Cyber security & crimes
Guidance on what cyber crimes exist, cyber security tactics and crime reporting
What are cyber security and crimes?
Cyber security is a collection of technical controls and human protocols, which are designed to protect organisations and individuals from the actions of criminals.
Cyber crime is a way of committing crimes via computers and their networks. This may be to steal people’s identities or business secrets, to commit fraud or for other exploitative or malicious purposes.
It's a significant and growing problem - more than 42 million people in the UK had their financial data compromised by hackers last year – a staggering 1,777 per cent rise on the previous 12 months.
International law firm RPC says the huge spike in data breaches, up from 2.2 million in 2019/20, is partly due to a greater number of ransomware attacks.
The National Cyber Security Centre (NCSC) has previously warned that ransomware has now become the “most significant cyber threat facing the UK”.
“Over the past few years, we’ve seen ransomware evolve from a tactic used by splinter groups and individuals to the sophisticated, coordinated and highly profitable global operation it is today,” it says.
Find out more about ransomware below, under 'Types of cyber crimes'.
All cyber crime in the UK should be reported in the first instance to the Action Fraud – the National Fraud and Cyber Crime Reporting Centre – website or by phone on 0300 123 2040.
Cyber crime can additionally be reported to the National Cyber Security Centre (NCSC) website reporting page.
Cyber security incidents reported using this form are monitored 24/7 by a NCSC Defence Watch Officer, who will endeavour to reply at the earliest opportunity.
You may also find this related link useful:
Scam Marshals
A Scam Marshal is any resident in the UK who has been targeted by a scam and now wants to fight back and take a stand against scams.
Types of cyber crimes
Cyber crimes are, as you would expect, usually committed for one of two reasons: for financial gain or for malicious purposes.
And with an increasing number of electronic devices both in the home and at work connected to computer networks, the security risks are spread far beyond desk-top computers.
So what kinds of cyber crimes exist?
If your identity is stolen by criminals, the impact can be immediate financial loss and a negative credit rating – which in some cases can take a long time to resolve, once it has been detected, which can sometimes take a while.
Find out more with this video:
Keep your identity safe with some simple tips:
- Always check all financial statements against receipts.
- Continuously monitor your credit status.
- Be careful about what information you share on social networking sites, and check your privacy settings.
- Subscribe to an alerts service to indicate when a financial product is applied for in your name.
- Protect all your mobile devices with passwords and regularly change passwords often.
- Install online security software, including devices such as tablets and mobiles.
- Shred all documents that contain sensitive information, using a cross-cut shredder, before throwing them away.
- Look into any mail that does not arrive when you are expecting it.
Email communications
Emails are like postcards – if you wouldn’t put something on a postcard, don’t put it in an email.
Phishing is the use of fraudulent emails to steal your information, such as passwords (see No. 4, below).
Find out more with this video:
Protect yourself, and people in your organisation:
- Be wary of emails from unknown senders, especially when they ask you to confirm information.
- Never click links or open attachments from emails that you are not expecting.
- If a colleague asks you to send them something via email, confirm via phone before you do.
- If in doubt at work, contact your IT department and get it checked out.
- Ensure you have the correct recipient before sending information.
- Never initiate or forward spam or chain type emails.
- Never send work-related documents to your personal email account.
- Don’t use your work email address for personal subscriptions to websites.
Read the NCSC guidance on phishing scams here, and download their infographic here.
Malware, or malicious software, can cause harm in many ways, including:
- Causing a device to become locked or unusable.
- Stealing, deleting or encrypting data.
- Taking control of your devices to attack other organisations.
- Gaining access to your organisation's systems or services that you use.
- 'Mining' cryptocurrency.
- Using services that may cost you money (e.g. premium rate phone calls).
Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it) unless you arrange to pay a ransom to the attacker(s).
Even if you pay the ransom, there is no guarantee that you will get access to your computer, or your files.
Find out more with this video:
Find out from the NCSC what actions you can take to protect yourself and your organisation, including what to do if your organisation is already infected, here.
Criminals will use the most common passwords to try and access your accounts, or use information from your social media profiles to guess them. If successful, they will use this same password to try and access your other accounts.
People can also be tricked into revealing their passwords via phishing emails (see No. 2, above).
Even if you create strong passwords (and look after them), they can still be stolen if an organisation containing your details suffers a data breach. Criminals will use these stolen customer details (such as user names and passwords) to try and access other systems and accounts.
Increase your online security and make it harder for criminals to access your online accounts, even if they know your password, by turning on 2-Step Verification (2SV) across popular online services such as Outlook, Gmail, Facebook, X, LinkedIn, and Instagram - find out how here.
What can I and others within my organisation do to protect ourselves against cyber crime?
- Keep your devices’ software up-to-date.
- Install and maintain up-to-date versions of protection from viruses and other malware.
- Never connect with people you don’t know.
- Never share personal or sensitive information online, such as such as your address, date of birth or bank details.
- Avoid discussing work-related issues on social media.
- Never upload compromising or work-related photos.
- Public Wi-Fi is not secure, so don't use it to share personal or sensitive information.
From:
- Free products and advice for small & medium organisations in one handy guide.
- Following the steps in The Small Business Guide could help save time, money and your business's reputation.
- Find out how resilient your organisation is to cyber attacks and practise your response in a safe environment with Exercise in a Box.
- Cyber Security for Small Organisations and Top Tips for Staff are training programmes which can be completed online or built into your own training platform.
- Sign up for the NCSC's free Early Warning service to find out about potential cyber attacks on your network, as soon as possible.
- Go here to subscribe to regular NCSC content, including their weekly Threat Report, and the monthly Small Organisations Newsletter.
For free expert help for victims of cybercrime, digital fraud & online harm, visit The Cyber Helpline.
Give information
Give information anonymously by phone on 0800 555 111 or online
Donate to us
Join our fight against crime by making us a donation today, and see how the money you give can help shape your community for the better.
Be a force for good & volunteer
Every year we stop thousands of crimes. Let’s help make communities safer together. Join us and start volunteering with your local Crimestoppers team today.