A significant increase in suspected internet connection scams has occurred as of late, with NBN Co. receiving over 100 calls a day from members of the public about such scams. NBN Co. is currently in the process of rolling out the $50 billion network.
Calls to NBN’s contact centre have reached 9500 over the last three months, representing a significant increase from 6700 between October 2018 and March 2019. This comes as a sizable portion of the network is being completed ahead of the 2020 ETA. Driving awareness to combat these attacks, NBN Co’s chief security officer addressed the cause for concern by having this to say: “As we close in on the end of the network build, scammers are increasing their efforts to take advantage of the NBN brand as a way to steal people’s personal or financial details and using increasingly sophisticated ways to convince people of their legitimacy”.
What You Need to Know
NBN Co will never make unsolicited calls to seek access to your computer, threaten disconnection, or request personal details
This public awareness campaign will involve NBN Co’s community engagement team, hosting a series of information sessions to help Australians discern, avoid and report scammers. The ACCC has previously warned of social engineering attacks where scammers impersonate NBN Co in calls offering to connect them to the NBN for a low price. In some of these cases, impersonators have tricked users into giving remote access to their computers so that they could steal personal information, install malware and demand payment to fix alleged problems. If you run into someone calling you about the NBN remember this: “As NBN Co is a wholesaler, we will never contact residents or businesses to sell phone or internet services”.
Moreover, NBN Co will never make unsolicited calls or door knock for the purposes of seeking access to a person’s computer, threaten them with disconnection, or request personal details. Despite increasing public awareness, Australians are expected to lose a record amount to scams this year, with the ACCC estimating that projected losses for 2019 will surpass $500 million (an unprecedented figure).”Many people are confident they would never fall for a scam but often it’s this sense of confidence that scammers target,” the ACCC Deputy Chair Delia Rickard states. “People need to update their idea of what a scam is so that we are less vulnerable.”
The ACCC reports that investment scams were among the most sophisticated and convincing, with nearly half of the reported cases this year resulting in financial loss. Particularly, cryptocurrency investment scams are a serious cause for concern, with net losses reaching almost $15 million between January and July this year. This represents a significant increase from $6.1 million lost to the same type of scams last year.
You can report any suspected scams you come across here.
4g Failovers for Network Reliability IT Support Brisbane
When is Network Reliability Important?
For many businesses it is highly important that their internet connection remains online with as few interruptions as possible. These businesses include those who perform most of their business activities online and where these activities must be performed in a timely manner. These are not the only businesses who may require reliability, and if you are wondering whether your business is one of these, simply ask yourself the following question. Are you often frustrated with internet outages and do they impact your work? If so, yours is indeed one of these businesses.
Such network reliability depends on reliable hardware (such as routers) as well as internet connections and service providers. Unfortunately, all service providers have the occasional outage, but luckily network hardware can be used to ‘hedge your bets’ as it were. Using a router with Failover capabilities can improve the availability of your business’s network connection.
High Availability Network Setup
A WAN failover (sometimes termed a 4g failover) is suitable for use when a business has one or more networks which require as little interruption as possible. This feature is available with Network Setup from Key Technologies.
A business may have both a primary and secondary internet connection. This generally uses one traditional copper line or NBN service and a secondary 3g or 4g dongle as a failover, though just about any second internet connection can be used. This secondary (failover) connection comes into use when the first goes down. For example, a business could have a prepaid 4g modem with no ongoing costs plugged into the router on standby mode. Thus, if the primary link goes down the router is triggered to bring up the backup connection. This can take up to 10 seconds, so there may be a brief interruption, but far less than what could alternatively occur. If you would like even less downtime than this, then you may want to ask us about WAN load-balancing routers.
Additionally, with Multi-WAN routers, you can choose when you want to activate the backup or failover service. An example of these options is shown below. You may failover when either:
Any selected WANs are disconnected.
All WAN’s selected are disconnected.
Need Help Setting Up a Reliable Network
Our IT support staff are able to set up networks with high availability, integrity and confidentiality.
Keeping your phone safe online
IT support Brisbane
A vast abundance of information can be found on our phones. Specifically, they hold an inordinate amount of information about ourselves and the way we live our lives. From banking information, location data, eating and shopping habits, correspondence and, with the emergence of smartwear, even our heart rates are accessible on our phones. Some have even compared them to houses based on the detailed information they contain about us. A 2002 study actually found that when people were shown the rooms of other people who they had never met, they could accurately guess the personality traits of that person (all except neuroticism at least).
