(Here's some excellent advice from 'neighbourhood ALERT', well worth reading - Allen Roochove NCC Techno Buddy 04.11.24) 

Personal Safety

Dear Resident,

With Christmas just around the corner many of us will be carrying more cash and valuables. Thieves will exploit this and often target people at this time of year.

Please have a look at the advice below, to help keep yourself and valuables safe when out and about:

When on the move

  • Stay alert and be aware of your surroundings - don't wear headphones or be distracted by your mobile phone, especially when alone.
  • Body language - criminals often target people who appear to be more vulnerable. Use body language to give the impression that you are confident, walk with your head up and make eye contact with others.
  • Avoid walking alone, use busy and well lit paths – avoid isolated, dimly lit areas and stay with a group if possible. Choose paths and walkways that are more likely to be covered by CCTV. Be mindful of hiding spots such as doorways, bushes and vehicles.
  • Change your routine regularly - criminals can observe routes and patterns and use them to target a victim.


    • Valuables

  • Don't keep valuables all in one place - Keep valuables in different pockets and compartments of your bag. Avoid carrying phones, wallets or purses in back pockets.
  • Never leave a bag open or gaping - Carry your bag with the flap closed and secured against your body to prevent opportunistic thieves.
  • Secure valuables – Where possible use purse dipping cables that secure loose items such as purses to bags. This will prevent pickpockets being able to easily remove valuables without your knowledge.


    • Withdrawing cash

  • Protect yourself from ATM theft – It's a good idea to scan the immediate area before using an ATM. Be aware of anyone standing close by and check the machine prior to using it to ensure it hasn't been tampered with.
  • Distraction theft - Thieves will watch as you key in your PIN or distract you while you're withdrawing cash. Be vigilant. Cover your PIN and keep an eye on your card at all times. If someone taps you on the shoulder or tries to speak to you, just ignore them.
  • Looking after your card – Always put your card away immediately after use. You should also be careful with contactless cards as they can be read and cloned with mobile devices. You can purchase a card holder to prevent your card details being inadvertently read.


    • Please follow the advice above and share with your friends and family.

    Kind regards from your Crime Prevention Team.


    Message Sent By
    Beth George
    (Cheshire Police, Crime Prevention Officer, West) 

    ----------------------------------------


    WhatsApp planning to replace phone numbers with usernames for better privacy

     (From Chris Wood, NCC Computer Buddy - 25th October 2024)

    Currently, to have a Chat on WhatsApp you have to know the phone number of the person you wish to message.  This can cause issues with security, such as privacy. 

    To get around this problem – or to at least greatly improve it – WhatsApp are looking into replacing phone numbers with a username and they are also looking at the possibility of having a PIN associated with a particular username. 

    It is thought WhatsApp plan to introduce this new system by the end of the year.  It will be very interesting to see how this unfolds.

    ----------------------------------------


    BEWARE - Fake "QR" codes

    Here's a very helpful and timely article from Lesley Elliott, one of our Cyber Buddies, about the danger of Fake 'QR' codes (31.07.24)

    Fake "QR" codes are being used to trick consumers into using them to pay for parking, buying tickets etc.

    Businesses frequently use QR codes to direct people to things such as app downloads, social media accounts, menus, payment platforms and events listings.

    What is a QR code?

    QR stands for "quick response".  The black and white squares work like a two-dimensional barcode and can be scanned by a phone or tablet.

    • Criminals are attaching fake QR codes over the originals, so consumers are directed to the fraudster's fraudulent website account.  Look carefully at the QR code to see if another QR code has been attached over the original.  If so, use another payment method and inform the business concerned.
    • Although sums taken from consumers bank accounts are small at first, increasing amounts are removed by the fraudsters which, over time, can amount to thousands of pounds.
    • There is evidence of scammers using consumers' bank accounts to set up loans and ordering their own bank cards for the account.  One bank customer is reported to have lost over £7,500 to scammers thinking she was paying for travel tickets.
    • If you're not sure the website QR code you are scanning takes you to the genuine site, then search for the website in your browser instead.
    • QR code scams can also mislead people into downloading malware - so ensure your phone security is fully up to date.

    If you think you have fallen for a scam, then the advice is to contact your bank, as well as 'Action Fraud', immediately.

