Cybersecurity Awareness
Every October is observed as Cybersecurity awareness month. Awareness helps to protect digital assets in cyberspace. Today we use computers or smartphones for many activities. So it is very important for employees of every organisation to stay aware. Now the question is what is Cybersecurity awareness?
Today many organisations, government and private, both face cyber attacks.Civilians also fall prey to CyberSecurity awareness means becoming aware of all the attacks or threats while performing cyber activities. Cyber offenders/criminals means a person is executing a cyber attack. Victim is the person who falls for the cyber attack.Cyber offenders are always finding new ways to exploit defence tools,mechanisms. To bring down cyber crime it is important to increase cybersecurity awareness programs. Such programs should be often conducted for organisation employees, teens,college students,senior citizens.
For organisational employees role based training is the best way to create awareness. Organisations should allocate budget and resources for training programs. They should be given personalised training materials and training sessions should be planned in advance. Learning objectives and outcomes should be defined prior. Training materials must have scenarios which employees might face in real time. Adding simulations to training materials helps in increasing logic of the employees. Along with the awareness programs an email with Cybersecurity tips should be sent to all employees. Employees should be given training for both physical and logical security. CISA and Infosec create many free training kits for the same. When employees face a cyber incident they should be prepared for it and give appropriate responses. They should be able to prevent attacks as there is a saying ”prevention is better than cure”. Employees must use cyber security practices for professional and personal use as nowadays work from home culture is emerging.
Few examples of CyberAttack
Earlier I had mentioned that teens, college students and senior citizens are the soft targets of the attackers. In such cases victims suffer emotional and financial loss. Students and teens fall prey to dating, online gaming scams, scholarship and grants scams. These scams begin with mail or phone calls. They give lucrative offers to them and tell them to do money transfers to fake accounts setup by them. Once the money transfer is done attackers block all the contact details such as phone numbers, mail ids and stop responding. Some attackers call again and again with such offers to get more money.
Most of the teens and students create social media accounts to get dates or increase their followers. First step attackers take is social engineering to gather all information of the victims. Then attackers create fake accounts of girls/boys and use display pics from different google or other social media accounts. They chat with boys/girls and make them fall in love. They indulge in sex chats or video calls with edited videos and then blackmail victims by showing screenshots of the chats. They give threats that they will share chats or call recordings with parents or relatives of the victims if they don’t pay the money. Some lonely middle- aged persons also become victims of such attacks. Senior citizens are victims of fake holiday scams.
Many women receive fake threat calls. Attackers threaten them to post their porn videos, nude images on websites if they don’t pay money. Many women are afraid of sharing such incidents to their nearest ones or filing a complaint. This is where attackers get advantage and money. It is very important for women to come out and speak with the nearest one or file a complaint.
Businessmen are also victims of cyberattacks. They are given offers of earning a lot of money through import export or other such business. Attacker poses as an abroad investor. They call the businessman and show their willingness to invest a high amount of money into their business. They create a fake situation and attackers ask them for money in the name of government taxes as a bond of trust. This is how businessmen are deceived. Wholesale and retail shopkeepers are cheated through fake e-commerce websites or QR code scams. Military man scam is popular for e-commerce sites. When a user posts items for sale, he will get a call from a scamster posing as a military person willing to buy the item immediately for a higher price than posted. They send their own account QR codes for payment and tell you to enter your UPI pin. Once a victim enters his pin, money from his account is debited and it is credited to the attacker’s account.
Some attackers choose important events to execute their attack. IPL is the biggest event going on in India. Large number of users are active on online betting apps. Attackers create fake websites or apps for online betting. Below are the few examples:
onlin-24-shop.de | onlin-24.no | onlin-alerts.com | onlin-apotheke.com | onlin-auction.com | onlin-bank.ru | onlin-banking.com | onlin-bankofamerica.com | onlin-biz.ru | onlin-biznes.ru | onlin-bk.com | onlin-bk.net | onlin-blackjack.com | onlin-busines.ru | onlin-business.ru | onlin-casino-slot.com | onlin-c
onlin-24-shop.de | onlin-24.no | onlin-alerts.com | onlin-apotheke.com | onlin-auction.com | onlin-bank.ru | onlin-banking.com | onlin-bankofamerica.com | onlin-biz.ru | onlin-biznes.ru | onlin-bk.com | onlin-bk.net | onlin-blackjack.com | onlin-busines.ru | onlin-business.ru | onlin-casino-slot.com | onlin-casino.com | onlin-casino.de | onlin-casino.info | onlin-casino.ru |
Attacker could not get the original domain name and that’s why they chose the above names. Spelling of the word online everywhere is wrong in the above list.
Attacker also creates a fake payment gateway with logos of popular banks. Victim ends up paying money to the attacker and not the website. Please note that these websites are already down.
Voice cloning is used nowadays to execute a cyber attack. Attackers use voice changers and call the victim posing as his/her relative from a different number.. They will say that I am at the furniture shop and purchasing table and please transfer rs 50000/- to this mobile number.
Victim is deceived because of the voice of his/her relative and ends up paying money.
Preventive Tips
Many financial institutes are running cybersecurity awareness campaigns to prevent crimes. Advertisement campaigns of the Reserve bank of India are impressive. Many Cybersecurity professionals and organisations are engaged in awareness activities. Most of the attackers are victorious because of the emotional defeat of the victim. They take advantage of lust, loneliness, jealousy, greed, fear. A strong person with emotional balance and prevention knowledge will not fall for cyber attacks. Below are few tips to prevent cyber attacks for all:
1. Never share credit/debit card CVV, OTP, net banking id and passwords with anyone.
2. Use strong passwords.
3.Use antivirus and remove malwares, adwares by periodic scanning.
4. Keep bluetooth,NFC, wifi, mobile internet off when not needed.
5. Avoid using public networks.
6. Read and remember tips given on the websites of financial institutes.
All of us let’s take a pledge to stay alert and prevent prevent from falling to cyber attack. Let us also pledge to increase awareness against cyber crime amongst everyone.