Daily Archives: January 1, 2020

#cyberfraud | #cybercriminals | Tips to help you outsmart scammers in 2020

Source: National Cyber Security – Produced By Gregory Evans

GREEN BAY, Wis. (WBAY) – A new year, a new push to protect your privacy. Consumer First Alert wants to help you outsmart scammers in 2020.

The Better Business Bureau of Wisconsin has released its list of New Year’s Resolutions for a Consumer-Savvy 2020.

Here’s the Top 10, courtesy of the BBB:

1. Implement a credit freeze. A credit freeze is the best way to protect yourself from financial identity theft because it restricts access to your credit file, making it impossible for identity thieves to apply for a new line of credit in your name. Best of all, it’s free to freeze and thaw your credit.

2. Use technology to block robocalls and other telemarketing calls. Nomorobo, a call blocking feature, can disconnect known telemarketers or scammers from your VoIP landline after one ring. It’s free for landlines; a nominal fee for cell phones. Go to www.nomorobo.com to begin. Make sure you’ve registered your phones with www.donotcall.gov, too.

3. Review your permissions and privacy settings on social media. If you’ve signed into an app or website using your social media credentials or taken a fun quiz on social media, you may have unwittingly given permission to third-party apps to access your personal information and contacts. On Facebook, go to “settings” and “apps and websites” to review.

4. Warn others and stop fraudsters by reporting scams to BBB’s Scamtracker. Scamtracker is a crowd-sourced website where you can report if you’ve been contacted by a scammer. Since reports are plotted on a map, you can also use Scamtracker to find out what’s happening in your area. Go to bbb.org/scamtracker for more information. Scamtracker reports also help BBB educate the public with more in-depth reports via our scam studies.

5. Check out businesses and charities first. A little research before you buy or donate to make sure you’re working with a reputable company or charity can save you a lot of time, money and heartache later. Check out companies and charities at bbb.org. BBB accredited businesses and charities have been evaluated by BBB, and meet and promise to maintain our Standards of Trust or Standards for Charity Accountability.

6. Use secure payment methods. A scammer’s favorite way to steal your money is by asking you to pay with either a gift card or a money wire transfer, such as Money Gram or Western Union. Why? Because these payment methods are irreversible. Credit card payments are more secure because, if fraud is suspected, the charge can be disputed. If you receive a request from someone claiming to be from the IRS, a debt collector or anyone else and they ask you to pay with a gift card or a money wire transfer, it’s almost always a scam.

7. Use a unique and complex password for every online account. Consider a passphrase, which is simply a long password made up of from a collection of multiple words, making them both easier to type and remember. Poor, easy-to-guess passwords are one of the most common ways cyber attackers can hack into your online accounts. If it’s too difficult to remember multiple passwords, consider a password manager. Then, you’ll only have to remember one unique and complex password instead of many.

8. Enable multi-factor authentication whenever it is available. Multi-factor authentication is when you are granted access to an online account only after you have successfully provided two or more pieces of evidence, such as your password AND a unique code generated by your smartphone, emailed or texted to you. With multi-factor authentication, if hackers steal your username and password, they still can’t access your account.

9. Monitor your existing financial accounts. Gone are the days when you waited for your credit card statement to come in the mail for you to review. Sign up for online access so you can review your financial accounts daily. Better yet, take advantage of free text message alerts to notify you of activity, remind you when payments are due, etc.

10. File your taxes early. One common fraud during tax season involves identity theft. Scammers try to submit a return in your name and have your refund come to them. You can avoid this by beating them to it, and submitting your tax return early. Follow these BBB tips for finding the right tax preparer.

Source link

The post #cyberfraud | #cybercriminals | Tips to help you outsmart scammers in 2020 appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#hacking | New Years Resolution: Organizations push for proactive approach to security

Source: National Cyber Security – Produced By Gregory Evans


Looking at the security fails of 2019 is amusing but it ought to set against the progress by many in adopting best practice when drawing up the security ledger for the year.

Security success stories tend to start with establishing an effective security policy coupled with a training program and sound contingency planning, a collective approach often absent from organizations.

But businesses and public sector bodies are moving to improve the way they secure personal information, not least because of the harsh fines imposed by tightened data protection rules such as the EU’s General Data Protection Regulation (GDPR).

Requirements for companies to disclose breaches, whether under GDPR or many of the data breach notification laws found throughout the US, are among the main reasons why organizations are starting to become more open about any data loss that they may experience.

This has equally prompted change in the way a business collects and uses data, and how it keeps their customers informed. Increasingly, user or customer education is part of a company’s data security team remit.

