Articles by the cybersecurity community

Guest Post - Shelly Mills - World Backup Day

What’s your personal back up plan? Tuesday 31 March is World Backup Day 

We’ve all heard stores of (or experienced) losing an important document due to the blue screen of death, losing precious photos due to a device dying, or even losing all files after falling victim to malware or ransomware. 

The only way to protect yourself against valuable data loss in situations like this (which could happen to anyone – even IT professionals!) is through regular backups.  


This World Backup Day (31st March), we encourage you to consider your personal backup plan, and backup any files that need to be.  

When considering your personal backup plan, think about all your devices – your laptop, mobile phone, etc.  

Now think about the different files these devices hold. How important are the files? How often are these files added to (e.g. work files that are updated regularly, versus old photos).  

Based on these considerations: 
  • Determine how often files should be backed up. Daily, weekly, monthly, yearly?  
  • Decide where files should be backed up. This could include an online backup (e.g. OneDrive, Google Drive, iCloud, Dropbox), and an offline backup (e.g. external hard drive). Online backups are good in situations where the files need to be backed up regularly, however an offline backup is valuable as it will help ensure a ‘hard’ copy. 

Some types of files may be set to back up automatically – e.g. photos on your smartphone may automatically sync to iCloud or Google Photos. You’ll need to identify what is being automatically backed up (and is this backup alone enough?), what isn’t being automatically backed up, where you can set up automatic backups, where you need to consider manually backing up, how often you want to do an offline backup, and so on. 

You can find more information on backups at Stay Smart Online’s Backups webpage 



Guest Post - Vaishnavi Shimpi - let's stop phishing


Thanks to Vaishnavi for this great reminder about phishing!



I got a call the other day
I won a lottery, such a lucky day.
They sounded very flattering
But I didn’t recollect ever participating.
You are our loyal customer, this is a special one,
Amongst many nationwide, you are the 'chosen one'!
Send us your bank details,
So that we can 'transfer' the money
We also need your 'verification'.
And they asked me for my personal history...
------------

My bank account is blocked they said.
I panicked, and asked 'why'?
Some mischievous activity was found
We'll help you, you just follow by.
We need some 'verification' so,
Tell us your account number and password.
You have provided the correct information,
Now we'll give your account a resurrection...
-------------

I got an SMS the other day
This is 'urgent' it did say,
It's regarding your parcel delivery,
'Act now' or it'll be on it's return journey.
Your 'part' payment is still pending
If you don't pay now, it'll be marked for cancelling.
I 'panicked' and clicked on the link
It took me to a portal that looked all genuine.
I didn't bother to check the URL
Didn't notice something was a bit unusual.
I gave away my bank details, not realising
it was actually someone 'phishing'.
------------

Beware of all these scenarios
They are more than common,
This'll not happen to me
Is simply a disillusion.
There are many out there,
Who are on your lookout,
They mostly sound urgent or authoritative,
It is best to be safe and stay out.
These days it is good to stay suspicious
It's a good way to keep away those mostly dubious.

--------------x-------------

BIO




Vaishnavi Shimpi
A traveller, poet, culture enthusiast, mum, software professional and cyber security and data privacy specialist. Having seen close family members falling prey to phishing attacks, Vaishnavi realised the lack and importance of cyber-security literacy amongst the older and younger generation alike. She has found a simplistic and quick way to spread security awareness through poems.
Often, you’d find her exploring places far and near, gaining new perspectives on people and cultures, currently calling beautiful Australia her home. An adventure and a nature loving person, she loves motorbiking trips with her husband. She also believes in giving back to the society and is involved in educating young school and college students in India.


Excerpt from book Unmasking the Hacker - phishing



The term phishing originates in 1996 with the
AOHell scammers and it is a type of technology-based
fraud where emails are made to appear as being sent
from legitimate companies or familiar people in order
to trick the recipients. There is nothing mystical in
why phishing is successful, and neither are the perpetrators
of this type of cybercrime shadowy figures in
hoodies. Phishing emails exploit human psychology,
using social engineering techniques, to trick the recipient
into providing their account credentials or paying
spoofed invoices. Common syntax in phishing emails,
for example, is designed to make the recipient act fast
without thinking their actions through, with their call
to immediate action, spoofed believable entities and
appeal to people to do the right thing. Phishing emails,
for example, often convey a sense of urgency2 which
encourages recipients to make panicked hurried decisions,
where they do not take the time to think
whether the message is legitimate.
Successful phishing emails rely on being believable,
playing to emotions and the false sense of security of
the recipient. These scam emails whether they are
baiting for credentials, money or intellectual property,
rely on being believable, they spoof trusted brands or
people and relate to everyday topics such as invoices,
correcting log in issues or post deliveries. Phishing
emails play to emotions with subject lines designed to
scare or promote a sense of urgency in the recipient, or
by cajoling or encouraging the recipient to do the right
thing and click the link to fix a payment for example.
Phishing emails also have success as end users may have
a false sense of security believing that spam filters will
block all malicious emails.


For more infomration on this book and where to buy it please visit this page > Demystify Cyber Book Launch <