Cyber Essentials…

What do evil twins, piggybacking and smishing all have in common with your insurance?

Alongside their companions called phishing, wardriving, wireless sniffing and shoulder surfing; evil twins, piggybacking and smishing are all the rage if you’re into a spot of identity theft and cybercrime. And when it comes to your insurance, is now the time to accept the change and start protecting yourself from online fraud?

Since the arrival of the Coronavirus pandemic, scammers have sent 18million hoax emails about Covid 19 to Gmail users alone¹. Action Fraud and the DCPCU are constantly monitoring rogue behaviour, and just last week a man was arrested for sending a large-scale ‘smishing’ text message campaign which exploited concerns around Covid-19 to defraud the public.

These false SMS messages pretended to be from the UK Government with the aim of tricking customers into giving away their personal and bank account details that could later be used to commit fraud. Sound familiar? We’ve all received those emails which make us stop in our tracks and question the authenticity. Without question, the paperwork side of ‘life admin’ is now predominately online – so it is so easy to see how one falls into such traps.

The Covid-19 Side-Effect?

 With so many of us isolating at home we are turning to on-line shopping (with a surge of initial toilet-roll bulk-buying) more than ever. Business is being conducted from unsecure networks, and data breaches are a daily occurrence. Big names such as Tesco, Boots and easyJet have all suffered data breaches since March which makes us question “how safe is our online presence? And what can we do to protect ourselves?”

“Customers have accepted that fires and burglaries are a possible risk and insure themselves accordingly, but they are not realising the extent of cybercrime. Anyone can be hacked. A client of ours was buying a house, they believed they were transferring the deposit to the solicitor but turns out of course the email had been intercepted and the funds were sent via BACS to a fraudster.” Says Miles Brown, Business Development Executive at Lloyd & Whyte.

What are the real dangers at home?

 The dangers at home are more prevalent whilst more of us are working from home. The National Cyber Security Centre have notified 5 key attackers:

• Cyber criminals – They want to make money through their fraudulent activity. They can gain access to your sensitive data and sell it on.
• Hackers – These computer whizzes love the challenge of interfering with computer systems and some just do it for fun.
• Hacktivists – wish to attack people or companies for political aggreivance or ideological motives
• Industrial competitors and foreign intelligence services. They are interested in gaining an economic advantage for their company or country.
• Employees or those who have legitimate access, either by accidental or deliberate misuse.

This all sounds pretty scary and there’s always the thought that ‘ it won’t happen to me’. Sadly since the outbreak of Coronavirus, fraud reports have increased by 400%. Action Fraud, run by the City of London Police( www.actionfraud.police.uk) say many of the scams were related to people ordering facemasks and hand sanitiser which never arrived with total losses reaching nearly £970,000.

My running leggings hacked into my bank account?!

OK so maybe your latest fitness gear didn’t run circles around you (excuse the pun) but what these technology-enhanced gadgets and everyday household items can do is open a gateway to attackers. The “Internet of Things” (IoT) may be used for seemingly innocuous purposes, be they security cameras, printers, lighting systems or the latest ‘sensor technology-enhanced Lumo running leggings’, but they are frequently overlooked from a security perspective and it is this vulnerability which you need to protect yourself against.

Is it child’s play?

Just like the plethora of IoT devices allowing a gateway into your home, the other obvious weak point can be the gaming from within your child’s bedroom.  According to the UK government site www.ncsc.gov.uk, an estimated 1.2billion of us are regularly logging on, signing up and playing games online.

The moment money or personal data is exchanged online, cybercriminals will be on the hunt to steal your valuable data and potentially access to your money. The following advice from the NCSC applies for all technology be it your phone, tablet or games console:

1. Secure your devices. Keep your software up to date and consider using antivirus software
2. Account protection. Your gaming accounts should be well protected with a strong password, ideally one that isn’t used elsewhere. You should also turn on two factor authentication to provide you with an extra layer of protection.
3. Protect your privacy. Avoid giving out personal information to other players. Apply privacy settings and don’t give out personal information about yourself to unknown gamers.
4. Use official sources or stores. Cyber attackers often circumvent in-game security measures by persuading you to do something outside of the game itself i.e. a player may suggest that you install an ‘upgrade’ and then offer to send you a link… this link will then of course be a phishing email. If you rely purely on official sources for your software you are much less likely to install malware on your device.

Social media Impersonation.

Your credibility (and public image) can be at stake if a hacker breaks your password and posts inappropriate comments on your social media account.  First steps are to immediately change your password (if you can get back in control of your account). If this is not possible,  then you need to contact the social media provider directly for help. There are informal groups of companies who actively work in cyber security known as Cyber Security Clusters. These groups are volunteer organisations who can provide you with useful advice.

To find your local cluster visit; https://www.ukcybersecurityforum.com/cyber-security-clusters.

Be aware that the repercussions of someone gaining access to your account can be costly and there are ways to protect yourself against this. See below.

What is the government doing about it?

Forecasts vary but trends suggest that by 2025 there will be an estimated 75billion IoT devices worldwide. Matt Warman, MP for the UK government Department for Digital, Culture, Media and Sport ( DCMS) has drafted a new law for the growing consumer connected objects (IoT). With between 10-15 smart devices per UK household in 2020 Warman is looking to take a more rigorous approach to security. The law is hoping to see an enforcement of unique passwords and wants to be sure that consumers will be made aware of security updates when buying new products.

So how do you protect yourself financially from Cybercrime?

Whilst not common place in the market, some Home insurers are now beginning to include ‘Home Cyber Protection’ within their policies. We are fortunate to work closely with High-Value insurance providers who can now include this cover, offering protection such as;

• Home system restoration including virus removal, following attacks which damage your computer system or harm your digital data
• Cyber crimes such as fraud, telephone hacking and cyber ransom
• Online liability to protect you against accusations of defamation, virus transmission and breaches of data privacy

All of these threats and dangers are sadly becoming more prevalent on a daily basis. To discuss the potential threats to you and if you believe that you could benefit from Cyber Insurance then please give us a call. Please note, the nature of the events insured and cover provided can differ from insurer to insurer. If you have concerns about any specific risks, please make your adviser aware so that they can ensure the most appropriate policy is selected.

¹  https://www.bbc.co.uk/news/technology-52319093 – April 2020

Please note, the links will take you away from our website. We are not responsible for the content on external sites.