FSI in partnership at the National Cyber Security Centre have lots of excellent guidance for keeping your charity and your people safe from cyber attacks and crime.
Check out their new guidance on working from home and their Small Charity Cyber Security Guide with simple and low-cost tips by clicking on the links below.
Home working: preparing your organisation and staff – How to make sure your organisation is prepared for an increase in home working, and advice on spotting coronavirus (COVID-19) scam emails – www.ncsc.gov.uk/guidance/home-working.
Cyber Security Small Charity Guide can be downloaded by clicking here.
For advice on helping your users to spot coronavirus scam emails, please refer to their guidance on dealing with suspicious messages.
NCSC’s new cyber security training for staff now available – www.ncsc.gov.uk/blog-post/ncsc-cyber-security-training-for-staff-now-available.
Tips for spotting tell-tale signs of phishing:
Spotting a phishing email is becoming increasingly difficult, and many scams will even trick computer experts. However, there are some common signs to look out for:
- Authority – Is the sender claiming to be from someone official (like your bank, doctor, a solicitor, government department)? Criminals often pretend to be important people or organisations to trick you into doing what they want.
- Urgency – Are you told you have a limited time to respond (like in 24 hours or immediately)? Criminals often threaten you with fines or other negative consequences.
- Emotion – Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.
- Scarcity – Is the message offering something in short supply (like concert tickets, money or a cure for medical conditions)? Fear of missing out on a good deal or opportunity can make you respond quickly.
- Current events – Are you expecting to see a message like this? Criminals often exploit current news stories, big events or specific times of year (like tax reporting) to make their scam seem more relevant to you.