    ----------------------------------------


    WhatsApp group chat members are being warned they could be targeted by criminals

    (Here's a very helpful article from 'ActionFraud', well worth reading - Allen Roochove NCC Techno Buddy 10.05.24)

    Message Sent By
    Action Fraud
    (Action Fraud, Administrator, National)

    Dear Subscriber,

    WhatsApp group chat members are being warned they could be targeted by criminals, as Action Fraud reveals it has received 636 reports from victims of the messaging app this year.

    The fraud often begins when a member of the group receives a WhatsApp audio call from the fraudster, pretending or claiming to be another member of the group. This is done to gain the individual's trust, and often the scammer will use a false profile picture and/or display name, so at first glance it would appear to be a genuine member of the group.

    The fraudster will tell the victim they are sending them a one-time passcode which will allow them to join an upcoming video call for group members. The criminal then asks the victim to share this passcode with them so they can be "registered" for the video call.

    In reality, the criminal is asking for a registration code to register the victim's WhatsApp account to a new device so they can take over their account.
    Once the fraudster has access to the victim's WhatsApp account, they will enable two-step verification which makes it impossible for the victim to regain access their account. Other members of the group, or friends and family in the victim's contacts, will then be messaged asking them to transfer money urgently as they are in desperate need of help.

    How to secure your WhatsApp account    :

    Set up two-step verification (2SV) to give an extra layer of protection to your account. Tap Settings > Account > Two-step verification > Enable.CALL. If a family member or friend makes an unusual request on WhatsApp, always call the person outside of WhatsApp to confirm their identity.Report spam messages or block a sender within WhatsApp. Press and hold on the message bubble, select 'Report' and then follow the instructions.

    If you live in England, Wales and Northern Ireland and have been a victim of fraud or cybercrime, report it at www.actionfraud.police.uk or by calling 0300 123 2040. In Scotland, victims of fraud and cybercrime should report to Police Scotland on 101.

    Find out how to protect yourself from fraud:     https://stopthinkfraud.campaign.gov.uk  

    If you found this information useful, please share it with friends and family.

    ----------------------------------------

    Inactive Google Account Policy

    (If you use Gmail then this is well worth reading - Allen Roochove, NCC Techno Buddy 27.08.23) 

    A Google Account gives you Google-wide access to most Google products, such as Google Ads, Gmail, and YouTube, using the same username and password.

    An inactive Google Account is an account that has not been used within a 2-year period. Google reserves the right to delete an inactive Google Account and its activity and data if you are inactive across Google for at least two years.

    Google also reserves the right to delete data in a product if you are inactive in that product for at least two years. This is determined based on each product's inactivity policies.

    How Google defines activity

    A Google Account that is in use is considered active. Activity might include these actions you take when you sign in or while you're signed in to your Google Account:

    • Reading or sending an email
    • Using Google Drive
    • Watching a YouTube video
    • Sharing a photo
    • Downloading an app
    • Using Google Search
    • Using Sign in with Google to sign in to a third-party app or service

    Google Account activity is demonstrated by account and not by device. You can take actions on any surface where you're signed in to your Google Account, for example, on your phone.

    If you have more than one Google Account set up on your device, you'll want to make sure each account is used within a 2-year period.

    What happens when your Google Account is inactive

    When your Google Account has not been used within a 2-year period, your Google Account, that is then deemed inactive, and all of its content and data may be deleted. Before this happens, Google will give you an opportunity to take an action in your account by:

    • Sending email notifications to your Google Account
    • Sending notifications to your recovery email, if any exists

    Google products reserve the right to delete your data when your account has not been used within that product for a 2-year period.

    December 1, 2023 is the earliest a Google Account will be deleted due to this policy. 

    For further information, just click this link   https://support.google.com/accounts/answer/12418290?hl=en#zippy=  

    ----------------------------------------

     Ticket Fraud

    (Received from Neighbour Alert - Allen Roochove, NCC Techno Buddy 24.04.23) 

    If you are planning on buying tickets to an event this summer, take time to read Get Safe Online's advice on purchasing tickets online safely.  The link below link provides the latest advice listed on our website:

    https://www.getsafeonline.org/ticketfraud/?utm_source=nw&utm_medium=email 

    Whether it's cricket, tennis or a concert, however desperate you are, don't buy tickets from anyone apart from official vendors, the box office or reputable fan reseller sites.

