Guest blog - how can students stay safe online?
Dorset Police Cyber Protect Officer Chris Conroy returns with some advice for new students.
It’s that time of year again. The time where thousands of 18 year olds descend on towns and cities across the country, to find their feet, make new friends, drink responsibly, and – hopefully – earn a degree.
This year, some 364,000 people found places on a university degree course. That’s just shy of a whopping 30% of all 18 year olds in the UK. When you throw mature students in to the mix, the number of people starting their journey in further education this year is huge.
For some, it’s probably a nervous time. For others, fraudsters included, it’s all very exciting. After all, criminal groups know how to cash in on… well… the average student’s need for cash.
Let’s start with email…
Students were recently warned of potential phishing scams offering students ‘grants’ from the Department of Education. Fraudulent emails like this are commonplace and, sadly, often successful, as the promise of financial assistance may well be very attractive. Be on the lookout for any emails that seem ‘too good to be true’. In cases like this, they almost always are.
Take the time to check over any email you receive. There will usually be clear signs that things are not what they seem. It might be that the senders email address looks suspicious, the spelling or grammar may not be dodgy, or maybe the salutation isn’t quite as formal as you’d expect.
Sometimes, the scammer absolutely nails the email. It looks genuine, they greet you by name, and the email address is indiscernible from the real deal. This is why we recommend people check the links or buttons in ANY email they receive, even if they think it’s a genuine one. If you hover your cursor over any link or button, you’ll be able to see where that link will take you. Here’s a couple of examples…
Our force Cyber Crime page can be found here - https://www.dorset.police.uk/help-advice-crime-prevention/scams-fraud-cyber/cyber-crime/. Hover your mouse over that link, and you should see it replicated either in a box next to the link, or in the bottom corner of your screen. Similarly, I can turn it in to a hyperlink – e.g. Dorset Police Cyber Crime Unit – and you’d see the full link if you hover your mouse on it.
The thing is, with hyperlinks, I can make it look like any website I want and have you click on it. For instance, www.freemoneyforeveryone.com and CLICK HERE FOR FREE MONEY! will also take you to our homepage, but it could just as easily be a phishing site, or worse.
Email is often used to deliver malware, either through attached documents or, again, through dodgy links. To demonstrate just how big a problem this could cause you, have a look here.
In the spirit of full disclosure, this button will take you to a site called Cryptoprank. You know this, of course, because you hovered your mouse over it first… right? The site is designed to raise awareness of the threat of ransomware, and is entirely safe. Think about the problems real ransomware might cause though. How devastating would it be to pour your heart and soul in to a dissertation, only to have it irretrievably encrypted by a piece of ransomware?
As we can see, it’s all too easy for fraudsters to trick us in to going somewhere we don’t want to go, and clicking a link can fast become a very problematic mistake.
What else can you do to look after your information?
Now, I’m very aware you’ve probably got plenty of things you’d rather be out doing. So I’ll try and keep this next bit a little briefer. Here are a handful of our top cyber security tips…
1) Make sure you’re using strong passwords – Protect everything with a strong password. A hacked social media account can be quite embarrassing. A compromised email account can be very problematic. And you will (probably) have worked very hard on your coursework… so you don’t want it falling in to someone else’s hands.
Protect your accounts and devices with strong passwords, PINs or biometrics. Find out more here - https://www.ncsc.gov.uk/section/information-for/individuals-families. Two Factor Authentication can provide you with extra protection. Make sure you use it where available, as it is a very effective means of helping to prevent account takeovers. Find out more here.
2) Use a reputable antivirus product – Let’s say you do accidentally click on a link in an email. If you’re led to a website that contains some malware, you could find yourself in trouble. A good antivirus product will go a long way to help keep you safe, making sure that piece of malware is caught and removed from your device. Found out more here – https://www.ncsc.gov.uk/guidance/what-is-an-antivirus-product
3) Back up everything! – If you care about it, make a copy. Maybe even two or three copies. For instance, if you’ve saved coursework to your laptop, a piece of ransomware (or an errant cup of tea) could cost you everything. Having a spare copy on a hard drive, USB memory stick or in the cloud means you can recover with minimal fuss, and minimal cost. Trust me on this - as a man who spills a lot of tea - it’s a really good idea.
Those social media photos...
I’ll leave you with one last thought. As discussed in a previous blog post, if it goes online, it’s online forever.
Go, have fun, enjoy your time at university. But heed this warning – YouGov data from 2017 shows that a massive 36% of employers rejected candidates based on their Facebook, Instagram and Twitter profiles. Think about your digital footprint, and how your pictures posts might look in years to come. And if you can’t guarantee 3 straight years of sensible behaviour, then think about your privacy settings!
Until next time, stay safe out there.