CyberScotland Bulletin

June 2022

The CyberScotland Bulletin is designed to provide you with information about the latest threats, scams, news and updates covering cyber security and cyber resilience topics. We hope you continue to benefit from this resource and we ask that you circulate this information to your networks, adapting where you see fit. Please ensure you only take information from trusted sources.

If there are any cyber-related terms you do not understand, you can look them up in the NCSC Glossary.

Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.

Keep up to date on social media, follow us on Twitter and LinkedIn.

Scottish Cyber Winner 2021
Section National Cyber Security Centre (NCSC)

National Cyber Security Centre (NCSC)

New guidance puts staff welfare at the heart of incident response

When an organisation is impacted by a cyber attack, staff members are at the forefront, adapting to respond to the situation. This increased workload, pressure and stress could have an impact on staff welfare and it’s important that staff are looked after throughout.

NCSC has released new guidance which includes five recommendations that help managers give prominence to welfare during their incident response processes. Practising your response to dealing with a cyber incident can help staff feel better prepared and reduce some of the immediate stresses that an incident can cause.

The NCSC’s Incident Management team are available to support victims responding to the most series UK attacks. Small businesses and charities can contact the Scottish Business Resilience Centre’s free Cyber Incident Response Helpline (0800 1670 623), which supports organisations that have been a victim of an attack or provide expert guidance to get you back to secure operation.

August 3 – FacebookTwitterInstagram
Section

NCSC Threat Report

The NCSC produces weekly threat reports drawn from recent open-source reporting. View this week’s report here.

To ensure you get the most up-to-date information from NCSC, you can sign up for their email service where they are sharing all advisories, threat reports, and urgent communications. Select ‘threat report and advisories’ to receive the most up to date content.

The NCSC are not aware of any specific, targeted cyber threats to the UK as a result of the Russian invasion of Ukraine but is encouraging organisations to remain vigilant and follow their advice to improve your security.

The NCSC’s Reporting Service

The NCSC is a UK Government organisation that has the power to investigate and take down scam email addresses and websites.

The NCSC’s fifth annual Active Cyber Defence (ACD) report has been published and captures the work of the ACD in 2021. A record number of online scams were removed from the internet last year thanks to this programme. They disclosed that more than 2.7 million scam campaigns were removed from the internet in 2021, nearly four times more than in 2020.

You can help to play your part in protecting others by reporting suspicious activity online and help make the internet a safer place.

In Scotland, report all scams to Advice Direct Scotland by calling 0808 164 6000 (Mon-Fri 9am-5pm) or online at www.consumeradvice.scot. Visit scamwatch.scot to use the Quick Reporting Tool.

If you become a victim of cyber crime you can report this to Police Scotland by calling 101.

Section Trending Topics

Trending Topics

Free email security check service

Email continues to play a significant part in a variety of cyber attacks. Many organisations are unaware that attackers can send malicious spoofed emails using their email domain to conduct attacks like phishing or spreading malware, or that there could be vulnerabilities with the confidentiality of their emails in transit.

The new free Email Security Check service, from the National Cyber Security Centre, helps organisations identify vulnerabilities affecting their email domain and offers security advice so they can take action to fix them.

The tool helps users look up information about domains that are already publicly available online and checks for two important areas of cyber security: anti-spoofing and email privacy.

There is no signup or personal details required to use and is aimed at helping technical teams at organisations quickly identify issues so they can bolster their defences using NCSC’s guidance on email security and anti-spoofing.

Eligible organisations can access more in-depth guidance on implementing the recommended standards by signing up for the NCSC’s free Mail Check service.

stephen-phillips-hostreviews-co-uk-3Mhgvrk4tjM-unsplash

While anyone can access the service to check the security of email domains, the tool cannot check if an individual email or email domain is malicious. If you receive a suspicious email, you should report it to the NCSC by forwarding it to [email protected].

Section

LinkedIn, Think Before You Link

LinkedIn, the professional networking website, is a popular brand that criminals pose as when sending out phishing emails.

These phishing emails are designed to look like they come from LinkedIn but when a user clicks on the links in the email, they are sent to a malicious website designed to steal their login details such as an email address and password. This allows the criminals to access your account and collect personal information. You can add an extra layer of security to your social media accounts by enabling 2-step verification, also known as 2-factor authentication, to help protect your account even if the criminal knows your password. 2-step verification asks for an additional piece of information to prove your identity when logging in, such as a PIN or code.

