CyberScotland Bulletin

Cyber Aware Campaign and New Cyber Action Plan

Over the last year, some entrepreneurs have launched online-only businesses, following necessary restrictions due to the pandemic.

As part of the cross-government Cyber Aware campaign, which provides advice on how to stay secure online, the NCSC has created the Cyber Action Plan to help micro businesses and sole traders understand their online risk. Micro businesses and sole traders are being invited to complete a short questionnaire that generates a personalised list of actions linked to the Cyber Aware behaviours that will offer free bespoke advice and include steps to secure their business. You can also sign up to the NCSC’s Small Organisation Newsletter which aims to break down cyber related issues into bitesize pieces which can be read in your coffee break. 

The NCSC produces weekly threat reports drawn from recent open source reporting. View this week’s report here.

The Suspicious Email Reporting Tool was launched by the NCSC to allow members of the public to report suspicious emails. As of 28^th February, the number of reports received stands at more than 5,000,000, with 71,000 individual URLs linked to 36,000 sites having been removed. Please forward any suspicious emails to: [email protected]. Suspicious text messages should be forwarded free of charge to 7726.

Strategic Framework for a Cyber Resilient Scotland

The Scottish Government have published The Strategic Framework for a Cyber Resilient Scotland which builds on Scotland’s first cyber resilience strategy.

Safe, secure and prosperous: a cyber resilience strategy for Scotland, expanding on its achievements and addresses ongoing and new challenges. The Strategic Framework for a Cyber Resilient Scotland sets out what we need to do to make Scotland a digitally secure and digitally resilient nation.

Fake Job Adverts

UK Finance and Cifas have warned that young people whose job prospects have been impacted by the pandemic are being targeted online by criminals looking to recruit “money mules” to launder the profits of their crimes.

Criminals are posting what looks like genuine job adverts, using social networking platforms or approaching young people with offers of cash rewards for little work. They promise you will earn money quickly by asking you to receive money into your bank account and then transfer it onto another account. Victims are usually rewarded with a payment for providing this service, making them a money mule. The latest research from Cifas has revealed there were 17,157 cases of suspected money muling activity involving 21-30 year olds in 2020, a five per cent increase on the previous year. 

• Police Scotland have provided steps and advice to help you avoid becoming a victim. Money Mules – Police Scotland
• Deterring young people from becoming money mules through the Don’t Be Fooled campaign, run jointly by UK Finance and Cifas. More advice from the campaign on how to avoid becoming involved in money mule fraud is available here. You can support the campaign by sharing this content through your channels. 
• Don’t respond to adverts offering large sums of money for minimal effort.
• Don’t give your bank account details to anyone unless you know and trust them.
• Research any company that makes you a job offer and make sure their contact details (address, landline phone number, email address and website) are genuine.

Free Call Blocking Devices

Following an increase in the variety of phone scams being reported by Scottish consumers since the beginning of the Covid-19 pandemic, Trading Standards Scotland is launching the roll out of free call blocking devices to vulnerable individuals who are most at risk from scammers and rogue traders.

The Scottish Government has provided £60,000 in addition to £20,000 funding from Trading Standards Scotland (TSS) to procure 725 trueCall call blocking devices which are available free of charge from Monday 8th March. The dissemination of call blocking devices supports the development of the scams prevention strategy currently being developed by the Scottish Government and partners including TSS. TSS will be working with the other partners involved in the strategy throughout the dissemination process and will be reaching out to charities and other groups working with vulnerable people.

To coincide with the launch of the call blocker dissemination programme, Trading Standards Scotland have published a list of the top ten nuisance calls which have been reported by Scottish consumers since the beginning of the first lockdown in March 2020. More information about the programme and how to apply can be found at: http://www.tsscot.co.uk/call-blockers/

You can find more information to help reduce nuisance and unwanted calls and messages along with tips and advice about what to do if you receive them and who to report them to on the Ofcom website. 

NCSC, Small Organisations Newsletter – Coffee Break Cyber

SME’s cover a huge range of businesses and make up 99% of all business in the UK.

Often SME’s do not have the budget of large organisations to spend on cyber security. This Newsletter aims to break down cyber related issues into bitesize pieces which can be read in your coffee break. The NCSC want to provide you and your business with the advice and tools to minimise the risk of a cyber-attack. Each month will cover a different topic and will offer advice and links to further information. The NCSC are open to suggestions for topics you would like covered in up-coming issues. Read this month’s newsletter here. 

If you think the Newsletter is useful, then please sign up using the link here.

Get Safe Online

Get Safe Online’s campaign this month is focussing on ‘Vaccination Scams’.

With the UK vaccination programme in full swing, the most recent wave of scams has focused on fraudulent offers of vaccinations, attempting to persuade recipients that they can ‘jump the queue’. This month’s campaign will highlight how to avoid being a victim of such scams during this time.

The COVID-19 vaccination is free and if you are offered it at a price, it could be fake, stolen or non-existent. NHS Scotland or health boards will never ask for your payment details, passwords or PIN numbers. For more information about who will be offered the vaccine and its delivery in Scotland, call the Coronavirus vaccination helpline on 0800 030 8013. Visit NHS Scotland for the latest COVID-19 medical guidance.

Trading Standards Scam Share 

Other scams to be aware of are identified in this week’s Trading Standards Scotland Scam Share newsletter. You can sign up for the weekly newsletter here. 

