Posted on

The Online Threats of 2019

How you can stop them from happening.

Like a biological virus mutates – as technology advances, so does the complexity of phishing and identity theft schemes. With major services adopting cloud technologies and storing private data online, anyone is vulnerable to hacking.

To make matters worse, hackers continue to come up with some pretty creative ways to profit from stolen information.

Without wasting time, these are the things you should already be doing to avoid being exposed to hackers in the first place:

In order to keep these cybercriminals out of your lives and computers, let’s take a look at some of the actual schemes to watch out for in 2019.

Hacking

We all know what hacking is by now – the term has almost become synonymous with internet security. So a question is: do you love watching movies on Netflix or jamming out to your summer playlist on Spotify? If the answer is yes, then you’re at a pretty high risk of getting hacked.

DynaRisk, a UK cybersecurity firm, recently found that cybercriminals most commonly target these brands, along with adult-oriented sites (you know what we mean) and then, online gaming services.

Identity Theft

A few weeks ago, authorities caught a New York-based gang who had used identity theft to steal over $19 million worth of iPhones. Quartz reported that this operation ran for seven years.

So-called “Top Dogs,” the ring leaders, would organize lower level members of their organization to steal identities and create clone credit and identity cards. Then, affiliates fanned across the nation, signing up for mobile phone plans to acquire iPhones, which were later sold for a profit by the Top Dogs.

Because phone payment plans take the shape of nominal fees over the course of several years, victims often wouldn’t notice the fraud until it was too late. Learn how another scheme dubbed sim port attack works in the diagram below:

Ransomware

Hacking can happen to anyone – including our favorite bands. In early June, a hacker managed to steal the minidisk archive of Thom Yorke, the lead singer of Radiohead. This included previously unreleased demos and audio material from around the time of “OK Computer,” the band’s 1997 worldwide hit album. The hacker then demanded $150,000 on the threat of releasing it.

Holding files for ransom is so common nowadays that it even has its own name: “Ransomware.” Either pay over the ransom or lose your files—or, even worse, have them released onto the unforgiving Internet.

In response, Radiohead released all 18 hours of material on Bandcamp themselves, winning against these ransom hackers.

Most security experts recommend the same route as Radiohead—never pay the ransom, because there’s no guarantee you’ll recover files or prevent their release.

Sextortion

If you think ransomware is bad, there’s an entire subgroup of it aimed to profit off sexual shame. Cheekily named “Sextortion,” some hackers creatively upgraded the classic email phishing scam to scare victims into handing over Bitcoin.

According to Fortune, hackers have already racked up over $900,000 with sextortion. In these phishing emails, the sender claims to have spied on you while you watched porn—and has webcam footage of the salacious deeds. The message then demands a Bitcoin ransom, or else face the social and professional consequences of this lewd video getting sent to all your contacts.

To make the threat even more believable, the sender references a previous password tied to the user’s email account. According to Krebson Security, a sextortion phishing message might look a little like what’s written in the sidebox.

In rare cases, the threats are real—and hackers get their hands on some sexually explicit photos. Recently, American actress Bella Thorne fell victim to sextortion. Last Saturday, she took a similar, albeit more risqué, route as Radiohead, opting to release her nude photographs on Twitter in order to take the power away from her hacker.

Last thoughts..

So, what’s the best way to avoid your personal, or, business from costing thousands in virtual currency? Since most of these emails are fake, you can just avoid them with a spam filter. And you should probably buy a webcam cover…just to be safe. When it comes to general browsing- we suggest using a VPN.

Read more about VPNs here

There are now more secure anti-hacking tools that use the Blockchain and offer great protection especially against identity theft. Have a look at our feature on Tokenisation.

Most online services now like mobile banks, offer App-based 2-factor authentication. This should now be regarded as the minimum security for ANY online account or App.

To avoid hacking or phishing scams in general, optimizing your cybersecurity and using online common sense will save you loads of time, trouble and money.

Cybersecurity by Acunetix
Posted on

Already GDPR-ed Out?

Well it didn’t take long. Less than a full week in fact, for the first GDPR-related court cases to surface against none other than the biggest social tech giants Facebook and Google.

It was as if lawyers were just waiting to pounce on the tech giants for their apparent failure to protect our rights as an online users.

This pertains specifically to issues relating to data privacy and the sharing of private details mainly with third-party marketers.

