Personal Information – How safe is yours?

Personal Information – How safe is yours?

At Gooseberry Planet, we deal with hundreds of schools every day.  What I am noticing more and more is the number of teachers’ email addresses that are getting hacked.  I must receive 10 emails a day from teachers which contain an attachment with a Purchase Order? or payment information and a link to follow.  I know that these have been generated by an account that has been hacked.

Are we really taking enough care to protect our passwords and our personal information?  Once a person has access to our email accounts, they have the freedom to access ANY of our accounts and reset passwords.  As a school you should ensure that all staff are aware of the risk of being hacked.   v Phishing emails are commonplace and look so innocent.  They ask you to follow a link and enter your personal information.  Pop-up ads may do the same, perhaps masquerading as a genuine company but in fact using malware to re-direct you to a different website altogether, which then misuses the information that is unwittingly divulged.   I know school networks have been put down completely due to one member of staff not being vigilant.  Staff should know never to enter personal information via a link – always go to the website directly, check that it uses securely encrypted messaging (shown by “https” in the web address) before sending personal details.

I am also noticing how many staff use their personal email for work and work email for personal bits.  This should really be discouraged.  Some teachers also use their school email to access private apps on school networks.  These Apps, if not from reputable sources, can also pose a security risk to your network.   This is a particular concern to schools in light of their responsibilities for data protection.

The first line of defence for any organisation is passwords.  Staff should know how to set a strong password (you would be amazed how many people use “123456” or “password”).      I do love our password system in the Gooseberry Play.  We are already teaching children as young as 5 to generate passwords that have 3 words in.  You might think, how on earth do you teach a 5-year-old to do this?    Well, we use pictures.  For example, bluedog5, is a picture of the colour blue, a picture of a dog and the number 5.  Teachers love this and so do the students but best of all, it is the beginning of the educational process about how to stay safe online.

The irony is that we are teaching our children how to protect their data when many staff seem not to know themselves.  I know that 71% of teachers use Facebook and this platform (and others) there are often quizzes.  People seem unable to resist answering questions that are often quite simplistic and offer very little informed feedback to the user.  Be wary of these.   They may ask questions about your children’s names, your star sign, your pet’s name, your favourite colour.  They are collecting personal information which can be useful to criminals trying to guess passwords in order to hack accounts.  Resist the urge to complete online quizzes!

This month’s alert is about Personal Information and advice on how to protect it.  As usual, we offer this advice to Students, Parents and Teachers, all with conversation starters.

Interesting Facts for social media

BBC article https://www.bbc.co.uk/news/uk-47016671

More than £190,000 a day is lost in the UK by victims of cyber-crime, police statistics show.

More than a third of victims in that period fell prey to the hacking of social media and email accounts.

Action Fraud said £34.6m was reported to be stolen from victims between April and September 2018, a 24% increase on the previous six months.

The City of London Police, which runs Action Fraud, has warned people to keep separate passwords for online accounts.

The figures show 13,357 people in the UK reported cyber crimes over six months.

More than 5,000 of those people were hacked via their social media and email accounts, costing victims £14.8m.