Cyber experts warn KU students about danger online

TalkTalk CEO Dido Harding has been under pressure after third cyber attack on company in less than a year

Cybersecurity experts have warned KU students to be wary about “dodgy” emails and calls, following last week’s massive cyber hack on phone and broadband giant TalkTalk.

Up to four million customers may have had their personal details stolen, with the firm saying it had “no idea” who was affected or what kind of information was stolen, though it did say that sort codes and account numbers may have been accessed.

Now experts have told students who had contracts with TalkTalk to check their bank accounts and change passwords – and be alert for more scams.

KU senior lecturer in networking Dr Eckhard Pfluegel, said: “If you are a TalkTalk customer, be aware that you will not actually receive any phone calls from TalkTalk claiming to help you protect your account information.

“You should ignore any emails claiming similar services as they are most likely to be spam.”

Dr Pfluegel said students should “consider carefully” who they are submitting information to, including “social networks such as Facebook and LinkedIn, online shopping sites and customer web-interfaces”.

KU associate professor of computing and information systems Dr Vasileios Argyriou, warned students to be “generally suspicious” about phishing, the fraudulent practice by which hackers get access to personal information by faking to be authentic service providers.

Dr Argyriou said: “Phising is very common. Hackers create fake websites which are identical to the original one, like Facebook and Amazon for example, and people naively insert their password, which the attackers then steal in order to access private information.”

The professor warned people that phishing happens with bank websites too, so people have to be cautious and check their accounts frequently to see if any transactions have been made, even for less than a pound, as hackers “might get a pound off a million customers and make huge sums out of it”.

He added that if people discovered that their accounts were hacked, they should immediately report it to the police or the bank.

Thomas Heinis, lecturer in computing at Imperial College said: “The recent case of the cyber attack on TalkTalk is a solemn reminder of how valuable our personal data is. To run our day-to-day life we need to share it, yet even big companies with seemingly unlimited resources cannot protect it against leaking by means of cyber-attacks.

“Ultimately it is our responsibility to protect our data by only giving out as much as is needed to companies and organisations we trust, and only when we feel comfortable in doing so.”

KU associate professor in IT Dimitris Tsaptsinos warned students that they should always keep their systems up to date with anti-virus software and check for ‘https’ at the beginning of URLs as it means that data being transferred is securely encrypted.

However, Dr Argyriou cautioned people to download the software personally and not follow links from pop ups advertising anti-virus software, as they may be the virus itself.

A TalkTalk spokesperson said: “We are working through to have a clear idea of who was affected, but there is a lot of data and we don’t want to get it wrong.

“We can’t risk telling people that there data has been compromised when it actually hasn’t. That is as much as we owe to our customers.”

Across Penrhyn Road campus there was general concern among students using TalkTalk that their data was stolen and their accounts were hacked.

KU sociology and media student Suraj Manandhar, 20, has been with TalkTalk broadband for seven years and said: “I never had any problems but now I will look into changing company. I’ll give them a call and see what’s happening and if I’m at risk, and I’ll also record the call for future reference just in case they say I didn’t get hacked but then I actually did.”

Game programming student, Diane Zhdanova, 23, said that she would have gone “berserk” if her information had been accessed and she would have called the bank to get her direct debit cancelled.”