Now the issue about how Facebook stores and shares data has been clarified by several intense inquiries in the US and recently in Europe. This is where the law is set to benefit users of the social media platform on that geospatial area of the world.

The said lawsuit, however, focuses on the opt-out clause that forces you and I to make a choice to comply or leave. The claimant is a privacy campaigner. He has made the Billion-Euro complaint on behalf of several users; seemingly a challenge to the likes of Facebook.

Additionally, he has launched a separate suit against Google, accusing them of “pressurizing” users into accepting their data collection policies.

This ‘comply and accept or get thrown out’ clause could leave many without their routine dose of social media consumption simply because they prefer to engage privately. Such a clause is deemed unfair.

It could cost a lot if they get their way based on the terms stipulated in the new law.

The social media giant could be fined up to a few billion or a sizeable fraction of their earnings in punitive damages.

The aim of the new law

The passing of the new regulation on May 25th, 2018, better known as the General Data Protection Regulation {GDPR} has been a long time coming.

Despite the warnings several months or even a year in advance of the “kick-in” of the regulation – many find themselves unprepared for it.

Some of the reactions to the law include that of confusion, anxiety by both large and small firms alike and plain comical hysteria!

Non-compliance now carries heavy fines and penalties, up to 20 million euros for anyone operating within the EU borders.

So, what then, is the big fuss about GDPR?

Well, it boils down to a right that has since the launch of the Internet to the mainstream, been waivered and overlooked.

The CONSENT to use your data for anything other than the reason you went public on the world wide web is now very crucial.

This has become a contentious issue as many companies have over the years, unscrupulously benefited from data acquired (mined) without your consent – Facebook only brought this into the spotlight recently.

Read more about data mining here

Who needs compliance?

If you hold a folder, database of clients whether online or on your internal server, you would have to comply with the rules which stipulate full disclosure. This includes who you share your details with, and how the information is tracked, shared and kept private/secure.

Furthermore, research in March this year showed that only 39% of the Fortune 500 companies in the UK and 47% had GDPR compliance taskforces. It is unlikely  that that statistic is 100% by now.

Another UK firm commissioned study found that our buying behaviours these days, are heavily influenced by we perceive our data is being handled by the company offering the good or service.

The consent given to use your basic information such as one’s name, phone number and email address cannot be taken for granted – even in the medical environment.

German doctors’ practices, in the wake of GDPR, are manually making their clients sign consent forms. Doctors are required to fully disclose who they share your contact information with.

This is a practice that we have always treated with levity. The new law nevertheless clearly stipulates that henceforth, it will be mandatory.

How to be compliant

There are simple ways you can stay GDPR compliant. One method is to adopt an attitude of embracing it rather than just complying with it.

Being transparent with your customers can be achieved in the following ways: Adding a cookie bar to your website. You can also add a clause/paragraph to that effect (in your website’s disclaimer) in the ‘About Us’ section.

Similarly, you must state clearly on any opt-in forms. Newsletters for example, and any forms where their data is collected, used and passed onto other third-parties must be announced. State clearly who they are and which data they have access to.

You then need to give your customer the option to select what they want to share even if it seems insignificant.

Even if such data may not be necessary for them to receive services from you.

This probably involves reviewing your relationships with third-party affiliates and partners to ensure that they are also complying with the law.

They could be jeopardizing your data compliance efforts – as Cambridge Analytica did with Facebook.

The last and most challenging step requires the action of what is promised above. This, therefore, means an upgrade of your internal software  to include security/encryption.

GDPR compliant software

You can obtain full compliance by using a GDPR-compliant package like Office 365 Enterprise E3.

This package has email software specially designed for those of you dealing with sensitive client’s data that need to be kept for long periods.  Litigation hold, heavy archiving features; as well as basic email encryption are all included.

You can add supplementary encryption software such as Azure Information Protection as an extra layer of security. This helps you to safeguard exchange-hosted emails and stored data from being lost, compromised or accidentally shared.

All said and done it is likely that if you are a bigger firm, you would either need to create the position of a data security officer internally (if your lawyers are not up to date with digital laws), or to outsource the service.

This should make you fully compliant thereby having to avoid issues with the data compliance authority altogether.
Posted on

For investment gains or for purpose?

As much as institutions, risk-averse, or simply skeptical people have downplayed the new digital currency revolution – it still, a decade after coming to public light, remained resilient.

