Tips for Effective Personal Cyber Security
Building on the success of the Digital Unions project, Scottish Union Learning hasbeen awarded short-term funding from the Scottish Government to deliver a Cyber Resilience project. The project will develop the cyber resilience capacity and cyber security skills of unions, reps, members and workers across Scotland. The Scottish Government's Cyber Resilience Team has created the following tips to stay safe online:
Phishing is a scam where criminals typically send emails to thousands of people pretending to come from banks, credit card companies, online shops and auction sites as well as other trusted sources.
Don’t be tricked into going to a fraudulent site through a phishing email – it may look exactly like the real thing but is actually a fake, designed to trick victims into entering personal information.
Signs you are being phished:
- The sender’s email address may be different from the trusted source website address.
- The email may be sent from a completely different address or a free webmail address.
- The email may not use your proper name, but a non-specific greeting such as “Dear customer.”
- A sense of urgency; for example the threat that unless you act immediately your account may be closed.
- A prominent website link. These can be forged or seem very similar to the proper address, but even a single character’s difference means a different website.
- A request for personal information such as username, password or bank details.
- You weren't expecting to get an email from the source that appears to have sent it.
- The entire text of the email may be contained within an image rather than the usual text format. The image contains an embedded link to a bogus site.
Use email safely:
- Do not open emails which you suspect as being scams.
- Do not forward emails which you suspect as being scams.
- Do not open attachments from unknown sources.
- If in doubt, contact the person, or source the email claims to have been sent by ... better safe than sorry.
- Do not readily click on links in emails from unknown sources instead, roll your mouse pointer over the link to reveal its true destination which is displayed in the bottom left corner of your screen. Beware if this is different from what is displayed in the text of the link from the email.
- Do not respond to emails from unknown sources.
- Do not make purchases or charity donations in response to spam email.
- Don’t click on ‘remove’ or reply to unwanted email.
- Check junk mail folders regularly in case a legitimate email gets through by mistake.
- When sending emails to multiple recipients, list their addresses in the 'BCC' (blind copy) box instead of in the 'To' box. If you do this, no recipient will see the names of others, and if their addresses fall into the wrong hands there will be less chance of you, or anyone else receiving phishing or spam emails.
- Similarly, delete all addresses of previous parties in the email string, before forwarding or replying.
- If you are suspicious of an email, you can check if it is on a list of known spam and scam emails that some internet security vendors such as McAfee and Symantec feature on their websites.
- Most Microsoft and other email clients come with spam filtering as standard. Ensure yours is switched on.
- Most spam and junk filters can be set to allow email to be received from trusted sources, and blocked from untrusted sources.
- When choosing a webmail account such as Gmail, Hotmail and Yahoo! Mail, make sure you select one that includes spam filtering and that it remains switched on.
The Scottish Union Learning Cyber Resilience project will develop workplace cyber skills by providing a series of Personal Cyber Security workshops which are being delivered by Digital Skills Education Limited. The workshops will provide learners with the opportunity to feel more confident about using computers and developing skills in:
Password Security – how to choose a more secure password and how to use password managers
Social Engineering – how to spot hackers, prevent them from stealing confidential information or accessing their computer using malicious software
Phishing – how to spot a phishing attack and scam emails from bogus companies and individuals
The duration of the Personal Cyber Security workshops is normally 90 minutes, but timings can be adjusted to suit learner requirements, and delivered in workplaces, or community centres. Scottish Union Learning will supply the tutors, necessary hardware and mobile wifi.
If you are interested in attending a workshop about Cyber Resilience and Personal Cyber Security contact SULDigital@stuc.org.uk