It begs the question of what a person may figure out about us if they were given access to our phones. For many of us the thought of this may be as scary, if not more so, than that of a stranger seeing the insides of our houses. This is somewhat unsurprising, based on the seemingly endless slew of news headlines highlighting the prevalence of cybercriminals taking peoples’ private information from phones, computers and cloud storage. It is a pretty clear message really, BE SCARED OF WHAT YOUR PHONE COULD DO, but maybe it should be about what your phone could be made to do. Afterall, smartphone safety would probably be a pretty confusing phrase in a world without hackers. This begs the question, how do you make sure your phone isn’t being made to do something you don’t want it to do?
Well firstly, you’ll never be able to make ‘sure’ of this. Any type of computer is made to be somehow accessible, and people are bound to misuse that access in some way. It’s like driving a car, or owning a house; sometimes cars crash, even when driven by the best drivers, and sometimes houses get broken into, despite having good security. Likewise, there is always a small possibility that your phone will be hacked, or data will be stolen. The trick is to minimise that likelihood, and if a piece of information is too sensitive, don’t keep it on your phone. Luckily, our IT support team have provided some pointers on how to keep your phone safe online. The following 5 pointers could save you a lot of trouble down the road, enjoy:
Smartphone Safety Tips from KeyTech IT Support Brisbane
Adjust your privacy and security settings, or at the very least look at and try to remember them. These settings control what “permisions” apps have on your phone, and what information they have access to. Think of this like the doors inside your house, if you have someone inside like a tradie doing renovations, you’re likely to close any doors that lead into rooms you don’t trust them in. You would, however, leave open the doors they need open in order to complete the work you want them to do.
Set your apps to update over Wi-Fi automatically. Apps that are not up to date become more of a risk, the longer they are not updated. Yes, we all get fed up with updates from time to time, but many times app developers will update their app when a security vulnerability is found so that people on the latest version are safe. There is no protection for old versions of software. It’s like changing your locks if your keys and wallet get lost or stolen. You wouldn’t feel safe if someone out there knew where you lived and how to get in, and it really should not be any different with a smartphone.
Whenever the app or service allows it, try to use 2 factor or multi-factor authentication. Basically, this stops people getting into your account by having them enter a code that displays on your phone or having a notification show up on your phone that asks you to verify the log in request. On mobile apps, it is more likely that the verification will be a text message with a code you can then enter into the app. Thus verifying that your it is your phone (or a phone with your phone number) signing in. This is like having a lock and an alarm with a code at the entrance to your house. You not only have to know something (the password or alarm), you need to have something (the key or phone) in order to gain access, and those notifications to verify requests, like alarms, can tip you off that your password could be at risk.
Fun fact, other multi-factor authentication systems can actually go further than this. Some using such features as the pattern of your iris (the colored part of the eye) or facial structure to add a further step of verification. Thus, to access the account, you’d have to know something, have something and be something, making security breaches highly unlikely.
All of our online apps and accounts require passwords, but we all forget these from time to time. We’ve all had to reset a password, generally by sending a link to our email. Just make sure you use a strong password for this email. It should be unique (different from your other passwords), seemingly random (not using easily guessable components like your place of birth, birthday, favourite pet or another well known personal detail), and relatively long (although it is just as good to make it more random and involving special characters, as long as it has around 10 characters minimum).
We’re all human, and naturally we have fallible memories. So if you want to avoid constantly having to reset passwords (and if you’re like me, realising what the old password was because that’s what you tried to set the new one as), using a password manager might be for you. Do bare in mind however that your password manager holds the proverbial “keys to the kingdom” and should be protected accordingly. That means, a long seemingly random password, and 2 factor authentication are good ideas for this. One helpful password manager service that allows 2 factor authentication and helps you create a strong password is called LastPass. I would reccomend it to those who have trouble remembering all their passwords.
Protect yourself and your business from Ransomware
In large companies, there’s usually an IT or cybersecurity department that advises them on what technology and software to install, how to maintain it, and what the best practices are for preventing vulnerability to threats such as cybercrime. However, if you’re a small business, you may not have a dedicated IT department or cybersecurity analyst to take on such a role. In a number of small businesses the proprieter is the resident IT guy (or girl), as well as CEO, treasuser, marketer and so on…
With this in mind, it’s not surprising that cybersecurity operations to prevent such attacks as ransomware commonly get put on the backburner or “later pile”. In today’s world however, this is quite a serious threat to ignore. As such this article outlines some basic steps you can take to reduce the threat posed to your organisation.
