Introduction to cyber security: stay safe online
Introduction to cyber security: stay safe online

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Introduction to cyber security: stay safe online

1.3 Cyber security attacks and phishing

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1046.mp4
Skip transcript


So there was a time that I actually got phished. I was successfully attacked over the internet. And it really illuminated the fact that security depends on you never making any mistakes, and attacking depends on finding one person who can make a mistake.
So the way that happened was the night before, I'd reinstalled the operating system on my phone, and so every time I logged into a service that normally I'd have a password stored on my phone for, it was prompting me to reenter my password, because I had a new operating system. And also, I had a new browser, and the browser hid part of the URL of the website I was looking at. So that made things bad, too.
I went to the coffee shop after dropping off our daughter at school with my wife, and she sat down to read the free sheet and I stood in the queue, and I fired up Twitter and there was a direct message from a friend of mine that said, was this you? And a URL. And the day before, I had also published a bunch of newspaper editorials, so I was getting a lot of emails and direct messages, saying oh, I saw that, or how was this, or whatever. And so it seemed kind of plausible. And I clicked on it, and it prompted me for my password. And it brought me to a Twitter login screen and prompted me for a password, which was normal. Everything was prompting me for it. It looked like I was visiting Twitter dot com, because of the way the browser was displaying, and I entered it in.
And then I got three more DMs from other people saying, is this you? And I was like, oooh, they've all been infected by something that presumably I've just been infected by, too. And if nothing else, I just entered my password into this.
The consequences, thankfully, were pretty light, because it happened immediately, and I had good password hygiene that I didn't recycle passwords across services. So I immediately sat down in the cafe, cancelled all my morning meetings, and changed that password and went through and made sure everything looked OK and then ended up blowing out the operating system on that phone and reinstalling it. Luckily, the consequences were pretty slight and nothing bad happened to me apart from losing that morning and feeling like an idiot.
End transcript
Interactive feature not available in single page view (see it in standard view).

Britain is being targeted by many thousands of cyber attacks every hour. For small organisations the worst breaches cost between £65,000 and £115,000 on average and for large organisations may run to many millions of pounds. These costs can occur as direct financial losses due to fraud or theft; the loss of productivity due to time spent recovering from the effects of a successful attack; or the lost of trust and reputation.


It may be surprising that many cyber security breaches do not result from technical failures. In fact, it is commonplace for attackers to exploit the goodwill and trust of people to gain access to systems, using a form of attack that is known as ‘social engineering’. Pretending to be technical support personnel or crafting emails that ask for usernames and passwords are common forms of social engineering attacks. You may have heard the term ‘phishing’ used to describe these kinds of emails. Phishing is a form of social engineering. In the video, course guide Cory explains how it happened to him.

Phishing emails can use your real details and passwords to make you think that the attacker is a real contact that you already know, or to make you think that they have more information than they actually do to panic you into clicking on a message. The criminals get your email address and password data etc. from breaches of many online databases.

In October 2019, over 30,000 aggressive phishing emails an hour were being sent out to email addresses where a password was known: news/ technology-50065713 [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)]

In January 2019, Troy Hunt, a security professional, published details of a database being used by criminals that contained 773 million records and over 21 million unique passwords.

To check if your account has been part of a data breach that included your email address visit To check if a password that you use has also been found in a data breach visit Passwords. Don’t type in a complete password to start with. Type in the first few characters and click ‘pwned?’ If it doesn’t come up, your password is safe. If it does get a match, add the next character and check again. If you have typed in the complete password and get a match it is time to change your password!

Of interest, check the password 123456789. How many times has that been seen?!

In a later week in the course you’ll study how to create secure passwords.

In the next section you’ll find out about three high profile cyber security breaches.


Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371