Secure Your Personal Email & Social Media Accounts

Action Fraud, the national reporting centre for fraud and cyber crime, received 15,214 reports of email and social media hacking between February 2020 and February 2021 -  88 per cent of which were from individuals who had their personal accounts compromised by criminals. 
 
The City of London Police is urging the public to secure their social media and email accounts, after more than 15,000 accounts were compromised by criminals in the past year. 
 
Action Fraud has received 15,214 reports of email and social media hacking between February 2020 and February 202, 88 per cent of which were from individuals who had their personal accounts compromised by criminals.
 
The City of London Police’s National Fraud Intelligence Bureau  (NFIB), which assess the reports received by Action Fraud, says almost a quarter of victims (23%) were aged between 20 and 29. While organisations, such as limited companies, sole traders and charities, only made 1,741 reports of hacking, they reported losing £3.8 million to these crimes compared to the £283,500 lost by individual victims.
 
The warning comes as the NFIB’s Cyber Protect Cyber Protect team launches a national awareness campaign (Monday 22 March 2021) around the importance of securing your accounts to keep your information out of the hands of criminals.
 
Superintendent Sanjay Andersen, Head of the City of London Police’s National Fraud Intelligence Bureau, said: “Criminals hack people’s email and social media accounts to access a wealth of valuable personal information about the individual, which they can use to commit fraud. This includes passwords for other accounts like online banking. Criminals also use compromised accounts to imitate the victim online and trick their family and friends into sending money... One of the most important things that you can do to improve the security of your online accounts is having two-factor authentication enabled. Not only will it prevent hackers accessing your accounts even if they have your password, but it will also keep your valuable information out of the hands of criminals.”  

When analysing historic data, the NFIB found that during the financial year 19/20, Facebook, Instagram and Snapchat were the most reported platforms on which people had their social media accounts compromised.

Compromised Facebook accounts were commonly used to facilitate fraud, whereas compromised Instagram accounts were often used to obtain intimate images of the account holder. Similarly, compromised Snapchat accounts were often used for blackmail offences, such as sextortion.
 
The NFIB say the most common tactic criminals use to facilitate hacking offences is phishing messages, where recipients will be asked to click on a link which is designed to harvest their log in details and passwords. Other phishing messages may include a malicious attachment which can lead to people’s devices becoming infected with malware.  One victim who had multiple email and social media accounts hacked paid over £2,000 to regain access to them. Another victim reported that their hacked Facebook account was used to trick their friends into sending money to a PayPal account they thought belonged to them. 
 
One organisation had their business account on Instagram hacked. The organisation was extorted for money in order to regain access to the account, but once the organisation had paid the initial demand, the suspect continued to demand more money. 
 
The impact of having social media or email accounts compromised isn’t just financial. Research conducted by the NFIB found that victims said having their account compromised had a significant or severe emotional impact, as intimate photos and private details were exposed. 

How to protect yourself and keep your accounts secure: 

  • Use strong passwords to protect your email. You should also protect your other important accounts, such as banking or social media.
  • Enable two factor authentication (2FA). It will help to stop hackers from getting into your online accounts, even if they have your password.
  • Be cautious of social media messages that ask for your login details or authentication codes, even if the message appears to be from someone you know.
  • If you can't access your account, search the company's online support or help pages. You'll find information about how to recover your account.

You can report suspicious emails you have received but not acted upon, by forwarding the original message to report@phishing.gov.uk. You can report suspicious texts you have received but not acted upon, by forwarding the original message to 7726, which spells SPAM on your keypad.

What to do if your account has been compromised: 

  • If you cannot access your account as it has been compromised, follow the NCSC’s guidance on how to recover a compromised account.
  • If a demand for payment is made, do not pay any money to the suspect in order to regain access to your account. It’s likely the suspect will continue to demand more money instead of giving you control of your account back.
  • If you have paid any money, contact your bank immediately and report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040 as soon as possible.
Action Fraud:   Cyber Protect UK:      City of London Police:        ITPro:      Image: Unsplash
 
You Might Also Read: 
 
Instagram, TikTok & Twitter Shutdown Stolen Accounts:
 
 
 
 
« Britain's Cyber Force Toughens Up
China Plans For Supremacy In AI & Quantum Computing »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Chertoff Group

Chertoff Group

The Chertoff Group provide security advice and risk management services covering cyber security, insider threat, physical security and asset protection.

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

Cyberwatch

Cyberwatch

Cyberwatch is a Vulnerability Scanner & Fixer software that helps you to detect and fix the vulnerabilities of your Information System.

ERNW

ERNW

ERNW is an independent IT Security service provider with a focus on consulting and testing in all areas of IT security.

Information Technology & Cyber ​​Security Service (STISC) - Moldova

Information Technology & Cyber ​​Security Service (STISC) - Moldova

STISC is a public institution whose purpose is to ensure the administration, maintenance and development of the information technology infrastructure in Moldova.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

Zerodium

Zerodium

Zerodium is the leading exploit acquisition platform for premium zero-days and advanced cybersecurity research.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

DDLS

DDLS

DDLS is Australia's largest provider of corporate IT, process training and cybersecurity training courses and certification programs.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

BrainStorm

BrainStorm

BrainStorm Threat Defense takes a new human-focused approach to security awareness that traditional training lacks. It’s a cutting-edge platform to make your users more security savvy.

Readynez

Readynez

Readynez is the digital skills concierge service that helps you ensure your workforce has the tech skills and resources needed to stay ahead of the digital curve.

DNS Research Federation (DNSRF)

DNS Research Federation (DNSRF)

DNSRF's mission is to advance the understanding of the Domain Name System's impact on cybersecurity, policy and technical standards.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.