Subterms
Adrian Kingsley-Hughes/ZDNET It only takes a second to be hacked or leak important data. Drop an unencrypted flash drive (here’s an easy-to-use encrypted drive) or plug into the wrong outlet or click on a phishing link in a spam email and you could be in a world of trouble and not even know it. Also: Flipper […] More
Singapore will soon tag SMS messages sent from organisations that are not registered with the local ID registry as spam. The move is the latest in a series of measures the country has rolled out to combat online scams. Starting January 31, all businesses not on the Singapore SMS Sender ID Registry (SSIR) will have their messages labelled as “Likely-SCAM”, according to industry regulator Infocomm Media Development Authority (IMDA). Registering with the SSIR will enable organisations to use alphanumeric Sender IDs when they push out SMS messages to customers. The mandate would better safeguard consumers against potential scams as well as facilitate tracking when scam messages were sent to local mobile users, the Singapore regulator said. Scam cases initiated via SMS accounted for some 8% of scam reports in the second quarter of last year, compared to 10% in 2021. Since the registry was set up last March, the number of SMS scams had dipped by 64% between fourth-quarter 2021 and second-quarter 2022, IMDA said. More than 1,200 companies currently are on the SSIR, including financial institutions, e-commerce operators, logistics services providers, and small and midsize businesses (SMBs). These business entities have more than 2,600 SMS Sender IDs between them.Under IMDA’s directive, businesses must use only SMS services providers or aggregators licensed by the regulator and that are participating in the SSIR. Businesses should give themselves sufficient time to sign up for the registry before the Likely-SCAM tag kicks in on January 31, said IMDA, which is also exploring further measures such as giving mobile users the option not to receive international SMS messages or calls.The Singapore government over the past year had urged the need for shared responsibility in preventing online scams, following a massive phishing scam involving OCBC Bank customers that resulted in losses totalling SG$13.7 million ($10.18 million). Several measures also were introduced to beef up local banking and communications infrastructures, including a “kill switch” banks must provide to enable customers to suspend their accounts in a suspected breach.RELATED COVERAGE More
Image: Getty/Jamie Grill Cyber criminals are actively exploiting remote management software to aid phishing scams and steal money from victims, a joint advisory by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has warned. The warning comes following the discovery of an email phishing campaign that tricks victims into downloading […] More
The process shouldn’t take more than a couple of minutes.Now that you’re done, make sure to store your keys in separate places (I have one in use and another as backup, but you might want one for home and another for the office, or whatever works for you).Don’t keep both in the same place — such as on the same keyring. That way if you lose one, you’ll lose both. More
Image: Maskot / Getty Developers across government and industry should commit to using memory safe languages for new products and tools, and identify the most critical libraries and packages to shift to memory safe languages, according to a study from Consumer Reports. The US nonprofit, which is known for testing consumer products, asked what steps […] More
Image: Apple Apple has once again released a patch for a likely critical flaw affecting the iPhone 5s, iPhone 6, and older iPads — models for which it rarely provides security. Along with patches in iOS 16.3 and macOS Ventura this week, Apple released a rare patch in the iOS 12.5.7 update to […] More
An Australian man has been sentenced to jail for more than two years over an SMS phishing scam, during which he stole AU$100,000 ($69,751) and targeted 450 victims. The Sydney Local Court found the man guilty of various cybercrime offences, including obtaining and supplying data with intent to commit a computer offence. He was sentenced to two years and eight months’ imprisonment, said the Australian Federal Police (AFP), which gathered evidence from website registrations suspected of being used to facilitate the phishing scams.It noted that these sites were used to target customers of local telecommunications providers and financial institutions. Phishing activities were believed to have begun in 2018, when victims were lured into entering their personal data on the fraudulent websites. The information then was used to access the victims’ phone and bank accounts and create new accounts. Investigations into the crime kicked off in September 2021, with the AFP working alongside the NSW Police Cybercrime Squad to execute a search warrant at the man’s home in November. SIM cards, bank cards, electronic devices, mobile phones, and storage devices were amongst items seized from his home.AFP said they were able to link the man to more than AU$100,000 stolen from the accounts of 39 people. He was arrested on November 24, 2021. The police also worked with Commonwealth Bank of Australia, National Australia Bank, and local telco Telstra to identify victims who provided their personal details to the phishing sites. Additional security protocols were implemented to prevent further funds from being stolen from these account holders, which AFP said stopped further theft of another 16,147 Australians.AFP’s spokesperson Chris Goldsmid said: “Scammers will use any tools they can to exploit people for their own profit. The internet and other new technologies provide opportunities to remotely access potential victims. We encourage Australians to protect themselves against phishing scams by carefully reviewing emails or SMS messages before clicking on any links.”The Singapore government last year also urged the need for shared responsibility, after a massive phishing scam involving 790 customers of OCBC Bank resulted in losses totalling SG$13.7 million ($10.18 million). The Consumers Association of Singapore (CASE) this past week issued two alerts via its Facebook page, including one yesterday, to warn consumers of phishing email claiming to be its officers and directing recipients to fraudulent websites for monetary compensation. Targeted victims were given fake ticket numbers of disputes or claims and asked to click on a chat icon to access the phishing sites to receive updates or money. CASE said its IT systems and database were secured and had not been compromised. It added that the police had been notified of the scams. Following OCBC’s phishing incident, Singapore banks rolled out a “kill switch” as part of security measures the government mandated to safeguard against future scams. Consumers also were urged to access their accounts via mobile banking apps, instead of web browsers, to minimise risks. RELATED COVERAGE More
Shutterstock Way back on Android 8, Google introduced a protected folder in the Files application that password protects access to any files within. That protected folder is called Safe folder and it’s built-in and free to use. If you’re uncertain as to why you might need to use such a file, consider this: You have […] More
