£1.4m lost from email and social media account hacking in the past year
Latest data from Action Fraud shows that more than 33,600 people reported that their online accounts had been hacked from August last year, with victims losing a total of £1.4 million.
It is now urging people to provide an extra layer of protection, such as enabling 2-Step Verification (2SV), to protect their online accounts from fraudsters.
The warning comes as part of an awareness campaign on social media and email account hacking for Cyber Security Awareness Month.
Adam Mercer, deputy director of Action Fraud, , the national fraud and cybercrime reporting service, said: “Cyberattacks and hacking are carried out by faceless cybercriminals who target unsuspecting victims looking to take advantage of unprotected social media and email accounts.
“With this being the top cybercrime reported last financial year, it’s even more important to take action and ensure you lock down your accounts.”
To protect themselves from fraudsters trying to steal or access their “valuable information”, he says people should ensure their social media and email account passwords are secure.
“All your passwords should be different and never shared with anyone else. If you have the option, enable 2SV to ensure you have twice the protection for all your accounts,” said Mr Mercer.
In the reports made to Action Fraud, there were various different methods of hacking reported, including:
On-platform chain hacking
This is when a fraudster gains control of an account and begins to impersonate the legitimate owner. The goal is to convince people to reveal authentication codes that are sent to them via text. Many victims of this type of hacking believe it’s a friend messaging them, however the shared code was associated with their own account and the impersonator can now use it to access their account. Usually when an account is taken over, fraudsters monetise control of the account via the promotion of various fraudulent schemes, while impersonating the original account owner.
Leaked passwords and phishing
The other predominant method of hacking reported is leaked information used from data breaches, such as leaked passwords, or account details gained via phishing scams. This becomes prevalent as people often use the same password for multiple accounts, so a leaked password from one website can leave many of their online accounts vulnerable to hacking.