Information Security Advice

Information designed to help you stay safe

Information Security Advice

We pride ourselves on our website security and we would like to give you some tips to keep your personal details safe, so here are some simple steps that you can take to stay protected.

Spam Emails 13 Jan 2017

It has been reported that Yodel has been the subject of a Spam/Fake email campaign where customers will receive an email with the subject "You missed your parcel" or "We missed you". These emails ask you to click a link to 'Download your shipping label'.

These emails are fraudulent, are not from Yodel and have the ability to install malware onto your device if links are clicked.

These emails have been reported to Action Fraud and steps have been taken to remove the websites used in the emails with the registrar.

Emails that are suspected to be malicious should be marked as Spam/Junk and deleted immediately.

--------------------------------------------------------------------------------------------------------------------

Ransomware

Your computer could be infected by ransomware when you inadvertently:

  • Open a malicious attachment in an email. Most Windows ransomware in recent months has been embedded in documents distributed as email attachments.
  • Click on a malicious link in an email, instant message, social networking site or other website.
  • Visit a corrupt website - often these are of a pornographic nature.
  • Open infected files from web-based digital file delivery companies (for example Hightail - formerly called YouSendIt, and Dropbox).
  • Open untrusted macros in application documents (word processing, spreadsheets etc).
  • Connect untrusted USB connected devices (eg memory sticks, external hard drives, MP3 players). A USB does not need your interaction to run malicious code.
  • Insert corrupt CDs/DVDs into your computer.

Avoiding Ransomware

  • Do not reply to, or click on links contained in, unsolicited or spam emails from companies or individuals you do not recognise.
  • Visit only websites you know to be reputable.
  • Ensure you have effective and updated antivirus/antispyware software and firewall running before you go online.
  • Regularly back up all your data, including to a USB-connected device stored remotely from your computer. This is because some ransomware can also infect your cloud-based storage.

If you have ransomware on your computer

  • To detect and remove ransomware and other malicious software that may be installed on your computer, run a full system scan with an appropriate, up-to-date, security solution.
  • If your computer has been locked by ransomware, seek professional advice from a trustworthy source such as https://www.nomoreransom.org/

 

For more advice, see the below link:

https://www.getsafeonline.org/protecting-your-computer/ransomware/

--------------------------------------------------------------------------------------------------------------------

1. How to spot fake emails

Phishing fraudsters try to obtain your confidential or personal information by sending emails that look genuine but could ask you to submit details on an unsecure site. Look out for:

Suspicious addresses - is it from someone who you would normally receive emails from? Also be aware that a fraudster can make an email seem as if it is from a known source.

Subject lines - with a sense of alarm e.g. 'Security Alert' or 'Your account will be suspended.' These people will try to illicit panic and urgency from you in a hope to make you act quickly without your normal cautious nature.

Requests for information - genuine companies never email asking you for User Names, Passwords, Date of Birth or Credit Card details.

Top Tip! When viewing an email, you can hover over hyperlinks (or buttons) to see the underlying website address (URL.)

2. Protect your Mobile, tablet and PC

Update your browser - newer versions have higher security and some will also warn you when a page you're visiting is not secure. Check out your browser's security features to see what they offer.

Software updates - ensure your operating system is up to date and use a reputable up to date security package. Run regular scans to keep your system free from Viruses and Malware. Set it to update automatically so you don’t have to remember to do it.

Use strong passwords - create unique passwords that can't easily be guessed. Avoid common words or people's names and remember to change your passwords regularly. Do not use the same password across multiple websites.

Top Tip! Make sure your passwords are at least 8 characters long, a mixture of upper and lower case letters and include some numbers and maybe a symbol too.

3. Always check

A caller is who they say they are.

The phone line is disconnected after an unexpected call by calling someone else first from the same line or using a different phone. Always call back using a phone number you've got from a trusted website or your statement and never the one that called you originally.

A website is secure before you enter any account or card details. Look for the 'https' at the start of the web address and the padlock or unbroken key icon at the top of the page next to the address bar.

4. Data Compromises
If you have ever had data compromised with another organisation and you use the same password with us you should change it.

5. What to do if you're not sure an email is from us
If you get an email that looks like it might not be from us, don't worry - just forward it to us at
information.security@yodel.co.uk and we'll be more than happy to deal with it for you.

For more free expert advice on safe online shopping visit;
getsafeonline.org