Individuals and Families

Most individuals and families use smartphones and access the internet throughout the day. This includes at work, for pleasure, and for many day-to-day tasks. This includes online shopping, banking, sending emails, and using social media.

Because of the services we use, our devices contain a huge amount of our personal data. This includes sensitive personal data.

This personal data is valuable to cyber criminals. They may try steal, damage, or get unauthorised access to these devices and systems. These activities are referred to as cyber attacks, or cyber crime.

If you are the victim of cyber crime, you may:

• be blocked from accessing your accounts, including your email or social media accounts
• be locked out of your smartphone, tablet or computer
• lose money from your bank accounts, if attackers gain your banking details
• be unknowingly helping cyber attackers gather information on your friends and family

We’re here to offer information, advice and support. For more information, contact us, or check our Advice and Guidance page for the latest information.

If you have any questions, you can contact us:

• by phone on 01534 500050
• via email (hello@jcsc.je)
• or by booking a meeting with the team

Why would a cyber criminal target me or my family?

It seems reasonable to assume that most cyber criminals would target organisations. Most organisations will have information about hundreds of people. A cyber criminal can use this information to impersonate people, or to stage a ransomware attack.

However, most cyber attackers are opportunists. This means that they don’t always aim for the biggest rewards. Instead, they find a weakness they can exploit. This could be a weakness in a system or device. It could be a human-made weakness, like an easy-to-crack password.

Organisations are more likely to have cyber security measures in place. They may request that staff use strong passwords. They may have a schedule for updating their devices and services (known as ‘patching’).

Individuals and families are unlikely to have these sorts of measures in place. This means that a criminal who targets them is more likely to find a weakness they can exploit. They can then use this weakness to steal your information or gain access to your accounts.

And individuals are at risk precisely because companies are at risk. We each give our data to companies so that we can buy goods or services: this can include our email address, home address, telephone number or bank details.

Even if a business puts lots of measures in place to protect your data, they might be the victim of a cyber attack. If this happens then the cyber criminal may gain access to hundreds of customers’ data. They can then use this to target the customers whose data they now have, including you.

How to protect yourself and your family online

Potential cyber criminals regularly develop new techniques and approaches. This means that there is no way to guarantee that you are completely protected against all cyber attacks.

However, there are several things you can do to reduce the likelihood of being a victim of cyber crime.

Use strong passwords

• Turn on password protection wherever it is available. This includes across your devices and the services you use.
• Use strong passwords for all your accounts. The National Cyber Security Centre (NCSC) suggest using a combination of three random words.
• Use extra security protections, including 2 Step Verification (2SV), wherever possible. You can find more guidance on this via the National Cyber Security Centre (NCSC)
• Using strong passwords and 2 Step Verification is is especially important for email accounts. If a cyber criminal gains access to your email address, they could access sensitive information. They could use it to gain access to your other accounts.
• If you are struggling to remember all your unique passwords, use a password manager. Password managers generate new secure passwords, and store them safely for you.
• Some browsers will also give you the option to save your passwords in your browser. You should only do this if you trust the other people who may be using the device.

Turn on 2-Step Verification 

You should turn on 2-Step Verification (2SV) wherever you can. 2SV adds another layer of security to your devices and services by asking to confirm your identity more than once when you log in to a service or device. It is also known as Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA)

Once you turn on 2SV, it can work in one of two ways:

• when you try to access a service, it will send you a PIN or a code, often by SMS or email. You’ll need to enter this code to access the service.
• when you try and access a service or device, it will ask you to confirm your identity. This could be by using your fingerprint, scanning your face, or use a separate app to confirm your identity.

Both of these methods provide a valuable extra layer of protection. They mean that even if a cyber attacker has access to your password, you can still help keep them out of your account.

The Australian Cyber Security Centre has more information about how to set up 2 Step Verification.

Backup your data

A backup is a copy of your important data which is stored in a safe location. This could be online (via cloud storage), or using removable media (like a USB stick, SD card or external hard drive). This means that if you lose access to data on a device, you will have a secure copy that you can still access.

• You should backup any data which is important to you. This could be data that has sentimental value like family photos. It could also be anything that would inconvenience you if you couldn’t access it, like documents and statements.
• Schedule regular backups. This will mean that you have access to the most recent version of all your important information.
• If you are using a USB stick or external hard drive to back up your information, you should disconnect the device when you aren’t using it. This will reduce the change of it being infected by a virus transmitted through your device.

