Cybercrime

We all use laptops, tablets, and phones to access the internet. We click onto many different sites, apps, email accounts, and online banking every day. Some sites we use store our personal information which we want kept confidential. This article highlights ways to keep you and your details safe and protected.

This article only scratches the surface of online safety. We recommend the Get Safe Online website for detailed information on all aspects of online safety.

Make sure your passwords are secure

• Make passwords difficult for potential hackers to guess; avoid using things like your middle name, pets name—things people may work out. Include a mixture of letters and numbers, including capital letters and punctuation.
• Passwords or pass phrases should be at least 8 characters long.
• Check password strength. Most sites will show whether the password is strong. Or you can use free password strength checker tools.
• Use a password manager to create secure passwords and store them securely.
• Change your password immediately if you think your account has been compromised.  It is useful to change your password once every 3 months.
• Have a different password for every account you use.
• Set up two factor authentication for authorising logins from a new device or location.

Online Banking and Shopping

• Keep your card details and PIN numbers secure.
• Think about whether you need to save your card details on your computer or online—it is best not to in case you are hacked. If you do save them, make sure your device is secure.
• Don’t use public wi-fi hotspots for banking or apps that transfer sensitive information.
• Keep mobile banking applications fully up to date.
• Always log out of apps and websites which have payment details when you finish using them.
• Set up two factor authentication for logins from a new device or location, or for changing your details (e.g. your shipping address).
• Many banks allow you to temporarily stop a card if you can't find it; this can be useful if you think you have lost your card, but want to make sure it can't be used while you search for it.
• If you think your card or banking details have been stolen, contact your bank immediately.
• Only buy from legitimate sellers, and make sure the website urls start with 'https' and not 'http', this indicates a secured webpage.

Phishing

Phishing is an attempt to trick people into opening malicious email attachments which fraudsters use to steal personal information, email logins and passwords, and banking details. An example might be an email claiming to provide you with a list of active coronavirus infections in your area, but to access information you need to click on a link which redirects you to a credential-stealing page. If it doesn't look authentic, don't open it and report to Action Fraud.

Click here for information on how to recognise a Phishing email.

Social Media

Social media sites are for enjoying engagement and interaction with others, sharing stories and photos and some personal information. However, there are several risks, including phishing scams, cyber-stalking and harassment, and sharing private or inappropriate content publicly.

• Check the privacy setting on any social media sites you use to make sure you are only sharing information with people you want to share it with.
• Be mindful that things you publish online are public, and can affect the reputation of the University.
• Take care not to share private information, such as when you will be on holiday. This could allow criminals to identify when your house is unoccupied.
• Be careful about clicking links, even if they appear to be from someone you know. Accounts can be hacked or cloned to spread phishing scams, or your friend may have been tricked into sharing the link.
• Make sure you have up to date antivirus software.
• Use strong passwords, and consider using a separate email account for social media sites, so if an account is compromised your other accounts are still secure.
• Think before you share; fake news is often designed to cause outrage so people will spread it without thinking or checking the story is true.
• Consider safety on online dating sites.

Online Abuse

Online abuse takes several forms, including cyber-stalking, cyber-bullying, and trolling. Many of the basic safety measures above, such as keeping your accounts secure, can be helpful ways to protect yourself against online abuse, but the more targeted and personal nature of online abuse can make this harder.

• Take steps to secure your account, including changing your passwords, increasing privacy settings, and adding two factor authentication.
• Block or report accounts engaging in abusive behaviour.
• Do not reply to abusive comments.
• Report serious abuse, such as threats of physical harm, to the police.
• Gather and document evidence of cyber-stalking, and report it to the police.
• Look out for indications that someone has accessed your social media account without your permission.
• Consider changing your phone number or email address.

Useful Resources:

• Security and You: St Mary's IT Helpdesk advice on Information Security
• Online course on Computer Security and Internet Safety
• Information Security Essentials e-learning course
• Get Safe Online: Free expert advice on online safety, everything from creating secure passwords, to handling online harassment, and safeguarding children online.