Skip to main content

alpha This is a new site, your feedback will help us to improve it.

Short fraud guides

Published on 22 January 2020

Cybercrime

What is Cybercrime?

Cybercrime is criminal activity carried out by means of computers or the internet. Cyber criminals want your money, your data and your intellectual property.

What does Cybercrime look like?

  • Ransomware
  • Phishing
  • Cloned websites etc.
  • DDOSattacks
  • Identity theft

This list is not exhaustive. It is always evolving and always changing.

Ransomware

Ransomware is a type of malware designed to prevent or limit users from accessing their data until a sum of money is paid.

These programs introduce a sense of urgency by giving the user a time limit within which they must pay the fee or risk their data being permanently deleted. The Wannacry attack on the NHS in May 2017 is an example of Ransomware.

Cloned websites, phone numbers and SMS messages

Fraudsters can produce websites that look identical to the real thing. If we aren’t careful we could input our login credentials and give them straight to the fraudster. They can also appear as though they are calling you from any phone number they want and they can insert text messages into existing threads of texts e.g. texts from your bank.

Phishing

Phishing emails/messages look legitimate and may appear to come from someone you trust. They urge you to click on links to websites containing malware or input your personal details giving the fraudster access to your information or allowing them to infect your device.

Social engineering

Social engineers want our information, they want access to our devices, they want to install malware on our devices and they want us to do something we would not normally do.

They use authority e.g. claiming to be from the bank; they use urgency so we don’t have time to question them and they prey on our human nature which is naturally helpful and considerate.

DDoS attacks

Distributed Denial of Service attacks happen when multiple compromised devices attack a website, server or other network resource causing so much traffic to that resource that it cannot cope and it crashes, denying service. Criminals can buy bundles of compromised devices on the dark web to carry out these attacks. Internet infrastructure company Dynwas attacked in 2016 cutting off some of the world’s biggest websites; infected devices used in that attack included baby monitors, IP cameras and printers.

Identity theft

Identity theft is when your personal information is gathered from websites, social media etc. and is used to build a good picture of who you are. This information may be used by criminals to impersonate you for financial gain or to steal your bank details.

How can you protect yourself?

100% protection is impossible, but taking a few simple steps can make it more difficult for criminals to access your information. You would not leave your house without locking your door!

  1. Protect your personal information – limit the information that you give away online.
  2. Take a moment - if something doesn’t seem right, verify it.
  3. Use three random words to make up your passwords and donot reuse the same password for different applications.
  4. Make sure your anti-virus and other software is up-to-date.
  5. Always lock your computer when you leave your desk.
  6. Check the security settings on your Smartphone – does that app really need access to your location and microphone?
  7. Beware of emails containing links or attachments that you weren’t expecting and haven’t verified.

How can CFS help?

CFS provides FREE Cybercrime presentations to partner organisations. Contact nss.cfscommunications@nhs.net to request a presentation for your team.

Visit our website for more information on all of our services www.cfs.scot.nhs.uk

Download this information as a PDF document (PDF, 740KB).

Follow us on Twitter @NHSSCFS.