    With best wishes,

    'The Get Safe Online' team

    ------------------------------------

     Don't plug your phone into a free charging station, warns FBI

    (Received from Malwarebytes Newsletter' and well worth a read - Allen Roochove, NCC Techno Buddy 17.04.23) 

    April 12, 2023 by Pieter Arntz

    In a recent tweet, the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or computer.

    "Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead."

    When asked, the FBI's Denver field office said the message was meant as an advisory, and that there was no specific case that prompted it. The method the FBI is referring to is often referred to as "juice jacking."

    Imagine that the battery of your phone is dying and you're nowhere near a power outlet, would you connect your phone to any old USB port? A juice jacking attack uses a charging port or infected cable to exfiltrate data from the connected device or upload malware onto it. The term was first used by Brian Krebs in 2011 after a proof of concept was conducted at DEF CON by Wall of Sheep. When users plugged their phones into a free charging station, a message appeared on the kiosk screen saying:

    "You should not trust public kiosks with your smart phone. Information can be retrieved or downloaded without your consent. Luckily for you, this station has taken the ethical route and your data is safe. Enjoy the free charge!"

    While there are no known, recent cases of juice jacking, it's best to be aware of potential cyberattacks—you never know what will trigger the transformation of the hypothetical to the real. To avoid inadvertently infecting your mobile device while charging your phone in public, learn more about how these attacks could happen and what you can do to prevent them.

    How would juice jacking work?

    As you may have noticed, when you charge your phone through the USB port of your computer or laptop, you are also able to move files back and forth between the two systems. That's because a USB port is not simply a power socket. A regular USB connector has five pins, where only one is needed to charge the receiving end. Two of the others are used by default for data transfers.

    USB connection table courtesy of Sunrom

    Unless you have made changes in your settings, the data transfer mode is disabled by default, except on devices running older Android versions. The connection is only visible on the end that provides the power, which in the case of juice jacking is typically not the device owner. That means, any time a user connects to a USB port for a charge, they could also be opening up a pathway to move data between devices, with the following consequences:

    • Data theft: during the charge, data is stolen from the connected device.
    • Malware installation: as soon as the connection is established, malware is dropped on the connected device. The malware remains on the device until it is detected and removed by the user.

    Data theft

    In the first type of juice-jacking attack, cybercriminals could steal any and all data from mobile devices connected to charging stations through their USB ports. But there's no hoodie-wearing hacker sitting behind the controls of the kiosk, so how would they get all your data from your phone to the charging station to their own servers? And if you charge for only a couple minutes, does that save you from losing everything?

    Make no mistake, data theft can be fully automated. A cybercriminal could breach an unsecured kiosk using malware, then steal the information from connected devices. There are crawlers that can search your phone for personally identifiable information (PII), account credentials, banking-related or credit card data in seconds. There are also many malicious apps that can clone all of one phone's data to another phone, using a Windows or Mac computer as a middleman. So, if that's what hiding on the other end of the USB port, an attacker could get all they need to impersonate you.

    Cybercriminals are not necessarily targeting specific, high-profile users for data theft, either—though a threat actor would be extremely happy (and lucky) to fool a potential executive or government target into using a rigged charging station. However, the chances of that happening are rather slim. Instead, hackers know that our mobile devices store a lot of PII, which can be sold on the dark web for profit or re-used in social engineering campaigns.

    Malware installation

    The second type of juice-jacking attack would involve installing malware onto a user's device through the same USB connection. This time, data theft isn't always the end goal, though it often takes place in the service of other criminal activities. If threat actors were to steal data through malware installed on a mobile device, it wouldn't happen upon USB connection but instead take place over time. This way, hackers could gather more and varied data, such as GPS locations, purchases made, social media interactions, photos, call logs, and other ongoing processes.

    There are many categories of malware that cybercriminals could install through juice jacking, including adware, cryptominers, ransomware, spyware, or Trojans. In fact, Android malware nowadays is as versatile as malware aimed at Windows systems. While cryptominers mine a mobile phone's CPU/GPU for cryptocurrency and drain its battery, ransomware freezes devices or encrypts files for ransom. Spyware allows for long-term monitoring and tracking of a target, and Trojans can hide in the background and serve up any number of other infections at will.