In 2016-17 there were 47,000 cybersecurity incidents in Australia. This figure was up 15% from the previous year according to the Australian Federal Government’s Cybersecurity Centre, and it gets even more grim. Cybercrime is expected to continue to rise and predicted to cost in excess of US$6 trillion annualy worldwide (Cybersecurity Ventures, 2017).
It is estimated there will be a ransomware attack on businesses every 14 seconds by the end of 2019, up from every 40 seconds in 2016 (Cybersecurity Ventures, 2019). Ransomware is among the most prevalent cybercrime threats in Australia and generally starts with a spear phishing attack (KnowBe4, 2019). An example of spear phishing is when attackers target a person, generally an unsuspecting employee with a malicious email that when opened or when a link is clicked, allows the attacker to infect the businesses network. This may freeze all operations and render vulnerable devices unusable except for correspondence with the attacker for ransom.
In a recent case, when the owner and manager of a small group of pharmacies in Western Sydney was away on holiday’s, an employee opened an email and clicked an innocent looking link. With that single mouse click, the ransomware was deployed on the company network causing the computers to freeze. Given that this was a pharmacy, company employees couldn’t access medical or pharmaceutical information to determine the needs of their customers, nor could they enter prescription details. In fact, they weren’t even able to access information on medications that emplyees often had to look up to convey accurate information to their customers. Add to this that no electronic payments could be processed, and it is clear that it was a very costly mouse click.
The pharmacist returned from vacation and was met with pandemonium. The only working program (apart from ransomware) was email, and it displayed an ominous message demanding thousands of dollars worth of cryptocurrency to restore all data and systems. The pharmacist called his IT support service for assistance, but sadly their was nothing they could do. Their advice was to pay up and hope the attack does what they say they will.
Ransomware attacks are devastating and can cause severe damage to the finances and reputations of affected businesses. Luckily, there are some steps you can take to protect your business from attacks of this type.
The positive spin on this is that people who were diligent with their software updates weren’t infected. A good way for businesses to stay on top of this is to configure computers to install software updates as they become available. This can even be enforced for PCs on a domain or Network with a Group Policy Object or Network Access Control.
Install Antivirus Software
Antivirus software is invaluable and absolutely necessary for preventing attacks such as ransomware. As long as it is kept up to date, it can detect and prevent known malware from infecting your computers. That being said, don’t start thinking antivirus can stop everything. They are helpful, but not magic. They can prevent malware that matches malware definitions in their databases. To put it simply, it won’t stop what it hasn’t seen before. For this reason, you should do more than just install antivirus software.
Back up your files
This is possibly the best defence specifically for ransomware. Ransomware attacks only work if the target doesn’t properly back up their files. Nobody is going to pay a steep ransom to avoid the minor annoyance of having to restore their systems from recent backups. Thus if you back up your data properly and securely, cybercriminals can’t hold it for ransom effectively.
For security, consider backing up your files on a drive that is not connected to the main business network, or on a secure cloud storage solution. It’s best to have multiple backups in separate locations, to minimize the risk of data loss; even from other threats like hard drive failures and natural disasters.
Outline and prepare your reporting process
Under new laws that came into effect in February, the Australian government now requires all businesses with a turnover of over $3 million to report any and all data breaches that would seriously harm people. The notifiable data breach legislation means business businesses can potentially face multi-million dollar fines for failing to report hacking attacks and breaches of private data. Hence, you should read up on the Legislation and have a plan in place for reporting data breaches and attacks.
Be suspicious of unsolicited emails
Be very cautious of any unsolicited emails, popup windows and dubious websites that could potentially carry malware. To manage these risks, you can install a site security rating addon for firefox and an email client that blocks remote content by default. Neither of these tools will be able to help you, however, if you click on a link that you do not trust. Whether it be in an email, a website, just don’t click it, and train your employees to do the same.
Keep up to date with the cybersecurity threat landscape
Not everyone has the time to become a cybersecurity guru, but you can keep an eye out and pay special attention when you hear about the next cubersecurity threat. Keep an eye on news about cybersecurity threats so that you can avoid being a victim of new attacks and other emerging threats.
Consider cyber insurance
While it may be best to avoid a ransomware attack altogether, even well prepared companies can fall prey as cybercriminals develop new attacks and strategies. Inthe event that a cybersecurity incident occurs, a cyber insurance policy can help you mitigate the impact on your business. Cyber insurance can cover the loss of profit due to a cyber incident and the costs associated with recovering. Not only can it reimburse you for the payment of a ransom or costs of negotiating with those making an extortion threat – it can also cover the financial consequences of losing a customer, employee or commercially sensitive data (such as that required to be reported under the Federal Government’s new NDB scheme).