Stay Smart Online Week, 8 to 14 October

Tsunamis do not only do massive damage in the real world; there are tsunamis of cybercrime happening in the virtual one. Stay Smart Online Week, 8 to 14 October helps make Australians aware of the issues.

Stay Smart Online Week (website here), 8 to 14 October is an initiative of the Australian Cyber Security Centre (ACSC). It involves a community of more than 80,000 individuals and organisations, all committed to sharing online safety information. It has a sign-up alert service to tell you about the latest scams.

These include:

• Fake apps pretending to be trusted brands These look kosher and if you use the app to buy something you can have your credit card details stolen and even pick up malware along the way.
• Fake ATO emails offering unusual payment methods gift cards (like iTunes cards), Bitcoin, pre-paid Visa cards or transfers into bank accounts not held by the Reserve Bank.
• Australian e-stores infected with card stealing malware. E-commerce stores may have with payment skimming malicious software (malware) – called Magentocore.net – which can intercept customers’ payment information and send it to cybercriminals.
• Your computer has a virus telephone support calls. Remote access scams’ from scammers claiming to be Telstra, NBN, Microsoft and even the police. Once they have access to the victim’s computer, they use the victim’s bank account to transfer money.

And many more including Facebook, Bitcoin, Australia Post and socially engineers ones to distribute malware and ransomware.

What you need to do to protect yourself.

First, remember you may have several ‘front-doors’ and if anyone is unlocked cybercriminals can get in.

These include

• Your PC (does not matter if its Windows, Mac or Linux)
• Your tablet (Android, Windows or iPad)
• A music playback device
• Gaming console or PC
• Your smartphone (iOS or Android)
• Apps and programs that run on the above
• Your router to the internet
• UPnP devices like network attached storage or security cameras that can be accessed remotely
• Your home network including smart speakers, IoT devices (front door bells, smart TVs, printers, and all smart home devices)
• Your work devices (especially if you log in with the same credentials as home)

Each device needs a different password, third-party protection (Internet security suites), router protection like deep packet inspection devices (Fing Box or Trend Internet Security) and privacy settings locked-down.

ACSC has an excellent free guide to protecting yourself here. It also has a small business guide here.