    Many of today's malware families are designed to hide from sight, so it's possible users could be infected for a long time and not know it. Symptoms of a mobile phone infection include a quickly-draining battery life, random icons appearing on your screen of apps you didn't download, advertisements popping up in browsers or notification centers, or an unusually large cell phone bill. But sometimes infections leave no trace at all, which means prevention is all the more important.

    How to avoid juice jacking

    The first and most obvious way to avoid juice jacking is to stay away from public charging stations or portable wall chargers. Don't let the panic of an almost drained battery get the best of you. I'm probably showing my age here, but I can keep going without my phone for hours. I'd rather not see the latest kitty meme if it means compromising the data on my phone.

    If you feel going through a part of your life without a phone is crazy talk and a battery charge is necessary to get you through the next leg of your travels, using a good old-fashioned AC socket (plug and outlet) will do the trick. No data transfer can take place while you charge—though it may be hard to find an empty outlet. While traveling, make sure you have the correct adapter for the various power outlet systems along your route. Note there are 15 major types of electrical outlet plugs in use today around the globe.

    Other non-USB options include external batteries, wireless charging stations, and power banks, which are devices that can be charged to hold enough power for several recharges of your phone. Depending on the type and brand of power bank, they can hold between two and eight full charges. Power banks with a high capacity are known to cost more than US$100, but offer the option to charge multiple devices without having to look for a suitable power outlet.

    If you still want the option to connect via USB, USB condoms are adaptors that allow the power transfer but don't connect the data transfer pins. You can attach them to your charging cable as an "always on" protection. Using such a USB data blocker or "juice-jack defender" as they are sometimes called will always prevent accidental data exchange when your device is plugged into another device with a USB cable. This makes it a welcome travel companion, and will only set you back US$10–$20.

    Checking your phones' USB preference settings may help, but it's not a foolproof solution. There have been cases where data transfers took place despite the "no data transfer" setting.

    Finally, avoid using any charging cables and power banks that seem to be left behind. You can compare this trick to the "lost USB stick" in the parking lot. You know you shouldn't connect those to your computer, right? Consider any random technology left behind as suspect. Your phone will thank you for it.

    https://www.malwarebytes.com/blog/news/2023/04/dont-plug-your-phone-into-a-free-charging-station-warns-fbi 

    (Received from Malwarebytes Newsletter' - Allen Roochove, NCC Techno Buddy 17.04.23)

    ----------------------------------------


    STOP, HANG UP, CALL 159 

    New banking phone service for suspicious calls

    At the end of September 2021, Stop Scams UK (www.stopscamsuk.org.uk) launched 159, a memorable short-code phone service that connects the vast majority of UK banking customers safely and securely with their bank when they receive an unexpected or suspicious call about a financial matter.

    This breaks the scam 'journey' at the critical moment when you are at most risk of being manipulated into making a payment. So, even if scammers can make contact with you, that link will be broken by your call to 159, before any information is shared, any payment is made, and any harm is done.

    How it works: 'Stop, Hang Up, CALL 159'

    If you think someone is trying to trick you into handing over money or personal details.

    Stop, hang up and call 159 to speak directly to your bank.

    In the first half of this year criminal gangs stole over £245m by pretending to be your bank or another service provider.

    159 is the memorable, secure number that connects you directly to your bank if you think you might be being scammed.

    159 works in the same way as 101 for the police or 111 for the NHS. It's the number you can trust to get you through to your bank, every time.

    Since 2014 UK Telecommunications Operators have significantly reduced the 'call clearing delay time' to under two seconds, meaning calling 159 will always be a route back to safety.

    159 will never call you. Only a fraudster will object to you calling 159.

    Stop Scams UK's vision for the future

    Over 180,000 calls have now been made to 159, and they have ambitious plans to invest in the service further over the coming months.

    They plan to integrate a new Intelligent Voice Response (IVR) system to route calls. This will streamline the calling process, provide a better service to users, and allow Stop Scams UK to support a wider number of banking destinations.

    They intend to work with participating members to identify opportunities to integrate 159 with other aspects of their services. This could mean a customer identifying their bank to the IVR on a 159 call could in turn automatically trigger a push alert from their online banking app.

    Stop Scams UK is also working towards making 159 a universal number offered by all telephone providers, similar to 101, 111 or 999.

