Just like urban myths, cyber myths exist that sound so real they could also be true.
Believing these myths may expose you to cybercriminals.
Myth #1: Anti-virus software and firewalls are 100% effective.
Truth: Anti-virus software and firewall installation services* are important for protecting your information. However, neither is guaranteed to protect you from an attack. Combining these technologies with good security habits is the best way to reduce your risk.
*Most operating systems include a built-in firewall feature that you should turn on.
Myth #2: I never have to update the software installed on my computer.
Truth: Software companies release updated versions of their software firewall installation services to address problems or fix weaknesses. Hackers and malicious programs or viruses can find weaknesses and will exploit that software to access your computer, smartphone or tablet. To keep your device secure, you should install any software update as soon as possible. Some software even offers the option for automatic updates.
Myth #3: I have nothing important on my computer, so I won’t be hacked.
Truth: Your opinion about what is important might be different to a criminal’s idea. If you have personal or financial data on your computer, hackers can collect it and use it for their own financial gain. Even if you don’t store that kind of information on your computer, a hacker may be able to gain control of your computer and use your data in attacks against other people.firewall installation services provides your system security.
Myth #4: Cybercriminals only target people with money.
Truth: Anyone can become a victim of identity theft. Attackers look for the biggest reward for the least amount of effort and if your information happens to be in a compromised database, it could be collected and used for malicious purposes. It is important to only share your personal details with people and organisations you trust.
Myth #5: A strong password will solve all my security issues.
Truth: Strong passwords are the first line of defence to protect your information from cybercriminals, but they can still be compromised. You should support your strong password with other measures such as two-factor authentication. If strong passwords are too complicated to remember, you can install a password manager on your computer, smartphone or tablet. It will generate and remember secure passwords for you and some password managers will sync across your devices.
Remember: Be diligent about protecting yourself online, so you don’t become the victim of a cyberattack.
Numerous small businesses feel helpless in the face of cyber security threats or don’t consider that they are at risk at all.
Making cyber security a priority for your business is important to protect your livelihood. Many small businesses find it hard to recover after a cyber security incident and are often left devastated. A few simple steps can make a huge difference and protect your business into the future.
Good cyber security doesn’t happen by accident. It’s important to be intentional and consistent in your approach. Here are some simple things you can do:
Ensure you have antivirus software.
Always install security updates.
Develop a policy about the use of personal devices on your network, and make sure you and your staff understand the associated risks.
Set a back-up schedule to regularly back up all your data.
Use strong passwords on all your accounts and encourage your staff to do the same.
Don’t assume your staff are cyber safe.Work with them to help them practice safe online behavior while at work. Here’s what you can do:
Educate your staff on click safety, how to identify scams and appropriate care and storage of customer information.
Discuss current risks, such as scams and ransomware and how you can stay safe.
Have an incident response plan – what will you do if you experience an incident?
Staying aware of cyber security issues and risks is a great way to protect your business.
Practice safe browsing habits and be on the lookout for malicious links and scams.
Making cyber security a priority for your small business is easy, and taking a few simple steps will make you feel more comfortable, knowing your business is safer!
The Australian Government has issued a media release identifying Russia as responsible for targeting commercially available routers around the world in 2017. While Australian organisations were affected by this targeting, there is no indication that Australian information was compromised. Businesses are reminded to be vigilant and take all steps to keep your information safe. Small businesses can keep their information safe by:
Using a firewall to keep out unwanted connections and review the firewall logs for unusual activity on your network. For example, you may notice something that suggests an intrusion.
Restricting access to the minimum services and functions necessary for staff to carry out their role.
Using strong authentication that requires both a password and token-based or two-factor authentication.
Deleting remote access privileges for staff once they are not needed. For example, do not let someone who has left the company retain access to your network.
Using Virtual Private Network (VPN) software to provide a high level of encryption for access to your network remotely.
If you allow staff to connect to your business network using personal equipment, including home computers and mobile phones, ensure they have installed the latest software updates, have up-to-date security software and have received security awareness training.
There have been reports of a current increment in email scams containing malware, which can take control of your PC or hack your data.
The emails contain a link which, if clicked on, downloads and installs a Remote Access Trojan (RAT) on your device. Hackers use these RATs as an invisible backdoor to access the data on your computer. They can steal your confidential information, hold your computer to ransom or install other programs without your knowledge.
Does it affect me?
Thousands of these emails have been sent out to individuals and businesses across Australia. They are coming from a variety of sources, which means many are not being detected by internet service providers’ email filters or customer anti-malware programs.
The cyber criminals are using a common tactic to try to make the email look legitimate by slightly altering a real domain name. For example some emails are being sent from email@example.com. Note that the there is an ‘l’ in the domain rather than a lower case ‘i’.
How do I stay safe?
Don’t open emails if you don’t know the sender.
Be suspicious of emails that aren’t addressed directly to you, or don’t use your correct name.
Don’t reply to, or forward chain letters you receive by email.
Think carefully before clicking on any links or opening any attachments in emails.
If you are unsure, contact the person or business separately to check if they are likely to have sent the message.
Make sure you have up-to-date anti-virus software installed on any device used to access the internet
Businesses: provide security awareness training for your staff and teach them how to protect your business from suspicious and malicious messages.
We love to share our lives with our friends near and far, however a few people share an excessive amount of information online.
Numerous individuals realize that private data is private, however at times neglecting to thoroughly consider that an social media post can leave you exposed.
You need to always stop and consider what may occur before you send pictures or personal details out into cyber space!
Five things you should never share on social media
Pictures of your new credit card or other financial information. Sometimes in the excitement of receiving a new card, people post a photo of it to social media. Even with the highest privacy settings, it’s not safe to post pictures or information that shows your financial details.
