Create, connect and share respect – Safer Internet Day 2019

Create, connect and share respect – Safer Internet Day 2019

Safer Internet Day 2019

On Tuesday, 5 February 2019 we are celebrating Safer Internet Day!

Safer Internet Day is an opportunity to raise awareness about the safe and positive use of digital technology, and to explore the role we can all play in creating a better and safer internet in
our community.

Coordinated by the Office of the eSafety Commissioner in Australia and celebrated in over 130 countries, this year’s Safer Internet Day theme is: ‘Together for a better internet’.

We are encouraging all Australians to collaborate with their communities and support each other in developing the critical skills required to successfully navigate the online world.

These skills take time to develop but they can help us in all areas of life — online and off. We like
to call them the 4Rs…

  • Respect – I treat myself and others the way I like to be treated
  • Responsibility – I am accountable for my actions and I take a stand when I feel something is wrong
  • Reasoning – I question what is real
  • Resilience – I get back up from tough situations

CyberGuru is supporting Safer Internet Day by posting on blog articles about cyber safety and security and we encourage you to join in!

Help spread the word and raise awareness about the importance of a safer and more positive internet — you can participate in, run your own Safer Internet Day activity or simply start
a conversation in your community about the 4Rs and how you can come ‘Together for a better internet’.

To see what others are doing to promote Safer Internet Day or to find out how you can get involved, visit http://esafety.gov.au/saferinternetday/

“Collection #1” Data breach lists 773 million accounts online

“Collection #1” Data breach lists 773 million accounts online

Collection #1

Barely a day goes by without news of another data breach or new security issue. But late last week security researcher Troy Hunt announced the discovery of what is possibly the largest data breach ever. Known as Collection#1, the data breach contains approximately 773 million accounts online from multiple sources.

Collection #1 is a large collection of email addresses and passwords which was made available on a public hacking forum. It appears to consist of multiple breaches across several websites.

Since the original announcement by Hunt, it is further now understood Collection#1 is just one of seven collections, so it is likely that the number of breached accounts is likely to increase dramatically when the remaining collections become public.

The recommendations made are always:

  • Set strong passwords and don’t use the same passwords on multiple websites.
  • Change passwords where you may have used the same username and password.
  • Set up multi-factor authentication on your accounts to ensure that you require a secure code as well as your password.

We strongly suggest everyone review their accounts on the Have I Been Pawned? website (link opens in new window) to see if you have any vulnerable accounts. You can also check your password to see if it on any known exposure.

If we can be of any assistance to you in implementing these recommendations, or would like any further advice on cyber security, please let us know.

Ask CyberGuru: What is the difference between Windows 10 Pro and Windows 10 Home?

Ask CyberGuru: What is the difference between Windows 10 Pro and Windows 10 Home?

Ask CyberGuru

CyberGuru is asked, “I am looking a new computer and the different options. I was wondering what the difference is between Windows 10 Pro and Windows 10 Home?”

Generally, Windows 10 Pro devices are designed for business use whereas Windows 10 Home is for personal use. This means that Pro devices often have higher specifications than Home devices.

Oftentimes, Windows 10 Pro devices are used for PC-based servers or advanced needs as they allow for. Windows 10 Pro allows for you to set up Remote Desktop to connect to your computer remotely BitLocker disk encryption, the ability to connect to a domain and Client Hyper-V, allowing you to run “virtual machines” on your computer.

Depending on your set up and requirements, you may not require these functions, or you may already have alternatives in place, so you can use Windows 10 Home. If you already have or decide to buy a device with Windows 10 Home, you can generally upgrade to Windows 10 Pro should your needs change in the future.

For more details on the features and differences, please visit the Compare Windows 10 editions page.

If you have any questions we can answer for you, please contact us.

Ask CyberGuru: Have I been hacked?

Ask CyberGuru: Have I been hacked?

Ask CyberGuru

In this month’s Ask CyberGuru, we are asked: “I received an email advising that my email account has been hacked and a RAT installed on my computer. Further, it says I have been filmed using my webcam and personal information has been downloaded and will be shared on my social networks if I don’t pay the ransom in crypto-currency. Is this true?”.

There has been a series of emails doing the rounds recently advising that “RAT” (remote access technology) software has been installed onto your computer, threats of a personal nature are made and advised that this software will be made available to your social media if you don’t pay via crypto currency. Along with this, in some cases, the information include may include a password that you may have used.

This type of scam is the current flavour of the month and we have heard of several forms of this scam. One of the reasons these emails have particularly spooked clients is that the emails often contain threats of character assassination such as releasing “video” of the recipient watching adult content to their friends and family on social media, irrespective of whether they have done so or not.

Whilst this email seems threatening and intimidating, generally this email is an attempt to blackmail the recipient into paying money to the scammer. Oftentimes, the password may have been made public through a previously compromised website, and these passwords are often what makes this email more concerning.

If you suspect you may have been compromised in any way, protect yourself by:

  1. Changing all passwords on accounts with the password if displayed or not. Please check the “Have I been Pwned?” website (link opens in new window) to identify if your email account has been listed as being compromised in a data breach. If so, make sure you change any passwords immediately. As the email address and password is known, leaving these changes may cause issues in the future.
  2. Performing a full antivirus scan of your computer using a reputable internet security program. Further, please ensure you use secure (HTTPS) websites only to ensure your information is encrypted and remains safe. Always use internet security software on your computers and devices when online.
  3. Deleting the email and do not respond in any way to the hacker, and most certainly do not pay the ransom. Be wary of emails requesting you click to open a website or to access an important file. Do not take any action on the email.

If you are concerned you may have been or are compromised in any way, please contact CyberGuru for further advice. If you believe you have been the victim of identity theft or any information has been leaked, we strongly recommend that you seek immediate assistance.

Who’s reading your email?

Who’s reading your email?

Google Gmail

Recently in the news there has been concern over whether Google is doing enough to keep your email secure. Concern has arisen over the access third-party developers and apps have to your Google account. There are many apps which link to your Google account. During the installation process you set the level of access you’re prepared to give the app. If during the installation of any of these apps you’ve been asked for access to your email, and you’ve agreed to this your email may have been read.

So what does it mean to read an email? In giving an app access to your email it is highly unlikely that people envisage another human physically reading through the contents of their emails and viewing their private email conversations. But this is exactly what you are agreeing to. This is not to say all apps will do so, but they have permission to and may do so at some point. The people with permission to read your email are not Google employees, but third parties such as developers entrusted by Google (and yourself).

Google claims to vet developers and their apps via a stringent, multi-step process. But as Facebook can attest to, once a third party has access to your data it’s difficult to control how they use it. This is not the first time concerns have been raised over Google’s commitment to privacy, with the discovery last year that the Google Home Mini was inadvertently spying on users due to a hardware flaw.

As a safety precaution we advise against giving third-party apps permission to read your email. If you’re concerned you may have given a third-party app access to read your email, you can check using Google Security Checkup (link opens in new window) and make adjustments if necessary.

If CyberGuru can assist in any way, please let us know.