Secure Your Personal Email & Social Media Accounts

Action Fraud, the national reporting centre for fraud and cyber crime, received 15,214 reports of email and social media hacking between February 2020 and February 2021 -  88 per cent of which were from individuals who had their personal accounts compromised by criminals. 
 
The City of London Police is urging the public to secure their social media and email accounts, after more than 15,000 accounts were compromised by criminals in the past year. 
 
Action Fraud has received 15,214 reports of email and social media hacking between February 2020 and February 202, 88 per cent of which were from individuals who had their personal accounts compromised by criminals.
 
The City of London Police’s National Fraud Intelligence Bureau  (NFIB), which assess the reports received by Action Fraud, says almost a quarter of victims (23%) were aged between 20 and 29. While organisations, such as limited companies, sole traders and charities, only made 1,741 reports of hacking, they reported losing £3.8 million to these crimes compared to the £283,500 lost by individual victims.
 
The warning comes as the NFIB’s Cyber Protect Cyber Protect team launches a national awareness campaign (Monday 22 March 2021) around the importance of securing your accounts to keep your information out of the hands of criminals.
 
Superintendent Sanjay Andersen, Head of the City of London Police’s National Fraud Intelligence Bureau, said: “Criminals hack people’s email and social media accounts to access a wealth of valuable personal information about the individual, which they can use to commit fraud. This includes passwords for other accounts like online banking. Criminals also use compromised accounts to imitate the victim online and trick their family and friends into sending money... One of the most important things that you can do to improve the security of your online accounts is having two-factor authentication enabled. Not only will it prevent hackers accessing your accounts even if they have your password, but it will also keep your valuable information out of the hands of criminals.”  

When analysing historic data, the NFIB found that during the financial year 19/20, Facebook, Instagram and Snapchat were the most reported platforms on which people had their social media accounts compromised.

Compromised Facebook accounts were commonly used to facilitate fraud, whereas compromised Instagram accounts were often used to obtain intimate images of the account holder. Similarly, compromised Snapchat accounts were often used for blackmail offences, such as sextortion.
 
The NFIB say the most common tactic criminals use to facilitate hacking offences is phishing messages, where recipients will be asked to click on a link which is designed to harvest their log in details and passwords. Other phishing messages may include a malicious attachment which can lead to people’s devices becoming infected with malware.  One victim who had multiple email and social media accounts hacked paid over £2,000 to regain access to them. Another victim reported that their hacked Facebook account was used to trick their friends into sending money to a PayPal account they thought belonged to them. 
 
One organisation had their business account on Instagram hacked. The organisation was extorted for money in order to regain access to the account, but once the organisation had paid the initial demand, the suspect continued to demand more money. 
 
The impact of having social media or email accounts compromised isn’t just financial. Research conducted by the NFIB found that victims said having their account compromised had a significant or severe emotional impact, as intimate photos and private details were exposed. 

How to protect yourself and keep your accounts secure: 

  • Use strong passwords to protect your email. You should also protect your other important accounts, such as banking or social media.
  • Enable two factor authentication (2FA). It will help to stop hackers from getting into your online accounts, even if they have your password.
  • Be cautious of social media messages that ask for your login details or authentication codes, even if the message appears to be from someone you know.
  • If you can't access your account, search the company's online support or help pages. You'll find information about how to recover your account.

You can report suspicious emails you have received but not acted upon, by forwarding the original message to report@phishing.gov.uk. You can report suspicious texts you have received but not acted upon, by forwarding the original message to 7726, which spells SPAM on your keypad.

What to do if your account has been compromised: 

  • If you cannot access your account as it has been compromised, follow the NCSC’s guidance on how to recover a compromised account.
  • If a demand for payment is made, do not pay any money to the suspect in order to regain access to your account. It’s likely the suspect will continue to demand more money instead of giving you control of your account back.
  • If you have paid any money, contact your bank immediately and report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040 as soon as possible.
Action Fraud:   Cyber Protect UK:      City of London Police:        ITPro:      Image: Unsplash
 
You Might Also Read: 
 
Instagram, TikTok & Twitter Shutdown Stolen Accounts:
 
 
 
 
« Britain's Cyber Force Toughens Up
China Plans For Supremacy In AI & Quantum Computing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

CyberArk Software

CyberArk Software

CyberArk is an established leader in privileged access management and offers the most complete set of Identity Security capabilities.

CertiKit

CertiKit

CertiKit produce toolkit products that accelerate the adoption of ISO/IEC standards, including ISO 27001, helping organizations all over the world to realize the benefits as soon as possible.

Hack in the Box Security Conference (HitBSecConf)

Hack in the Box Security Conference (HitBSecConf)

HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events feature two days of training and a two-day multi-track conference

European Cybercrime Training and Education Group (ECTEG)

European Cybercrime Training and Education Group (ECTEG)

The primary aim of ECTEG is to enhance the coordination of cybercrime training, by identifying opportunities to build the capacity of countries to combat cybercrime

PhishLine

PhishLine

PhishLine helps Information Security Professionals meet and overcome the increasing challenges associated with social engineering and phishing.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

BigID

BigID

BigID is redefining personal data protection and privacy. BigID software helps companies secure their customer data & satisfy privacy regulations like GDPR.

Cyber 2.0

Cyber 2.0

Cyber 2.0 is the only system in the world that blocks all forms of cyber attack within the organization, including new and unfamiliar attack methods.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

SecZetta

SecZetta

SecZetta provides third-party identity risk solutions that are easy to use, and purpose built to help organizations execute risk-based identity access and lifecycle strategies.

Techfusion

Techfusion

Techfusion is a cyber security research and consulting firm focusing on digital forensics and data recovery.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Cloudsec Asia

Cloudsec Asia

Cloudsec Asia is Thailand's top-ranked cybersecurity consultant company. We offers security services to ensure that all your IT assets are reliable, accessible, and secure.