Rant on the state of Cyber Awareness

Zac Howard

3 min read
Share

Next week I will be joining a school my mother works for to help with a "Careers Fair". It will be a great opportunity for me to try and convince some kids to take up Security and IT as a career path. Even with the current AI landscape, I still feel like, in the end, we will use AI as a tool rather than some great replacement for workers.

I've done a few events similar to this and I do end up realising that I could probably talk for hours about Malware, Passwords, Privacy etc if I wasn't talking to a bunch of 10 year olds who would rather be anywhere else than listen to me yap on about how to stay safe online. My point is though, there are endless amounts of guidance, videos, and government advice online for people to find, and yet we don't seem to really be in any better state than we were before. Even taking business-based cyber attacks out of the equation (and these attacks aren't slowing down anytime soon) - has there actually been any reduction in the amount of people who are scammed or compromised online?

A couple of years back my Grandad fell for a fake Amazon advert on Facebook. It was an advert for a big crate "full of unsold/returned Amazon items", which claimed that if you paid a small fee of just £50, you would receive multiple high-value items like iPhones, Tablets and AirPods. I don't get the chance to see my Grandma and Grandad as much as I probably should, but one day I turned up at their house and he started telling me about this Amazon "thing" he bought and a pair of £15 knockoff AirPods he'd received in the mail. Eventually, after looking at his phone, we managed to find the post he'd seen. It was similar to the image below, but just replace T-Fal with Amazon.

Fake Facebook Kitchenware Scam

This was obviously fake. At least to me - someone with 6 years of experience working within Cyber Security and having grown up with the internet. Now for my 80-year-old Grandad, whose priority these days is looking after my Grandma, not so much. While we could just chalk it down to him being old, I actually found out that the rest of my family had also been told about this and had told him it was all fine. I couldn't believe it at the time. I was so angry that the people I had assumed would be able to protect him had also fallen for this.

But this goes further than just him falling for scams. If he can fall for something as basic as this, it really doesn't take much to realise what else he could fall for. And if you take a look at the stuff in his Facebook feed and what he actually believes is happening in the world, you'd see why we should be concerned. I'm not even talking politics here - he thought we'd found life on an asteroid heading for Earth from a Facebook page with 20,000 likes and AI-generated content. And apparently much younger members of my family also aren't able to spot this stuff.

There is a lot of guidance online about Cyber Awareness and safety, but ultimately a lot of it is curated towards people that already know about Cyber Security, or is just clickbait fearmongering from mainstream media outlets who understand very little about the threat landscape.

I want to try and help with this problem, even if only in a small way in my own community, because this isn't getting better anytime soon. And with the things I can already create using public LLM tooling, it's a pretty horrifying thought what people with much more time and resources will be able to do.

This will be a general blog targeted towards people without an IT/Security background, with the hope that this can become a one-stop shop for guidance on attacks, how to secure devices, understanding the threat landscape, and specifically what you actually need to worry about in order to protect yourself and your family. Hopefully this will cut through the noise and give people practical tools and advice to stay safe online.

Thanks for Reading,
Zac Howard