from so many sources that we missed out the important ones. The idea of having it in one place is to give you the freedom to browse through your own time and space.