Identity cards or documents. Driver licences are regularly seen on social media, especially when people pass their driving tests. While this is definitely a photo and #hashtag moment, sharing any kind of identification online exposes you to identity fraudsters.
Tickets. Plane tickets continue to be a very popular social media post. But beware! They contain a lot of information, including sequence numbers that cybercriminals can use to decode personal information about you, and then access your bank account and financial information. If you share your holiday plans, you’ve also potentially just told -the criminals when no-one will be home. Same goes for tickets to music and sporting events.
Pay slips. Everyone loves to get a pay rise, but if you post your pay slip to prove it, you’ve just possibly advertised your personal and bank details to cybercriminals. It’s private information—social media doesn’t need to see it!
Inappropriate behaviour, comments, images and video. Inappropriate comments, as well as complaints or criticisms can land you in hot water. So don’t air your grievances on your social media channels. In addition, don’t share intimate or offensive images of anyone without their consent.
Guess what would happen if your PC unexpectedly crushed or was hit by malware, and you lost all your important photos, accounts, home videos, documents and emails?
World Backup Day is all about regularly backing up your important files and data so you have a spare copy stored somewhere safe. It’s really quick and simple to do.
What is Backup?
A backup is a second copy of all your important files — for example, your family photos, home videos, documents and emails. Instead of storing it all in one place (like your computer), you keep another copy of everything somewhere safe.
What are the options?
So how do you go about backing up your files? It’s easy: you can use external hard drives, an online service—often referred to as cloud backup—or a combination of both. You can backup mobile devices like smartwatches, tablets and smartphones to your computer. Remember: Making any kind of backup reduces your risk of losing your data.
External hard drives
External hard drives protect your data on a physical device that’s separate to your computer. Physically disconnecting your external hard drive from your computer when it’s not in use helps keep your data safe, both from online attackers and power surges. You can set external hard drives to back up automatically, and they will run regular backups on an hourly, daily or weekly basis. Using multiple external hard drives will help to ensure you always have at least one that is not connected to your computer at all times. How you backup your digital content on a hard drive depends on your operating system:
Apple: connect the external drive, launch Time Machine and click the ‘Backup Now’ button.
Windows 10: Go to ‘Settings, Update & Security’, select ‘Backup’ and ‘Add a drive’. Once set up, Windows 10 will back up everything in your user folder, every hour.
buy an online backup plan
install the provided software on your computer
tell the software what drives, folders, and/or files you want to keep backed up.
The private information of a considerable number of Facebook users over the globe has perhaps been used to generate political advertising. Political research firm Cambridge Analytica has been reprimanded for mining the data of 50 million Facebook users to construct political publicizing in the midst of the 2016 US election campaign. The Australian Privacy Commissioner is examining whether any personal information of Australians has been secured and whether advance regulatory action is required.
Does it affect me?
When you sign up to social media platforms you agree to the privacy policies of each individual site. Privacy policies govern how your personal information can be used — some social media organisations may share your information, such as email addresses or user preferences, with third party businesses.
How do I stay safe?
It is very important that you take the time to read the privacy policies of each social media platform before you sign up. Privacy policies can also change so it’s a good idea to regularly review the policy and check how much information you reveal in your profile. For more information, please visit: www.staysmartonline.gov.au
The Australian Taxation Office is warning people to beware of scammers impersonating the ATO and demanding Bitcoin or other cryptocurrency as a form of payment for fake tax debts.
The ATO has seen over $50,000 paid in Bitcoin to scammers claiming fake ATO tax debts so far.
Does it affect me?
Anyone can be the target of this scam.
If you have received an unexpected email or threatening phone call that claims to be from the ATO and demands payment via Bitcoin or cryptocurrency, iTunes cards, or pre-paid Visa gift cards, don’t make the payment.
How do I stay safe?
Keep your personal information such as your Tax File Number and birth certificate secure and safe. Don’t carry them around in a wallet or handbag or saved on a phone.
Be suspicious of any unexpected emails or threatening phone calls that claim to be from the ATO.
Organisations collect and store a lot of personal details. You trust them with your address, credit card number, health records and more.
How would you feel if your personal details were accidentally released and went public? Sometimes personal information is released publicly by accident or as a result of poor security. For example, computer systems can be hacked and personal information stolen. The new privacy rules aim to better protect your personal information, by making organisations more accountable if they expose it. A recent McAfee survey found that 43% of people feel they don’t have control over their personal information.
New privacy rules explained
The Notifiable Data Breaches scheme means many organisations must tell you if your personal data has been involved in a data breach, and this has put you at risk of serious harm. These are called ‘eligible data breaches’.
What are eligible data breaches?
An eligible data breach is one that is likely to result in serious harm to the person the information is about. This could include serious physical, psychological, emotional, financial, or reputational harm. When an organisation notifies you about a data breach, they will also have to provide recommendations for how you can protect yourself.
What organisations does the scheme apply to?
The scheme applies to Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of more than $3 million, credit reporting bodies, and health service providers, among others.
What does the scheme mean for you?
If an organisation spills your details and it could result in serious harm for you, they will have to tell you about it as soon as possible. This is to give you the chance to reduce any potential harm by taking action that may include changing your password or contacting your bank if your banking details have been leaked.
How will you find out if you are the victim of an eligible data breach?
Organisations should get in touch with you directly if they have accidentally released your data. Sometimes this won’t be possible, for example, if the organisation doesn’t have your current contact details. If this is the case, the organisation has to publish the information on their website and make an effort to make sure people affected see it.