Businesses are now finding, in part, that a perimeter security approach – building ever-higher walls around systems and data – is unsustainable. A strong data protection policy, in short, is better for business.

This approach is known as “data stewardship”.

Why it’s worth investing in data stewardship

“Data stewardship starts with an effective data strategy,” Dr. Sanjana Mehta head of market research strategy for EMEA at (ISC)², the security professional association, told The Daily Swig.

“This means asking fundamental questions such as: what data is an organization collecting? What is the purpose of storing or processing that data? And are the data subjects fully aware of and have they consented to these purposes?”

An organization should be collecting only the data it needs for its business process, and it should be informing the customer, citizen, or employee about why the data is needed, how it will be processed, and for how long it will be kept. The GDPR, for example, sets out – for citizens residing in the EU – a legal ‘right to be forgotten’.

Unless organizations practice good data stewardship, knowing the data that they hold and where that data is, they will not be able to meet the obligations set out under the legislation, or indeed any similar data protection law that is to pass in 2020.

“Organizations continuously tread a fine balance between optimizing data processing to inform strategic decisions which means providing more people access to more data and securing the interests of their data subjects, which means tightening access to data,” Dr. Mehta said.

READ MORE Swig Security Review 2019: Part II

Clean data is good for business

Good data management makes it easier to protect information. The business can target protection measures – including firewalls, encryption, and data loss protection tools – and train staff to reduce accidental data loss. This is hardly news to CISOs.

But minimizing data collection, and being clear about why data is needed, goes further. It is also about trust.

“I have been saying for a couple of years that you can’t have customer experience without permission,” Darren Guarnaccia, chief strategy officer at Crownpeak, a digital experience management company, told The Daily Swig.

“Part of that experience is trust… So much of that has been eroded through events of the last couple of years. Brands have to earn some of that back.”

This is why Guarnaccia advocates an open approach to data policies, as well as on-going training for employees. His views are echoed by Phil Slingsby, head of governance, standards and assurance at converged ICT services supplier GCI.

“As a tech company it’s easy to forget the importance of people,” Slingsby warns. “Privacy, in particular, is a human right, so it’s fundamentally focused on people.

He told The Daily Swig: “To be as effective as possible when it comes to data protection, we’ve had to get better at engaging with our people and integrating data protection into the fabric of how we do business.

“This has meant a shift in priority away from just being certificated to things like [the] ISO 27001 [security standard], and more towards ensuring that we are actually ‘doing the right things’ when it comes to data protection.”

Good shepherds

Clear and relevant data collection policies are vital. Some organizations go further, and actively promote data and privacy protection to their customers, as well.

Mozilla, the organization behind the Firefox browser, promotes a free service for internet users to look up pwned passwords, for instance. The service holds breach data going back to 2007.

And Nest, the Google-owned smart home company, set up a service last year warning users about password breaches, even if they were found to affect rivals’ hardware.

But our favorite is the privacy policy video from European low-cost airline easyJet. In a parody of those in-flight safety videos frequent travellers largely ignore, it sets out why the business collects data, and how it might even lead to lower fares.

YOU MIGHT ALSO LIKE Year in Review: Security needs a reboot in 2020

Source link

The post #hacking | New Years Resolution: Organizations push for proactive approach to security appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof

#cyberfraud | #cybercriminals | Cloud, 5G and ‘wetware’ attacks — the 5 biggest cybersecurity threats of 2020

Source: National Cyber Security – Produced By Gregory Evans

(Source: Giphy)

Businesses are getting cosier with the cloud. As more data pours in, it makes sense to use a public cloud server rather than set up servers in-house. But just because they’re moving to a ‘cloud smart’ agenda doesn’t mean that they aren’t being ‘cloud dumb’.

According to Forcepoint, public cloud systems are going to be the new bullseye for attackers worldwide in 2020. “We expect to see more breaches both from external and internal parties as Cloud applications become more ubiquitous,” it says.

While cloud service vendors are obligated to protect the infrastructure and make sure that data keeps flowing smoothly, they’re not actually responsible for data security. That liability lies with the enterprise — something that most businesses don’t seem to realise.

“From the cloud layer all the way down to the home network, IT security leaders will need to reassess their cyber risk and protection strategy in 2020,” says Nilesh Jain, vice president for Southeast Asia and India at Trend Micro.

Source link

The post #cyberfraud | #cybercriminals | Cloud, 5G and ‘wetware’ attacks — the 5 biggest cybersecurity threats of 2020 appeared first on National Cyber Security.

View full post on National Cyber Security

hacker proof, #hackerproof