Category: In the News

Cyber security news that is worth mentioning, highlighting, and discussing.

Tips and Strategies for Staying Safe Against Scams

In recent years, scams have become increasingly prevalent, with scammers using a variety of tactics to trick people into giving them money or personal information. Some common scams include phishing emails and text messages, fake online advertisements, and phone scams.

Types of Scams

Phishing scams involve sending fake emails or text messages that appear to be from a legitimate source, such as a bank or government agency, in order to trick the recipient into giving out personal information or money. These scams often use urgent language and threats, such as claiming that the recipient's account has been compromised and that they need to provide personal information to fix it.

Fake online advertisements, also known as "clickbait," often promise a free product or service, such as a gift card or a chance to win a prize, in order to trick people into clicking on a link and providing personal information. These ads are often found on social media platforms or in pop-up ads on websites.

Phone scams involve unsolicited phone calls from someone claiming to be from a government agency or a business, such as a utility company, in order to trick the recipient into giving out personal information or money. These scammers often use tactics such as threatening arrest or disconnection of services if the scammer's demands are not met.

These are just a few examples of the many types of scams that are currently circulating. It's important to stay vigilant and to be wary of unsolicited messages or phone calls, especially those that ask for personal or financial information.

The top 10 scams for the first half of 2022 were:

  • Job
  • Phishing
  • E-commerce
  • Investment
  • Social media impersonation
  • Fake friend call
  • Loan
  • Internet love
  • Credit for sex
  • Fake gambling platforms

Protect Yourself

Here are some tips for protecting yourself against scams:

  1. Be wary of unsolicited phone calls, emails, or text messages, especially those that ask for personal or financial information.
  2. Don't click on links or download attachments from unknown sources.
  3. Be skeptical of "too good to be true" offers, such as those that promise large sums of money or ask for an upfront fee.
  4. Don't give out personal information, such as your Social Security number, credit card information, or bank account numbers, unless you initiated the contact and know the organization is legitimate.
  5. Keep your computer and mobile devices secure with anti-virus software and a firewall.
  6. Do your research before making any major purchase or investment.
  7. Don't be afraid to hang up or delete the message if something seems suspicious.
  8. Report any suspicious activity to the authorities.
  9. Keep your self updated with the latest scam methods and how to avoid them.

It's also important to keep in mind that scammers are becoming increasingly sophisticated, so it's important to stay vigilant and not let your guard down.

In Singapore

On 18 January 2023, an event titled "Scaminar! ACT Against Scams" was held at the Suntec Singapore Convention and Exhibition Centre, as well as virtually via live stream. This event was jointly organised by the Ministry of Home Affairs, the Singapore Police Force and the National Crime Prevention Council (NCPC), in partnership with The Straits Times.

At this event, the ninth edition of the anti-scam campaign by the NCPC, with the refreshed tagline “I can ACT against scams” was launched. The ACT acronym in the new campaign tagline outlines how members of the public can Add security features, Check for signs, and Tell the authorities and others about scams.

  • Add security features such as ScamShield and two-factor authentication for personal accounts. Also, set up transaction limits for Internet banking, to limit the amount of funds possibly lost in the event of a scam.
  • Check for potential signs of a scam by asking questions, fact-checking requests for personal information and money transfers, and verifying the legitimacy of online listings and reviews. Take the time to pause and check. If it is too good to be true, it is probably untrue, and a scam.
  • Tell the authorities and others about scam encounters by reporting to the bank, ScamShield, or by filing a police report. Tell others about ongoing scams and preventive steps they can take.

Read more...

Disinformation and Fake News

Clickbait is an article with content that is completely unrelated to it’s interesting title. This is a common way for cybercriminals to use large scale media platforms to distribute disinformation to confuse and mislead audiences.

Content could be:

Fabricated: completely untrue.
Imposter: pretending to be from a reliable source.
Misleading: presents content in a misleading way.
Manipulated: images or video that has been edited or distorted.
Context by Connection: Content that contains both facts and untrue information.
Satire or Parody: Funny or exaggerated stories that may be used to fool readers.

Always:

  • Consider the reliability of the source and author. Where, when and from whom was the information retrieved from?
  • Fact-Check the information that you see and educate yourself on the subject. You can use fact-checking sites such as FactCheck.org, PolitiFact.com, or Snopes.com to check the validity of content that you find.
  • Only consume news from mainstream news sources.

Careful what you share on Social Media

In 2016, a group of robbers broke into Kim Kardashian West’s hotel room, bound and gagged her, and made off with more than $10 million of jewellery. Months later in 2017, police arrested 10 individuals allegedly involved in the obbery, including mastermind Aomar Ait Khedache.

In an interview, Khedache revealed that he and his cohorts had targetted Kardashian West after she posted photos of her jewelry collection and updates about her trip to Paris for fashion week on social media.

“The jewels were shown on the internet, and she said that she didn’t wear fakes. She shared the time she would arrive in France. You just had to look at the internet and you knew everything. Absolutely everything.”

Using this information, along with data from social media accounts associated with Kardashian West’s family and friends travelling with her, the theives were able to determine the best time to strike – when she was at the hotel alone after telling her bodyguard to accompany her sisters to a club for the eveniong.

The robbery triggered a brief break from social media for Kardashian West, as well as changes to how she now uses social media, including posting about her activities only after she has left the location.

Sp0t thę HomogIyph

Microsoft recently announced legal action against domains that impersonate the brand using homoglyphs. A homoglyph is a letter or character that closely resembles another letter or character. Cybercriminals use homoglyphs to trick you into thinking a domain belongs to a trusted company.
Here’s an example: Scammers could use a zero (0) in place of a capital letter “O” or they could use a lowercase letter “L” in place of a capital letter “i”. Using these examples, the bad guys can impersonate SINGPOST.COM as SINGP0ST.COM. Some cybercriminals take this method one step further by using characters from other languages. For example, the Russian character “Ь” could be used in place of an English letter “b”.
Remember the tips below:

  • Be cautious when you receive an email that you were not expecting. This trick can be used to impersonate any company, brand, or even a person’s name.
  • Before you click, always hover over a link to preview the destination, even if you think the email is legitimate. Pay close attention to the characters in the URL.
  • If you’re asked to log in to an account or an online service, navigate to the official website and log in there. That way, you can ensure you’re logging in to the real website and not a phony look-alike website.
  • A properly operating password manager will not automatically fill in your password on an impersonated website.

Scroll to top