The theme for Cybersecurity Awareness Month 2020 was “Do Your Part. #BeCyberSmart.” We want everyone to stay safe online, so check out the advice below.

The goal of our campaign is to promote the importance of maintaining good cybersecurity and provide resources that will help us all to employ good practices to keep our information safe and secure.

86% of us are using passwords that have already been stolen in a data breach

What can you do?

Practice Basic Cybersecurity Hygiene:

Did you know:

  • 94% of malware is delivered via email.
  • Phishing attacks account for more than 80% of reported security incidents. Phishing websites increased by 350% in March because of Covid-19
  • Human error makes up 90% of data breaches
  • Data breaches can cost millions of pounds

The most common way that Cybercriminals phish people is through email and social engineering. We are often susceptible to phishing attacks when we are most vulnerable either due to workload, family and health situations or simply not paying enough attention. Cybercriminals know this and take advantage of such situations. For example, Google's Cyber Security team reported that the volume of fraudulent emails relating to Covid-19 was 667% in March.

People have also reported receiving calls and text messages supposedly from government agencies such as HMRC and Internet Service Providers offering tax refunds, relief funds, a cure for Covid-19, free or cheap safety equipment.

Unfortunately, a lot of people have been falling victim to these scams.

What are we doing?

Passwords

Managing passwords can be a challenge. Most of us don't have just one or two passwords, but dozens when you include work and personal accounts.

Register for our password self-service for students at: https://www.gre.ac.uk/it-and-library/password. You'll be able to reset your portal password 24/7 without contacting the IT Service Desk.

Find out about our password policy at https://www.gre.ac.uk/it-and-library/infosec/protect-yourself/passwords

Patching

Make sure all your devices are patched and have up to date anti-virus software. If you get a new device, make sure you set up security features like a passcode or fingerprint scanning.

Phishing

Phishing emails try to trick you with messages such as requests for student fee payment, a tax refund or the offer of an educational grant. Thousands of different messages, all after the same things: Your data and your money. Never click on a link you don't completely recognise or trust.

Social Media

Not everything on social media is what it seems! Make sure that groups and stories are what they say they are, and don't join unless you're sure.

Be careful what you share - for example, telling everyone before you go away might not be the best idea.  You're saying "Yay I'm on Holiday!" Others might read "My house is empty."

Check web addresses

Before you click on a web link from an email, check that the address looks correct by hovering over the link. Check the security of the site before you enter any personal or financial data - if you don't see the padlock symbol the site is not encrypted, and your data will not be secure.

Treat your personal data like it's cash!

Protect yourself from identity theft, fraud and scams by being careful with your personal data. Only share it with companies and people that you trust, and only when required to do so. Remember, never share your passwords!

Beware Free Apps

Many apps are advertised as "Free", but often require access or permission to manipulate your personal data. Next time you're about to download an app, look at the access you're giving it, you may think again!

Turn On Device Location

Services such as Apple's Find my iPhone or Google's Find my Device will help you find your mobile device if you lose it. You may have left it at a friend's place, but you might need to erase the mobile data remotely.

Never plug unknown devices into your computer

USB sticks, portable hard drives, and even smartphones are not immune from malware infection. Before you plug anything into one of your own devices, make sure you know exactly where it came from and what is on it. Only plug in things from trusted sources. And never plug anything into a university computer.

Public or Free WiFi

It's important that you protect yourself when using these types of network as the characteristics that make them accessible and easy to use, also make them vulnerable! These networks are great for streaming music and video but avoid making online banking & shopping transactions while using it. Try to use your mobile data for this or wait till you get home!

Always logout at Home, Work or on Mobile

It's good practice to always log out of your online banking session when you have finished your business. You should also log out, or at least lock your PC, laptop or tablet when you're done, no matter where you are.