How to Detect and Respond to a Cyber Incident

No security can ever be perfect. Cyber Incidents can and will happen to businesses, so we must be all prepared to deal with them.

Greater Manchester Police, like all other police forces, has a dedicated specialist cyber crime team who are highly trained and experienced in investigating cyber crime and at putting the victim’s needs at the forefront of the investigation.

It is really important if you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), that you call Greater Manchester Police at any time on 101 or report the attack to Action Fraud on 0300 123 2040 immediately.

Millions of cases of fraud and computer misuse are reported to the police every year. But it is important to remember that many of those crimes could have been prevented by making a few small changes in our online behaviour.

The majority of cyber crimes aren’t being reported

Only a fraction of fraud and cyber crime offences occurring in the UK are being reported to the authorities, according to estimates compiled by the Office for National Statistics (ONS) in its new telephone-operated Crime survey for England and Wales (TCSEW).

According to a recent post from Computer Weekly, just 16.6% of frauds are being reported. The research estimated that whilst there were 4.4 million fraud offences in the 12 months to 30 September 2020, police-recorded offences collated through the National Fraud Intelligence Bureau (NFIB) via Action Fraud, Cifas and UK Finance, showed just 730,765 offences, a rise of about 2,000 from 2019.

How can I reduce the chance of my business becoming a victim of cyber crime?

To reduce the chances of your business becoming a victim of cyber crime you don’t need to be a computer expert. Developing a few good online habits drastically reduces your chances of becoming a victim, makes you less vulnerable and helps your business work online safely.

Make your staff aware of the latest cyber security threats, we offer businesses the chance to join us for monthly webinars. Our events calendar in the coming months is focusing on the topics of; securing your office, understanding your digital footprint and ransomware threats in the summer.

Backup your data

Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to it unless they pay a ransom.

Regularly back up all your documents and photos in at least one other place to minimise the risk of losing everything if you get a ransomware virus.

You can back up data onto:

  • A USB stick.

  • An external hard drive, making sure that the drive isn't connected at all times, as ransomware can infect devices connected to your network.

  • A cloud server, making sure that the password you use for cloud servers and backups is a strong password and one you don't use anywhere else.

Be wary of email and text scams

Be careful when opening emails and texts, especially if you don't know the sender. If an email or text is unexpected or seems unusual, even if it’s from a customer you know, ignore it and contact the sender directly to check if they sent it.

Your bank, the police, the NHS, HMRC and reputable companies will never ask for sensitive or financial details of your business via email, phone or text.

To protect your business from scams, known as 'phishing':

  • Don’t open attachments or click on links in emails or texts from senders you don’t recognise.

  • Never give out business information, financial details or passwords in response to an email, when you receive an unexpected phone call or in response to a text message.

  • Set up spam filters on all of your accounts.

  • Don’t respond to emails or texts from unknown sources.

  • Always go to a website directly, by typing out the address yourself, when logging into an account.

  • Remember, the police, banks and government departments like HMRC will never ask you to transfer money out of your bank account.

You can forward phishing emails to the National Cyber Security Centre (NCSC) suspicious email reporting service via and forward smishing text messages to your network provider via shortcode 7726 who will both take steps to prevent these at the source.

Be careful when using social networks

Social networks are a great way of keeping in touch with customers, but be careful about how much information you are sharing.

Once you post or share something on any social media profile it’s out of your control and could be shared and used by others, even if you delete it.

Make sure you:

  • Review your privacy settings and check them regularly as updates can affect settings.

  • Don’t add or accept ‘friend’ requests from people you don’t know.

  • Think carefully about the images, videos and content that you share.

Further guidance & support

You can contact the Cyber Resilience Centre for guidance and support during normal office hours on 0161 706 0940 or by dropping us an email. We also provide free guidance on our website and your business can also encourage your staff to sign up for our free core membership. Core members receive regular updates which include the latest guidance, news and security updates. Our core membership has been tailored for businesses and charities of all sizes who are based in Greater Manchester and the North West.

The National Cyber Security Centre (NCSC) has also created the Small Business Guide to Response and Recovery. It provides small to medium-sized organisations with guidance about how to prepare their response, and plan their recovery to a cyber incident.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of Cyber Resilience Centre for Greater Manchester (CRCGM) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. CRCGM provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

CRCGM does not accept any responsibility for any loss which may arise from reliance on information or materials published on this website. CRCGM is not responsible for the content of external internet sites that link to this site or which are linked from it.