Sun May 17 2020
As COVID-19 related scams go through the roof, Police advice people review their password security
It should come as no surprise that cyber actors have taken full advantage of the coronavirus, tricking vulnerable users with phishing scams offering free masks, testing and even cures.
It’s been reported by the South East Regional Organised Crime Unit that cyber frauds (specifically those related to coronavirus) rose by 400% in March.
That’s 1,425 UK victims who have been defrauded of a total of £2.9 million.
Unfortunately, as we’ve discussed many times before, phishing is still, by far, the most profitable form of attack for a cyber actor looking to gain access to log in credentials and passwords.
Cyber Security awareness is getting better, with 29% of firms now providing some form of cybersecurity training (up 9% in the last 2 years) but it doesn’t take a mathematical genius to figure out that’s still over 70% without!
As computing power has increased over the years and cyber actors have become more sophisticated, so to has advice around password security changed.
We’re once again sharing the list of most popular passwords (i.e. the one’s that can be cracked in seconds) which doesn’t include the phishing scammers favourite of birthdays or names of pets or loved ones.
Take three random words… HackTrainRope… that password, could, on average, be cracked in just six hours by brute force but change it HackTrainRope@19 would, due to the additional complexity, take six years.
That’s why security professionals now recommend a password should be at least 13 digits long and include special characters like # or %.
Whilst these passwords are much more secure it does lead to issues with users forgetting passwords a lot.
The South East Regional Organised Crime Unit’s advice was to use a password manager like (Like LastPass) and to enable MFA (Multi-Factor-Authentication).
They also highlighted that there are a lot of free resources for both individuals and organisations offered by both the Police and the NCSC to help anyone worried about cyber crime…
https://serocu.police.uk/covid19/- information about Covid-19 scams and advice on improving security from the South East Regional Organised Crime Unit.
ncsc.gov.uk - National Cyber Security Centre offers free advice and services around email, websites, DNS and networks, and security testing.
nomoreransom.org - an anti-ransomware site that publishes known decryption keys.
Worried about your cyber security? Contact cloudThing today to see how we can help
Sun May 17 2020