    Who can use 159?The cost of calling 159 will vary according to your phone provider. In many cases this will be the same as a national rate call. Please ask your provider for details.


    The banks that currently use 159 are:

    Barclays   Co-operative Bank   First Direct   HSBC

    Lloyds (including Halifax and Bank of Scotland)        

    Metro Bank   Nationwide Building Society

    NatWest (including Royal Bank of Scotland and Ulster Bank)     Santander         Starling Bank         TSB


    The telephone companies involved in 159 are:

    BT (including EE and PlusNet)    Gamma    O2 (including giffgaff)    Sky    TalkTalk    Three   Virgin Media   Vodafone

    (Received from Neighbourhood Alert - Allen Roochove, NCC Techno Buddy 24.01.23)




    What is phishing, and how does it work?

    You wouldn't let a thief enter your home, but what if the thief was masquerading as someone familiar, such as a postman, and tricked you into opening the door? Phishing works in a similar way - criminals impersonate trusted organisations by creating legitimate-looking messages and websites in order to trick people into opening the doors to their personal information. Once criminals have this information, it can be used to perpetrate fraud and cyber crimes against you, or in your name.

    How big is the problem?

    Phishing attacks are a common problem faced by both individuals and businesses on a daily basis.

    As of 31st May 2022, the National Cyber Security Centre's Suspicious Email Reporting Service (SERS) has received over 12mn reports from the public, and has removed over 83,000 scams and 153,000 malicious websites. The most impersonated organisations in phishing emails reported last year were the NHS, HMRC and GOV.UK.

    Most phone providers are part of a scheme that allows customers to report suspicious text messages for free by forwarding it to 7726. When a text is reported to 7726, the provider can investigate the origin of the text and arrange to block or ban the sender, if it's found to be malicious. As of May 2022, 13,000 scams have been removed as a result of suspicious text messages reported using the 7726 service.

    How can you protect yourself from phishing scams?

    Most of the phishing scams reported to us have one thing in common, they started with an unexpected email or text message. Whether it's an email asking you to "verify" your bank account details, or a text message claiming you've been in close contact with someone that's got COVID, the goal of a phishing attack is usually the same - to trick you into revealing personal and financial information.

    Here's some simple advice you can follow when it comes to dealing with phishing scams:

    1 - If you have any doubts about a message, contact the organisation directly.

    Don't use the numbers or address in the message - use the details from their official website. Remember, your bank (or any other official source) will never ask you to supply personal information via email.

    2 - If you think an email could be a scam, you can report it by forwarding the email to: report@phishing.gov.uk. Send us emails that feel suspicious, even if you're not certain they're a scam - we can check.

    3 - Most phone providers are part of a scheme that allows customers to report suspicious text messages for free by forwarding it to 7726. If you forward a text to 7726, your provider can investigate the origin of the text and arrange to block or ban the sender, if it's found to be malicious.

    4 - If you've lost money or provided personal information as a result of a phishing scam, notify your bank immediately and report it to Action Fraud: www.actionfraud.police.uk 

    For more advice on how to protect yourself online, visit:  https://www.ncsc.gov.uk/cyberaware/home 

    (Received  from Neighbourhood Alert - Allen Roochove, NCC Techno Buddy 29.07.22




    19th January 2022

    Banks issue urgent warning to customers about 'new device registered' scam

    Banks have issued an urgent warning to customers about a new scam doing the rounds.

    Fake texts claiming to be from NatWest stating 'a new device has been registered with your account' are currently circulating.

    The texts state 'a new device has been registered' and provide a link to follow.

    Clicking the link on the message will send recipients through to a website that has nothing to do with the bank.

    Some internet browsers may issue a warning the website is not legitimate.

    The text is quite convincing - NatWest is named as the sender, and the message doesn't contain any glaring mistakes.

    The scammer's goal is to get a victim to part with sensitive information, such as card numbers and online banking access codes.

    But with the messages appearing admissible, what do you need to look out for?

    Protecting yourself from fake texts

    NatWest shared their top five tips for when you receive a text message asking you to follow a link:

    1. Never give your Online Banking PIN, password, card reader codes or mobile app codes to anyone via text.

    2. Do not phone the number included in the message, criminals on the other end might persuade you to give away personal information. You will always find the correct number on the official bank website.

    3. Real NatWest text messages may contain links to our websites, but, like our emails, never link to pages that ask for any online banking or full card details.

