Secure Your Personal Email & Social Media Accounts

Action Fraud, the national reporting centre for fraud and cyber crime, received 15,214 reports of email and social media hacking between February 2020 and February 2021 -  88 per cent of which were from individuals who had their personal accounts compromised by criminals. 
 
The City of London Police is urging the public to secure their social media and email accounts, after more than 15,000 accounts were compromised by criminals in the past year. 
 
Action Fraud has received 15,214 reports of email and social media hacking between February 2020 and February 202, 88 per cent of which were from individuals who had their personal accounts compromised by criminals.
 
The City of London Police’s National Fraud Intelligence Bureau  (NFIB), which assess the reports received by Action Fraud, says almost a quarter of victims (23%) were aged between 20 and 29. While organisations, such as limited companies, sole traders and charities, only made 1,741 reports of hacking, they reported losing £3.8 million to these crimes compared to the £283,500 lost by individual victims.
 
The warning comes as the NFIB’s Cyber Protect Cyber Protect team launches a national awareness campaign (Monday 22 March 2021) around the importance of securing your accounts to keep your information out of the hands of criminals.
 
Superintendent Sanjay Andersen, Head of the City of London Police’s National Fraud Intelligence Bureau, said: “Criminals hack people’s email and social media accounts to access a wealth of valuable personal information about the individual, which they can use to commit fraud. This includes passwords for other accounts like online banking. Criminals also use compromised accounts to imitate the victim online and trick their family and friends into sending money... One of the most important things that you can do to improve the security of your online accounts is having two-factor authentication enabled. Not only will it prevent hackers accessing your accounts even if they have your password, but it will also keep your valuable information out of the hands of criminals.”  

When analysing historic data, the NFIB found that during the financial year 19/20, Facebook, Instagram and Snapchat were the most reported platforms on which people had their social media accounts compromised.

Compromised Facebook accounts were commonly used to facilitate fraud, whereas compromised Instagram accounts were often used to obtain intimate images of the account holder. Similarly, compromised Snapchat accounts were often used for blackmail offences, such as sextortion.
 
The NFIB say the most common tactic criminals use to facilitate hacking offences is phishing messages, where recipients will be asked to click on a link which is designed to harvest their log in details and passwords. Other phishing messages may include a malicious attachment which can lead to people’s devices becoming infected with malware.  One victim who had multiple email and social media accounts hacked paid over £2,000 to regain access to them. Another victim reported that their hacked Facebook account was used to trick their friends into sending money to a PayPal account they thought belonged to them. 
 
One organisation had their business account on Instagram hacked. The organisation was extorted for money in order to regain access to the account, but once the organisation had paid the initial demand, the suspect continued to demand more money. 
 
The impact of having social media or email accounts compromised isn’t just financial. Research conducted by the NFIB found that victims said having their account compromised had a significant or severe emotional impact, as intimate photos and private details were exposed. 

How to protect yourself and keep your accounts secure: 

  • Use strong passwords to protect your email. You should also protect your other important accounts, such as banking or social media.
  • Enable two factor authentication (2FA). It will help to stop hackers from getting into your online accounts, even if they have your password.
  • Be cautious of social media messages that ask for your login details or authentication codes, even if the message appears to be from someone you know.
  • If you can't access your account, search the company's online support or help pages. You'll find information about how to recover your account.

You can report suspicious emails you have received but not acted upon, by forwarding the original message to report@phishing.gov.uk. You can report suspicious texts you have received but not acted upon, by forwarding the original message to 7726, which spells SPAM on your keypad.

What to do if your account has been compromised: 

  • If you cannot access your account as it has been compromised, follow the NCSC’s guidance on how to recover a compromised account.
  • If a demand for payment is made, do not pay any money to the suspect in order to regain access to your account. It’s likely the suspect will continue to demand more money instead of giving you control of your account back.
  • If you have paid any money, contact your bank immediately and report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040 as soon as possible.
Action Fraud:   Cyber Protect UK:      City of London Police:        ITPro:      Image: Unsplash
 
You Might Also Read: 
 
Instagram, TikTok & Twitter Shutdown Stolen Accounts:
 
 
 
 
« Britain's Cyber Force Toughens Up
China Plans For Supremacy In AI & Quantum Computing »

Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

WEBINAR: How To Build A Security Observability Strategy In AWS

WEBINAR: How To Build A Security Observability Strategy In AWS

Thursday, Apr 22, 2021 - Join this webinar to learn how to build a security observability strategy in AWS, covering cloud-native monitoring sources, guardrails, and automation capabilities.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CoreSite

CoreSite

CoreSite Realty Corporation (NYSE: COR) delivers secure, reliable, high-availability data center products and services across eight key North American

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

Global Information Assurance Certification (GIAC)

Global Information Assurance Certification (GIAC)

GIAC provides certification in the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Nullcon

Nullcon

Nullcon provides an integrated platform for exchanging information on the latest attack vectors, zero-day vulnerabilities and unknown threats.

Deep Mirror Automotive Cybersecurity

Deep Mirror Automotive Cybersecurity

Deep Mirror Automotive Cybersecurity make Cars & Infrastructures Cybersecure.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

TechRate

TechRate

Techrate is an analytics agency focused on blockchain technology and engineering. Or expertise includes security and technical audits of projects.

Tetra Tech

Tetra Tech

Tetra Tech is a cybersecurity leader with extensive experience in supporting enterprise-wide programs and systems across multiple business lines from industrial control systems to health IT.