18 July 2019
myroyalmail is updated daily
Cyber crime is on the rise!

We live in an increasingly connected world where cyber-crime is a rising threat for individuals, economies and businesses globally.

Statistically both individuals and businesses are now more likely to suffer from cyber-crime than physical crime. Organised gangs use the anonymity of the internet and the sanctuary of locations that are outside of the legal jurisdiction of the victims they target. Malicious software (known as malware) is widely distributed in the certainty that some of it will find its way onto vulnerable computers and allow the perpetrators to either steal information or recruit the computer into a criminal network.

When a computer becomes infected with ransomware the user is effectively locked out of the computer and any data that is held locally on the machine is encrypted preventing further access. Any network drives, such as team shares, may also become encrypted preventing them from being accessed by other users. A ransom, usually in the form of a crypto-currency such as bitcoins is demanded in return for the files being decrypted and access returned to the user. There are clearly no guarantees that the payment of a ransom will result in the data being returned to the user.

Ransomware is most commonly spread using one of the following ways:

  • emails that trick users into opening an infected attachment that contains the ransomware; or
  • exploit kits that silently download the threat onto the users device whilst they are visiting a compromised website

There have been several notable cyber incidents that have made headlines in the last 12 months: alleged interference in the US Presidential election; attacks on power plants in the Ukraine; and the WannaCry and Petya/NotPetya ransomware that severely impacted the NHS, Maersk and TNT/FedEx amongst many others.

Cyber-crime risks to companies

  • If our company lost customer information by not protecting information or data, customers would not trust our services and consequently our brand. Our share price would fall. As a public company, our share price is directly linked to how well our business is performing.
  • Stolen employee passwords that can lead to identity theft are a threat that Royal Mail faces every day as well. Corporate identity theft is when someone pretends to be you in order to access company systems and steal information, or even to authorise transactions. Many people have been victims of personal identity theft as well. For example, criminals can open bank accounts and credit cards in your name, run up debts, and even fund other crimes.
  • One of the most common way of stealing usernames and passwords is by sending phishing emails, usually by tricking you into disclosing information using seemingly genuine website login pages or email forms. Alternatively, criminals will try to trick you into downloading malicious software onto your computer that steals information without your knowledge.

Cyber criminals also target individuals

  • Cyber criminals can cause serious damage to individuals or business customers which can result in identity theft and identity fraud.
  • If a criminal gets hold of an individual's bank account details, such as username and password they can then transfer money on their behalf, make payments in their name and commit identity fraud. Identity fraud is when criminals gather enough information about individuals so that they can actually pretend to be them.

Learn more by downloading our presentation and supporting material (poster) to share it with your teams.

What can you do to protect your own information?

  • Avoid using unsecured wireless networks.
  • Watch for attempts to steal your information by checking for signs of Phishing emails. If it does not look genuine, do not open and delete the email.
  • Be aware of callers (vishing) and visitors who ask for information.
  • Avoid using removable media for storage.

Read more about how to recognise Phishing emails by visiting our Use the internet safely page.

We are always available to answer your questions or address your concerns about information security. Simply contact the Information Security team.