Published on February 9th, 2016 | by Admin
Symantec facts and tips for Safer Internet Day, tomorrow 9 Feb
On this day, we are reminded of our role in creating a better internet environment for ourselves and our loved ones through safe, responsible and positive use of digital technology. To kick off the occasion, Symantec and Norton offer the following facts and tips for safe and responsible use of online technology.
Did you know that…
- Your devices can be held hostage[1]
Using crypto ransomware, cybercriminals can hold a victim’s file, photos and other digital media hostage and demand ransom. Our smart devices and wearables hold plenty of personal information which could lead to new opportunities for ransomware attacks.
- Having your email or social media account compromised can lead to further attacks on your friends and loved ones[2]
Cybercriminals use stolen email or social media accounts from one victim to spear-phish – in other words, lure their next victim. After all, we are more likely to click something posted by a friend.
- Many of us are vulnerable online[3]
1 in 4 Singaporeans do not have a password on any device. Furthermore, less commonly used devices, such as our connected home devices, are less likely to be protected. With the Internet of Things, many of our devices are inter-connected, increasing the importance of securing all our devices.
- Our online security behavior might be compromising our safety[4]
80 percent of Singaporeans believe that sharing email passwords is riskier than lending their car to a friend for the day. Despite that, 1 in 5 have shared their password with others! This could be especially risky if users re-use the same password for multiple platforms.
- Cybercriminals are becoming more sophisticated
5 in 6 large companies were hit with targeted attacks in 2014[5], a 40 percent increase over the previous year. There have been cases where cybercriminals craft an email, purporting to be from the target organisation’s CEO, asking the recipient to carry out an urgent wire transfer. These are also known as business email compromise (BEC) scams, also referred to as “whaling” because they send spear-phishing emails to senior (usually C-level) employees[6].
Tips on online protection[7]
- Be cautious on social media: Don’t click links in unsolicited email or social media messages, particularly from unknown sources. Scammers know people are more likely to click on links from their friends, so they compromise accounts to send malicious links to the account owner’s contacts.
- Know what you’re sharing: When installing a network-connected device, such as a home router or thermostat, or downloading a new app, review the permissions to see what data you’re giving up. Disable remote access when not needed.
- Use strong passwords: This cannot be emphasised enough. Use strong and unique passwords for your accounts and devices, and update them on a regular basis—ideally every three months. Never use the same password for multiple accounts.
- Familiarise yourself with the proper office procedures: Question any emails requesting actions that seem unusual or aren’t following normal procedures. In fact, don’t reply to emails that seem suspicious. Obtain the sender’s address from the corporate address book and ask them about the message.
[1] The evolution of ransomware (FY16 Q2)
[2] ISTR Vol. 20 – Key Messages
[3] NCSIR
[4] NSCIR
[5] ISTR Vol. 20
[6]http://www.symantec.com/connect/blogs/business-email-compromise-campaigns-continue-targeting-c-level-employees-despite-warnings
[7] ISTR Vol. 20 – Press Release