Criminals may act anonymously or dishonestly online, in an attempt to connect with people who may have access to valuable or sensitive information such as those employed in government, the private sector and academia. They often pose as recruiters or talent agents who will approach users with enticing or ‘unique’ business opportunities for them to gain as much information about the target as possible. Centre for the Protection of National Infrastructure (CPNI) ‘Think Before You Link’ campaign includes practical advice on how to identify these profiles, how to respond and how to minimise the risk of being a target.

CPNI has launched an app which helps to identify fake profiles and report anything they find suspicious. The app includes 4 training modules that would be beneficial to any individual using social networking apps.

The training modules include:

  • Recognise the profile – Recognise malicious profiles by teaching you some of the hallmarks that these profiles have.
  • Realise the threat – understanding the behaviours that malicious profiles might display, helping you realise the threat they might post
  • Reporting a suspicious profile – understanding when you should report and what you need to report when something is suspicious.
  • Removing suspicious profiles from your network – sharing the importance of removing profiles from your network and why it is important to deny connection from profiles you haven’t verified.

Search CPNI on Google Play or Apple App store to download the app.

CPNI think before you link
CPNI https://www.cpni.gov.uk/security-campaigns/think-you-link
Section

Protecting yourself and our devices while on holiday

Whether it’s a staycation or going abroad, it’s easy to forget that protecting your devices and keeping safe online should be on your holiday checklist.

Smartphones, laptops and tablets might be on your list of things to pack when going on holiday, but devices can be an easy target for criminals. You can help protect your device with a PIN or passcode to prevent unwanted access. If you accidentally lose your device or it gets stolen, many devices include tracking apps and features that can help you locate and protect your information.

You can use these features to:

  • track the location of a device
  • remotely lock access to the device (to prevent anyone else from using it)
  • remotely erase the data stored on the device
  • retrieve a backup of data stored on the device

Take the time to familiarise yourself with these features before your holiday. Having a backup copy of your device information, which you can store at home, will help in the event your phone or tablet does get lost or stolen.

raphael-biscaldi-7RQf2X6aXXI-unsplash

Our blog has some more advice on what to consider when you are away on holiday, from connecting to public Wi-Fi, protecting your devices from thieves and being aware when sharing your holiday photos on social media can be a risk.

Section

Scam warning in relation to the conflict in Ukraine

Advice Direct Scotland has warned of potential scams related to the conflict in Ukraine. Online scammers have been using hundreds of fake charity websites to trick people wanting to donate to Ukraine. Many of these scams pretend to be real people in Ukraine that need help, and others are setting up bogus websites claiming that they have raised money to be donated.

By making simple online checks before you give, you can ensure your money reaches genuine registered charities. Our blog includes key advice for donating safely online.

 

 

 

Case Study – Ukraine Fundraiser Scam

“Mr Coal donated £500 to a charity fundraiser for Ukrainian Refugees but is now worried that the money was not sent to them. The owner of the charity is not responding to his calls or emails. He had spoken to multiple staff members from the charity, who all said that it was a scam and that the owner had run off with the money. The owner of the charity is not responding to his calls or emails. We checked the charity against both the English/Welsh and Scottish registers, finding that it was not registered at all. He can’t find any proof that the money went where it should have been.

Mr Coal wanted his money back and told us that he had used a credit card to make the donation. He was informed that he could use Section 75 to try to recover the funds. He was advised to contact his card provider to request that the transaction be reversed. Mister Coal was able to recover his money and the scam was reported. This will inform trading standards and other relevant organisations, hopefully reducing the scam’s success in future.”

Section Campaigns / Newsletters

Campaigns / Newsletters

Scam Awareness Fortnight, 13th – 26th June

This annual Citizens Advice campaign aims to create a network of confident, alert consumers who know what to do when they spot a scam.

Running from 13 – 26 June, the campaign will focus on scams and the cost of living crisis.  With many people facing increased financial pressures, there is a high chance that scammers will take advantage of this.

