|
|
 |
|
New threats to internet security and efforts to defraud users are emerging all the time. The IIA includes information on the more significant threats here and includes advice on how to address them or where to obtain additional assistance.
NOTE: To get to some interesting links and also publications on this page
Scroll down this page.
Beijing Olympics
There is the saying - 'if it looks too good to be true - then it wont be.'
There are many lessons to be learned from the ticket scam but two should be obvious.
1. Always deal with official ticket sellers - check the credentials.
2. Use safe forms of payment.
Another saying is that 'crime will always follow the money.'
Spam survey
I am still receiving SPAM at a rate of about 75 pieces a day - most trapped in my SPAM filter.
I have two addresses on this website designed to be a 'Spam Honey Pot' so I can see what is about.
Apart from the usual offers two new ones have surfaced - a message puporting to come from JB Hi-Fi saying my voucher is pending and one purporting to come from the retail store Myer with the title Gift Voucher.
Very cleaver.
AusCERT Home Users Survey
A survey of home users undertaken by AusCERT has revealed:
11% and 8% never update their operating system and anti-virus software respectively
30% clicked on links in spam email
23% had confirmed malware infections and of these, 14% took no action to fix the problem
Of the 36% of respondents with home WiFi networks, 9% do not secure them
68% are 'confident' or 'very confident' in managing their own computer's security
92% thought their ISP should inform their customers if they received information indicating their
customers' computers were infected and 61% were in favour of their ISP restricting their access via a 'walled garden' until their computer was fixed
46% of respondents incorrectly believed that if a web site has SSL protection that data exchanged between the web site and a user's computer cannot be seen or modified by a hacker.
To obtain a PDF of the whole report, go to the AusCERT site by clicking HERE
Whaling attacks on executives
A report that hackers are targeting executives of major corporations and using 'social engineering' to steal sensitive corporate information is a warning to all.
Thousands of powerful US executives have received bogus emails that contain links which, if clicked on, install software letting hackers take control of computers and swipe passwords or other sensitive data. The emails purport to include information about a subponea. Internet security insiders refer to the attacks as "whaling" because they use social-engineering trickery involved in "phishing" but target individual "big phish" instead of casting nets in a sea of Internet users.
The emails are crafted with the seal of the US federal court in San Diego, California, and are addressed to executives using their names, addresses and other individual details.
always think carefully about an unexpected email specially onces purporting to come from government like this. Governments, like banks, don't do business by email!
Bank scams
Banks and other financial institutions never ask for confirmation of account details via email.
These are criminal scams.
Dont even reply to these emails in anger as this will confirm you email details.
Delete immediately.
Over 75000 Australian computers in danger of being an accomplice in fraud.
It has been estimated that at at the end of February over 76 000 locally hosted computers were compromised and active in Australia according to online identity and fraud protection firm, ThreatMETRIX.
According to ThreatMETRIX these Australian infected PCs and Websites are valuable to gangs in Brazil and Eastern Europe because they can be used to fool banks and online merchants into thinking that the transaction came from a legitimate location.
The company also suggests that the total compromised is much larger than this, but the majority lay dormant until signaled by Command and Control hosts to steal your passwords or carry out a fraudulent credit card transaction on behalf of crime gangs on the other side of the world.
The message is quite simple - be cautious about online activities and ensure that your systems are protected.
Fraud Fortnight
Fraud Fortnight (held from 24 February to 8 March)aimed to raise awareness about deceptive and seductive scams.
Scams are designed to trick you into giving away your money or your personal details. Scams can come in many forms; mail, email, telephone, over the Internet and door to door.
To find out more about scams and to report scams visit http://www.scamwatch.gov.au or call SCAMwatch on 1300 795 995.
Also visit the IIA Security Portal Scam Page at: http://www.security.iia.net.au/australian_resources/security_issues/scams.html
 
 requires Adobe Acrobat Reader [Download and install Acrobat]
|
|
text-only site
