We now live and work in a digital environment that impacts all areas of our lives. We leave a digital footprint in our day-to-day activities, with records being created whenever we use an ATM, cross a border or switch on our mobile phone. The world is becoming “smaller” as digital platforms and systems are increasingly joined up and more data is created and shared.
It is important that you understand what this means for you and your lifestyle, work and family. While living in the digital age brings convenience and benefits, it also has drawbacks that can be exploited. It presents new opportunities for fraudsters, scammers and others with malicious intent, including espionage and intimidation from state-backed organisations and terrorists.
The methods used are becoming more sophisticated and difficult to detect. It is therefore important to stay aware when you are using your devices, accessing your accounts and communicating online.
There are steps you can take to keep yourself safe, including those set out in Plan Ahead and Protect Information About You and the best practice behaviours outlined by NCSC.
The following sections outline some important considerations to help you to spot the signs of suspicious activity and online threats to help to protect yourself and your information:
It may not always be obvious that you are being (or have been) targeted online, especially if the tactics used by the hostile actor are subtle or disguised. It is important to watch out for the signs that someone is trying to target you, for example:
- There is unusual activity on your online accounts, such as unrecognised logins or changes to your password or security settings.
- You receive unsolicited messages, emails, or friend requests from unknown individuals, especially if they contain suspicious links, requests for personal information, or attempts to provoke an emotional response.
- You start receiving an influx of spam messages by emails, text or social media.
- There is an increase in malware alerts or suspicious activity on your devices.
- There are transactions in your bank accounts, credit cards, or online payment platforms indicating unauthorised access to your financial information or accounts.
- You notice sudden changes in your online reputation, such as negative reviews, defamatory content, or false accusations circulating on social media or review websites.
- You discover fake social media accounts using your name, photos, or other personal information, or you receive reports from friends or followers about suspicious activity or messages coming from your accounts.
- You receive messages from your known contacts which seem unlike their usual tone or language.
Those with malicious intent are constantly changing and adapting their approaches, so it is important to monitor your online accounts and communications carefully for suspicious activity. If it doesn’t look/feel right, then it probably isn’t. Trust your instincts and Know What To Do.
Hostile actors may try to imitate legitimate sources or trusted people to encourage you to click links, download files or share information. Take a moment to assess the communications you receive:
- Consider the sender and the credibility of the message before accessing links or opening attachments sent to you.
- Carefully check email addresses to make sure they are not subtle imitations of your contacts.
- In all communications, even those from known people and accounts, look out for signs that might indicate you are being targeted. Warning signs include the look and feel of content, the tone and timing of the message, or poor use of spelling or grammar. If the communication is from an account belonging to someone you know, consider whether it sounds like them and seems credible. If you’re not sure, use another means to check with the person to see if it was really them who sent the message.
- If you think you are being targeted by an unknown contact who could be a hostile actor, do not engage with them. Keep a record and decide what action to take. For further information see our Think Before You Link page.
Understand who can access the information you share and carefully consider the detail you disclose online. Is it necessary? Does it reveal information about you or your activities and routines that could be valuable to an adversary? It is hard to remove a digital footprint, so you must assume that once it’s out, it’s out.
For more information, see:
As a high-risk individual, you should keep a continuous eye on your digital space, frequently reviewing the privacy and security settings on your devices and accounts to check that these haven’t been altered.
Consider the settings (e.g. in your email account) that might enable your communications to be automatically forwarded or allow others to access and use your accounts. For example:
- Check whether any “rules” have been created in your email settings that can forward, delete, or send emails from your account.
- Check whether an unknown person is listed as a “delegate” in your account, as this provides permission for them to view, edit and manage emails and calendars.
Regularly reviewing your settings can help you to quickly spot signs that your accounts have been compromised and take immediate action.