    4. If you have already clicked on a suspicious link, we advise you to run a scan with your antivirus software to check your device for any malicious software.

    5. Make sure you have the latest anti-virus software on your device as it helps keep your device secure.

    What to do if you are a victim of a fake text

    If you believe you may have been the victim of a scam like this, let the bank know via its legitimate channels immediately  

    Nigel Minnis (Techno Buddy 19.01.22)  

    -------------------------------------------------------------------------------


    Christmas Shopping Scams

    23rd November '21

    "BEWARE" - £15M lost to online shopping scams last Christmas 

    This is a message we received via Cheshire Police Alert. This information has been sent on behalf of Action Fraud (NFIB)

    New data from Action Fraud, the national reporting centre for fraud and cyber crime, reveals that 28,049 shoppers were conned out of their money when shopping online over the Christmas period last year - an increase of almost two thirds (61 per cent) when compared to the same period in the previous year.Ahead of Black Friday and Cyber Monday, Action Fraud is warning the public to take extra care when shopping online as reports of online shopping fraud have continued to surge. Here are some simple tips to help you and your family enjoy a secure online shopping experience this festive season.

    Where to shopBuying from an online store you haven't used before? Carry out some research first, or ask a friend or family member if they've used the site and about their experiences before completing the purchase.Your informationOnly create an account if necessary or to save you effort if you're going to use that site a lot in the future. Be cautious if the website asks you for details that are not required for your purchase, such as your mother's maiden name or the name of your primary school.Payment methodWhen it's time to pay for your items, check there's a 'closed padlock' icon in the browser's address bar. Use a credit card when shopping online, if you have one. Most major credit card providers protect online purchases.PhishingSome of the messages you receive about amazing offers may contain links to fake websites. If you're unsure about a link, don't use it - go separately to the website.  Report suspicious emails you receive by forwarding them to report@phishing.gov.uk  Report suspicious text messages by forwarding them to: 7726.

    Email accounts:Make sure that your really important accounts (such as your email account or online shopping accounts) are protected by strong passwords that you don't use anywhere else

    If things go wrong

    If you've lost money to an online shopping scam, tell your bank and report it as a crime to Action Fraud - 0300 123 2040 - https://www.actionfraud.police.uk/   (for England, Wales and Northern Ireland) or Police Scotland https://www.scotland.police.uk/ (for Scotland). By doing this, you'll be helping to prevent others becoming victims of cyber crime.

    For more of the government's latest advice on how to stay secure online, visit the Cyber Aware website: https://www.ncsc.gov.uk/cyberaware

    (Allen Roochove, NCC 'Techno' Buddy 23.11.21)


    12th November '21

    This is a message sent via Cheshire Police Alert. This information has been sent on behalf of Action Fraud (NFIB)

    23M people used 123456 as a password

    Whether it's your Facebook, Amazon, or Netflix account, the explosion in popularity of online apps and services means more and more of us have to remember an increasingly long list of passwords.Unfortunately, some of us cope with this challenge by resorting to practices that leave our data, devices and money at risk - by using the same password across multiple accounts, or by creating simple passwords that could easily be guessed by hackers. Bad password practice is more prevalent than you might think - the UK's National Cyber Security Centre carried out analysis of passwords leaked in data breaches and found that more than 23 million users worldwide used 123456 as a password

    https://www.ncsc.gov.uk/news/most-hacked-passwords-revealed-as-uk-cyber-survey-exposes-gaps-in-online-security  Here are some top tips that will make your life easier and your online accounts more secure:

    1: Creating memorable passwordsA good way to create strong, memorable passwords is by using 3 random words. But remember, don't use words that can be guessed (like your pet's name). You can include numbers and symbols if you need to. For example, "RedPantsTree4!"

    2: Saving passwords in your browserSaving your password in your browser means letting your web browser (such as Chrome, Safari or Edge) remember your password for you.This can help:

    • make sure you do not lose or forget your passwords
    • protect you against some cyber crime, such as fake websites

    It is safer than using weak passwords, or using the same password in more than one place.3: Email account passwordsIf a hacker gets into your email account, they could:

    • reset your other online account passwords
    • access personal information you have saved about yourself or your business

    Your email password should be strong and different to all your other passwords. This will make it harder to crack or guess.