How you can protect yourself against the different forms of cybercrime.
On this page:
Criminals can take advantage of the internet and information technology. They do this for profit, notoriety or to cause harm.
Cyber security is how businesses can reduce the risk of becoming victims of a cyber incidents.
Cyber security is about protecting the devices we all use (smartphones, laptops, tablets and computers). It's also about protecting the services we access from theft or damage.
It's also about stopping people getting access to personal information we store on these devices.
It's more important than ever to prevent cyber criminals get hold of our accounts, data and devices. This includes online banking and shopping, to email and social media.
Cybercrime takes many different forms. For example:
- Account compromise
- Business email compromise
- Denial of service attack.
Ransomware is a type of malicious software (malware) that prevents a user from accessing a computer or data.
The computer itself may become locked. The data on it might be stolen, deleted or encrypted.
Some ransomware will also try to spread to other machines on the network. This can include any backup storage devices connected to the network.
Ransomware attacks are carried out using malware disguised as a legitimate file. The user is tricked into downloading or opening it when it arrives as an email attachment.
A popup message or note is left on the computer asking for a payment to get access to the data.
However, even if a payment is made, there is no guarantee that you'll be able to regain access.
The National Cyber Security Centre (NCSC) has published advice to help individuals and businesses reduce malware and ransomware attacks
- Make regular backups of important information. For example, photos and financial documents. Check you know how to restore this
- Make sure the device with your backup is not permanently connected to your computer. Use an external hard drive or USB stick
- Consider backing up to the cloud. This means you'll be able to access your data quickly from anywhere.
Protecting your data and devices
The following steps will reduce your chances of being infected with Ransomware.
Keep your operating system and software (apps) up to date. Don't put off adding updates. They contain patches that keep your device secure. This includes protection from ransomware and viruses.
Make sure your antivirus product is turned on and up to date. Windows has a built in malware protection tool (Microsoft Defender) which can be used.
Avoid downloading unofficial apps. Only use official app stores (like Google Play or the Apple App Store). They give protection from viruses.
What to do if affected by Ransomware
If your computer or device has been infected by ransomware (or any type of malware), you should:
Open your antivirus (AV) software and run a full scan. Follow any instructions given. If your AV can’t clean your device, you’ll have to wipe it entirely, factory-reset and re-install everything. This will start with your operating system.
Restore your backed-up data that you have kept on a separate device. This should be on a USB stick, external hard drive or cloud storage.
Do not copy any data from the infected computer or device.
If you receive a phone call offering help to clean up your computer, hang up immediately. This is a common tactic used by cyber criminals.
Sometimes devices can be ‘unlocked’ by using the FREE Police and Industry backed Europol initiative, No More Ransom: https://www.nomoreransom.org/en/index.html
If you think your PC, tablet or phone has been infected with a virus or some other form of malware, follow the advice from NCSC. It will remove the infection and restore your device.
Should I pay the ransom?
Police Scotland and partners, including NCSC do not encourage, endorse, nor condone the payment of ransom demands.
If you do:
- There is no guarantee that you will get access to your data or device
- Your device will still be infected
- You will be paying a criminal group
- You're more likely to be targeted in the future.
We would advise anyone who has been a victim of a ransomware attack to contact Police Scotland on 101 (Non-emergency).
Contact 999 if there may be a threat to life or threat to national infrastructure.
There are many things which can alert you to the fact that someone else is accessing your account.
Being locked out of the account is an obvious sign that something has gone wrong. However, the signs can be more subtle.
Things to look out for include logins or attempted logins from strange locations or at strange times. Also look for changes to your security settings. Messages sent from your account that you don't recognise are also give aways.
Once you know your account has been hacked, NCSC have a step by step guide to help you regain control. They can help you stay protected against future attacks.
Business email compromise (BEC) is a form of phishing attack. A criminal can try to trick a senior executive (or budget holder) into transferring funds. It can also be about revealing sensitive information.
The criminals behind BEC send convincing emails that request unusual payments. They may contain links to 'dodgy' websites.
Some emails may contain viruses disguised as harmless attachments. These are activated when opened.
Unlike standard phishing emails that are sent out to millions of people, BEC attacks are crafted to appeal to specific individuals. They can be even harder to detect.
BEC is a threat to all organisations of all sizes and across all sectors. This also includes non-profit organisations and government.
What are the signs of BEC?
- Unsolicited email/phone call
- Pressure and urgency
- Direct contact from a senior official you are normally not in contact with
- Unusual request in contradiction with internal procedures
- Request for confidentiality
- Threats or unusual flattery/promises of reward.
What can I do to prevent this?
Protect your account with a strong password. Remember, a strong password will consist of at least 3 random words. It should be longer than 12 characters and include numbers, symbols and capital letters. It will be unique to that account and not used for other accounts.
Use 2-factor-authentication (2FA). This is sometimes called 2-factor verification. It is an extra layer of security to stop criminals accessing your account. Please see NCSC advice on setting up 2FA.
Businesses should consider the way they manage payment requests received by e-mail. This will stop the risk of mandate fraud.
Check your e-mail rules regularly. Make sure you are the author of them.
Check your account security history to make sure there's no unusual login activity is taking place.
Check for compromised accounts at Have I Been Pwned. Remember to change any that have been compromised. Register to receive notification of future data breaches involving your username(s).
This is when your business, personal website or IT system has come under some form of cyber-attack. Users are then unable to access the systems.
If you believe that you have been the victim of a Cybercrime, you can report it to Police Scotland.
NCSC have guidance to help organisations understand and reduce DoS attacks.
You can report cybercrime to Police Scotland by phoning 101 (non-emergency) or 999 (emergency).
Cyber Scotland resource for individuals and organisations across the public, private, and third sectors
CEOP information and advice about how to keep your child safe online
Get Safe Online personal and business advice
Cyber Aware government’s advice on how to stay secure online
NCSC support the most critical organisations in the UK, the wider public sector, industry, SMEs as well as the general public.
NCSC Small Business Guide sets out five key areas for businesses to help improve their cyber security
Cyber security advice businesses, charities and critical national infrastructure with over 250 employees
NCSC Exercise in a Box is an online tool helping organisations find out how resilient they are to cyber-attacks
Stay Safe Online: Top Tips for Staff NCSC free e-learning training package
Scottish Business Resilience Centre aims to provide businesses with a one stop shop for business security and advice
SBRC Cyber Triage Service UK’s first cyber incident response helpline for the SME community and the third sector