The NCSC website has more information on different types of backups.

Keep up to date

• Companies regularly release updates for devices, apps and smart devices. You should update your mobile phone, computer, tablet, fitness devices, home assistants and smart TVs.
• You should follow any prompts you receive to update your devices, smart devices, and apps. Some devices allow you to turn on automatic updates. This means that it will download the latest software updates when they become available.
• Producers will eventually stop providing updates for older devices and smart devices. This will usually be referred to as being ‘no longer supported.’ If your device is no longer supported then it is more at risk of security issues.
• This means you should avoid buying or using devices that are no longer supported.

What’s the difference between cyber crime and fraud?

Fraud and cybercrime are two distinct – but closely linked – types of crime.

Fraud is when a person behaves in dishonest way to get an advantage over another person. This advantage could lead to the person gaining money, goods or services.

There are lots of different types of fraud, and many types are not always committed online:

• identity fraud – stealing someone’s details and using them to commit a crime
• romance fraud – staging a relationship to steal from a victim
• phishing emails and texts – tricking a victim into disclosing their personal details
• ticket scams – selling event tickets that don’t exist
• investment scams – tricking a victim into investing money and keeping the money

Cyber crime refers to any crime that committed using computers or technology. Cybercrime includes:

• cyberbullying – using digital technologies to bully an individual or group
• cyberstalking – using electronic systems to harass, scare or threaten someone
• hacking – getting unauthorised access to data in a system or on a device
• stealing money, data or intellectual property using electronic devices

How are cyber crime and fraud related?

Not every fraud is committed online, and not all online crimes involve fraud. However, many fraudsters will use online methods to commit fraudulent acts. For example a criminal might:

• Send a phishing SMS or email to trick an victim into sharing their details. (This could be their email password or their banking details). They can then use these details to commit identity fraud or steal money.
• A criminal might use an online service (for example, social media or a dating app) to set up a romance fraud so that they can steal money from a victim.
• Send a phishing SMS or email to trick a victim into clicking a link or downloading a file or application. They will then use this file or application as the basis to hack into their systems or data.

For more information on how to protect yourself against fraud, visit the Jersey Fraud Prevention Forum website.

Useful resources

These trusted resources give you more information on how you can protect yourself online. You can also check our Advice and Guidance page for the latest information.

Stay safe online

• The NCSC provides tips for how to stay safe when you’re shopping online.
• This guidance explains how to use smart security cameras in your home.

Create secure passwords

• The NCSC recommends using three random words to create a strong password. This page explains why.
• Password managers can help you remember all your unique, secure passwords. This page explains how they work and how to use them.

Avoid phishing

• If you think you’ve received a phishing email, you can forward it to at phishing@jcsc.je. We can confirm whether it’s suspicious, and share information about the phishing attempt. This will help us protect more Islanders.
• If you’ve fallen victim to a phishing email, text, or call, find out what you can do.

Set up Multifactor authentication

• This page from the Australian Cyber Security Centre explains what MFA is.
• They also have a more detailed guide on how to set up MFA for your online accounts.

Update your devices

• The Australian Cyber Security Centre provides information on why you should update your devices regularly.
• Each provider has guidance on how you can update your devices. This is available online for:
  • iPhone or iPad
  • Mac computer
  • Apple watch
  • Windows 11 and Windows 10
  • Android devices
  • Amazon devices (eg. Kindles, Fire tablets, Alexa)
  • Fitbit devices
  • Garmin devices

Fraud

Although fraud and cyber crime are different types of crime, they are often closely linked. You can find more information about how you can protect yourself from fraud online.

• ActionFraud has a list of useful tips.
• States of Jersey Police explains how you can spot a scam.
• Stay Safe Online has advice on safer online dating.

Who can help if I’ve been a victim of a cyber attack?

If you believe you’ve been the victim of a crime, you should contact the States of Jersey Police on 01534 612612, or visit Police Headquarters.

You can also report the incident to Action Fraud, either by calling 0300 123 2040 or via their website.

You can also report the cyber attack to us by calling us on 01534 500050 or by emailing incidentreports@jcsc.je.

We may be able to provide you with advice and guidance, and your reports will help us understand more about the threats individuals are facing.