NCSC Digital Loft Events

The NCSC is the UK’s technical authority on cyber security.

Delegates will learn about the different cyber threats and impacts of cybercrime and implementing fundamental security controls. These events are aimed at UK registered businesses, charities, the voluntary sector, academic and educational institutions only and cover a range of cyber security topics. 

• E&S Digital Loft: Cyber insurance guidance – 24th March
• E&S Digital Loft: Cyber Security for Boards – 30th March

Exercise in a Box, Scottish Business Resilience Centre (SBRC)

SBRC are encouraging organisation to sign up for one of their free ‘Exercise in a box’ online sessions.

A FREE, 90-minute non-technical workshop which will help organisations find out how resilient they are to cyber attacks and practise their response in a safe environment. These sessions will focus on one of two scenarios, either ‘working from home’ or a ‘phishing attack leading to a Ransomware infection’. Find out more information on SBRC’s website. 

Book to join an upcoming session here. Workshops are available on Zoom and Microsoft Teams platforms.

• Exercise in a Box ‘Working From Home’ Session (MS Teams) 16th March
• Exercise in a Box ‘Ransomware’ Session via (MS Teams) 17th March
• Exercise in a Box FIFE ‘Ransomware’ Session (Zoom) 23rd March
• Exercise in a Box DUNDEE ‘Ransomware’ Session (MS Teams) 24th March
• Exercise in a Box ABERDEEN ‘Ransomware’ Session (Zoom) 30th March
• Exercise in a Box THIRD SECTOR ‘Ransomware’ Session (MS Teams) 31st March

Each issue, we aim to bring you real-life examples of scams, phishing emails and redacted case studies. If you have had an issue and would like to share your experience and what you have learned with others, please contact us to discuss:  [email protected] We are happy to anonymise case studies.

Case Study – The importance of reporting

We can’t overemphasise the importance of reporting to reduce the potential harm caused by cyber incidents. The sooner you report, the quicker it can be resolved and less damage it will cause. Every organisation will be different but your IT team or line manager are usually the best place to start in the workplace. 

You can help to play your part in protecting others by reporting suspicious activity online and help make the internet a safer place. Reporting online crime however insignificant it may seem, can help to reduce the chances of others becoming victims. Reporting incidents could help the police and other law enforcement agencies to link your experience to similar reported incidents – building a picture of threats and trends and helping allocate resources to fight them more effectively. 

 The NCSC’s Suspicious Email Reporting Service was launched last April as part of the Cyber Aware campaign, which promotes protective behaviours to keep your online accounts and your devices as secure as possible. The service has seen a massive response from the public with over 5,000,000 reports submitted which has led to the removal of more than 36,000 scams. To use the reporting service, people are asked to simply forward suspect emails to [email protected]. If they are found to link to malicious content, it will be taken down or blocked, helping prevent future victims of crime. 

In June 2020, the Advertising Standard Authority (ASA) launched a Scam Ad Alert system in partnership with major online ad and social media platforms, including Google and Facebook, to help tackle scam ads online. They launched the system because, while the overwhelming majority of ads responsibly inform and entertain their audience, some are published with criminal intent. Scam ads lead unsuspecting consumers to sites which fleece and leave them out of pocket. Consumers have been reporting scam ads appearing in paid-for spaces online to the AVA via this online form. They have dedicated resources to assess these reports within 24 hours, enabling them to quickly and effectively alert platforms to scam ads so that they can promptly remove them, suspend the advertisers’ accounts and stop similar ads appearing in future. ASA have produced a 6 month review highlight key stats and trends since the launch of this tool. Reporting scam ads helps to keep everyone safe online, so if you are concerned about a potentially bogus ad you see in paid-for space online, please report it using this form.

Cyberattacks are crimes and as such consideration should be given to reporting the attacks to Police Scotland. If you become a victim of fraud or cybercrime you can report this to Police Scotland by calling 101 or in person at any Police station. 

• Reporting a cyber incident – https://www.cyberscotland.com/report-an-incident/
• Forward suspicious emails to the NCSC’s Suspicious Email Reporting Service: [email protected]
• Forward suspicious text messages, free of charge to 7726.
• Report scam ads using the ASA online form

Technical Bulletin

The CyberScotland Technical Intelligence Bulletin is now available to read here. This bulletin is designed to provide information about emerging or escalating cyber threats, and is created in conjunction with SBRC’s Cyber Incident Response. You can sign up receive the technical bulletin directly here.

NCSC Early Warning Service

The NCSC provides a free service to organisations to inform them of threats against their networks.

The NCSC’s Early Warning service processes a number of UK-focused threat intelligence feeds from trusted public, commercial and closed sources, which includes several privileged feeds not available elsewhere.

By providing details of the assets your organisation owns, Early Warning will deliver feeds of the following types of threat information:

• Incident Notifications – Activity that suggests an active compromise of your system. Example: Your IP address has been involved in a DDOS attack.
• Network Abuse Events – Indicators that your assets have been associated with malicious activity. Example: A client on your network is a part of a Botnet.
• Vulnerability Alerts – Indications of vulnerable services running on your assets. Example: You have a vulnerable port open.

Early Warning complements your existing threat intelligence products, and should not be used in isolation. For more details and to register visit Early Warning – Overview (ncsc.gov.uk)