Department expertise helps Get Safe Online campaign

Surrey’s Department of Computer Science is playing its part to help protect the public from cyber attacks, and its Centre for Cyber Security has been recognised by the government as an Academic Centre of Excellence for its research into privacy and data protection, communications security and human-centred security.

The Centre recently provided technical and professional expertise to demonstrate how easy it is to capture data from unsuspecting members of the public as part of Get Safe Online Week.

A key message during this campaign was ‘Online Crime: It’s always personal’. To illustrate this message, a short video was produced, showing that rogue WiFi hotspots can capture and use passwords and even credit card detail . Spot our very own Dr Chris Culnane (playing ‘Chris Hacker’ in the video)

Professor Steve Schneider, Centre Director, said: “We were proud to work with Get Safe Online to provide a concrete demonstration of how readily people’s personal data can be captured and could subsequently be used for other purposes. Having somebody show you what they’ve been able to see you doing online seems to carry a much bigger impact than simply discussing the risks, and, hopefully, this helps to propagate the message.”

Six top tips to keep it personal

1. Don’t publish your date of birth in your profile or highlight your birthday in posts or tweets. Why not? Your date of birth is very useful information for a fraudster, hacker or identity thief.

2. Remember that if you use the names of pets, family members, a sports team or other ‘favourite’ things in your passwords or memorable words, and reveal your likes and dislikes online, you may be handing a criminal clues to your login details.

3. Don’t reveal your passport number, driving licence number or any other official details to anyone unless you’re absolutely sure that they are authentic, and that providing these details is necessary. For example, if a prospective employer or agency asks you for a passport scan as proof of ability to work in the UK, check their authenticity.

4. Don’t get fooled into revealing your PINs or passwords in response to an email, social networking post, text or phone call, however convincing it seems that the request is from your bank, the police or another real organisation.

5. Don’t write down or store login details electronically or on paper, where there’s a chance they could be found.

6. Never open an email attachment unless you’re 100% certain of who sent it, or what it is. This is because it could contain a virus that steals your personal information. Even an email that seems to come from a friend or colleague could have been sent by a virus on their device. If in doubt, ask the person you believe sent it before opening anything.