Because GCHQ are an intelligence agency, most work that they do is kept secret. From their main building in Cheltenham, they help us all stay safe by providing- amongst other things- cyber security. One of the ways cyber security is managed is through data scientists.
An important start to keeping safe online is checking URLs. Looking at the protocol can be a good step; ‘HTTPS’ shows a secure website, whereas a URL beginning with ‘HTTP’ may not be secure. Being aware of URL spoofing is important too, this is when a link disguises itself as a trustworthy link when it is indeed not. To do this, URLs in emails can appear shortened to make them seem trustworthy- you may find CyberChef helpful for checking this.
Phishing is real and happens to us through our emails, text messages, and social media. Why? so the instigator can gain access to our personal information including bank details and passwords.
The truth is, phishing emails will often look exactly the same as a legitimate one, but there are tips to help you identify the fakes, these include:
- Look at the content. Did you expect this email? does it seem too good to be true? is it telling you that you have won a competition you haven’t entered?
- Look at the email address. Has it been sent from a public domain? An email supposedly sent from a large, well known corporation sent from a personal email address probably isn’t legit, as you would expect them to have their own domain.
- Look at the message. Is the spelling and grammar accurate? Pay special attention to the grammar inaccuracies, as spelling is easier to find online.
- Look at the time frame of the message. Any message suggesting urgency with no prior emails need close attention.
- Look at the links. Check the email for any unusual links. You can do this by hovering over the link, but be careful not to click.
This piece is a summary of the Outbox 2020 session run by GCHQ. You can find out more about GCHQ here.