The campaign aims to:

  • Equip consumers with the knowledge and skills they need to recognise scams
  • Empower people to take action if they think they’ve been targeted by a scam, including reporting it using the appropriate channels
  • Encourage people to talk about their experiences with scams and help others

With a focus on empowering people to protect themselves against scams, the campaign will have a positive message with clear, tangible actions for consumers to take:

  • Tips on how to spot these scams
  • Steps you can take to protect yourself against them
  • Advice on what to do if you see a scam

Scottish consumers can report suspected scams and suspicious activity using the Quick Reporting Tool at www.scamwatch.scot

Alternatively, specialist consumer advisers are available on 0808 164 6000 (Monday – Friday, 9am-5pm), or by visiting www.consumeradvice.scot. consumeradvice.scot is operated by the charity Advice Direct Scotland.

10
Section

Trading Standards Scotland

Other scams to be aware of are identified in the latest Trading Standards Scotland Scam Share newsletter. You can sign up for the weekly newsletter here. Check out their #ScamShare Spotlight PDFs focusing on frequently reported email, phone, text and cyber scams in Scotland.

Neighbourhood Watch Scotland

Sign up to the Neighbourhood Watch Alert system to receive timely alerts about local crime prevention and safety issues from partners such as Police Scotland.

Section Training and Webinars / Events

Training and Webinars / Events

Digital Loft, National Cyber Security Centre

The NCSC is running several 1-hour webinars in June specifically aimed at small organisations, although anyone is welcome to join. They will help you understand actions you can do to improve your own and your organisation’s cyber security.

  • Cyber Aware for Sole Traders and Micro-Businesses – Learn how to protect yourself or your small organisation online including passwords and 2-Step Verification (2SV). Monday 13th June, 11.30am
  • Cyber Security for Small Organisations – How to improve your cyber security; affordable, practical advice for businesses. Thursday 16th June, 11.30
  • Cyber Essentials – Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. Wednesday 22nd, 1pm

Register for the events here

chris-montgomery-smgTvepind4-unsplash
Section

Exercise in a Box Workshops, Scottish Business Resilience Centre

Scottish Business Resilience Centre is facilitating workshops taking Scottish organisations through using NCSC’s Exercise in Box security tool. security tool. They are offering in-person workshops alongside their virtual sessions covering ‘Ransomware’, ‘Digital Supply Chain’, and ‘Micro Exercises’. The upcoming in-person event in Dundee will be held at the new cyberQuarter which is located within the Abertay University on the 22nd of June, and is a great opportunity for you to test the resilience of your organisation.

If you work in health, social care, housing, charitable or public sector organisation in Scotland and looking to strengthen your cyber defences, sign up below.

Find out more details and to book on-going Exercise in a Box events

excersie in a box
Section

Cyber Incident Management Plan Webinar, Third Sector Cyber Resilience Network: 22 June 10am -11.30am

The Scottish Government’s Cyber Resilience Unit has launched a new network for third sector organisations as a way to provide updates on cyber threats, share resources and promote good practice.

The third sector network is open to all staff and volunteers from third sector organisations and will hold regular non-technical webinars, focusing on topics to help manage cyber risks. If you would like to join the network, please email Anthony Morris, the third sector lead in the Cyber Resilience Unit at [email protected].

The next webinar will be on the topic of incident management planning. It will have guest speakers from the Scottish Business Resilience Centre (SBRC) and Sight Scotland talk about how incident management plans can help prepare for a cyber incident and what to include in those plans.

Register here

 

sigmund-eTgMFFzroGc-unsplash
Section

Fun and interactive cyber security training, Scottish Union Learning, 23 June

Public sector workers: Do you want to improve your cyber security habits and learn how to use security apps? Here’s how to do it without boring presentations or complicated technical instructions.

Up your knowledge and confidence on this micro-course run over two 2-hour sessions. You’ll earn a certificate and (real!) badge on completion. You don’t need any technical knowledge or experience to take part.

Feedback from other public sector workers say that this course is “friendly and non-patronising” “entertaining and informative” “first class” “very clear and not full of tech language” “thoroughly enjoyable” “clear and non-judgmental” “just what I needed but was too afraid to ask”

Find out more and register your place now.

Practical workshop image 768×430
Section Technical Annex

Technical Annex

Technical Bulletin

The CyberScotland Technical Intelligence Bulletin is designed to provide information about emerging or escalating cyber threats and is created in conjunction with SBRC’s Cyber Incident Response team. You can sign up to receive the technical bulletin.

Read the latest bulletin here

 

 

Scottish Government
Police Scotland
Scottish Business Resilience Centre
Back to top of the page