Bitcoin now gets a regular mention in daily news and stock market reports. It is also being traded by several established investors and even included by fund managers as (naturally) high-risk portfolio instruments.

We all by now, have heard the old rhetoric of high volatility and use for criminal activity when it comes to Bitcoin and its crypto-family.

Billionaires Warren Buffet and Bill Gates were two of the most recent financial ‘institutions’ to weigh-into this by publicly lambasting Bitcoin – with Buffet equating the cryptocurrency to rat poison!

Such views back the ‘rationale’ for crypto’s inability to take over fiat money or become a major form of currency.

Be it may, the digital currency, however, does have its unbeatable benefits and functions: ones that are difficult for even the most hardcore anti-crypto audience to ignore.

Here are three functional attributes and trends that the digital revolution has created since coming to the mainstream:

1. Financial emancipation.

Bitcoin and ‘altcoin’ investing have created a new wave of financial investors.

These are retired bankers; naturally the ‘millennials’ – who instinctively jump on-board a new discovery that has creative destruction-like tendencies; and then the plumber, bartender and the average man on the street.

Its ease of access, use and potential to turn a few dollars, euros or local currency into hundreds, thousands or millions more, makes it a high appeal for those who typically would be excluded from owning an investment portfolio.

Based on their returns many have taken to social media (via groups, profiles and communities) to share their success stories. But this is also a reason to heed caution when taking counsel from anyone claiming to be an expert in cryptocurrency investment.

It is new and while volatility is not new to trading – it is constantly on a rollercoaster ride making it hard for even seasoned trading experts to predict using traditional market analysis tools.

New analysis tools

A recent development termed Hodl Waves attempts to track and predict Bitcoin movements via complex usage history – comparing behavioural patterns of what people do when they have the coins and when they choose to reinvest them.

Cryptocurrencies have nevertheless, got more people thinking about making profits, looking into tax implications and anything financial for that matter!

Crypto investors are now constantly planning for their future while matching their ‘block’folio performance to capital gains not only from rival coins but also against traditional (lower yielding) investment instruments.

N26 Bank
N26 Bank

Blockchain technology has also spurred a new path of careers and industries as more companies globally, for instance, look to acquire the lucrative Crypto exchange license to operate.

These cryptocurrency exchanges require people to service clients in various levels.

From account managers, technical advisors, software programmers, to customer service agents and the accompanying social media marketers needed to promote the various exchanges.

Governments as well will benefit from their operations and while there are still discrepancies in most countries about how to tax individuals, fiscal authorities will get a lion’s share of income from taxing these exchanges.

2. The way money is transferred.

We all have undergone the painful stress of waiting for funds to clear so your rent gets paid or waiting to receive money from abroad for an emergency.

But the standard “3 to 5 working days” in which most (if not all) banks guarantee for something as simple as an inter-bank transfer is simply not good enough especially when there are public holidays involved.

With cryptocurrency, the aim is to be not only the most secure form of funds transfer – but the fastest.

main-qimg-ff968a87730554a92951137b04f01117

Converting cryptocurrency back to fiat money, however, remains the only potential bottleneck as it would require institutions to adopt or directly accept payments in the cryptocurrency to avoid one going through another step to receive goods and services.

Cryptocurrencies nevertheless still cut down transfer time significantly compared to traditional electronic fund transfers of fiat monies – which becomes even more of a logistical quagmire of time wasting and high costs if you must switch currencies before the transfer can be made.

To reiterate, all of this can and be avoided once more and more companies accept payment in one or more types of cryptocurrency.

The onus is thus on the creators of the digital coin or token to prove that their digital currency is reliable enough and readily available to be used as a form of legal tender.

There are several reports nevertheless of known, well-established financial institutions and companies using currencies like Bitcoin, Ripple, Verge for fund transfers or even direct exchange for services.

The New York Stock Exchange (NYSE) this year plans to list Bitcoin (as an EFT) on its bourse and is filing for permission from the SEC regulators.

3. The third and final point to consider.

One that cannot be omitted, is the reduced costs associated with dealing with money you have (hopefully) earned form hard work.

Even inheritances are gained because of the toils of the giver’s hard work. So, it wouldn’t be fair for a group of a few companies headed by executives to siphon it from you all in the name of ‘providing you with a service’.

We all pay for Internet use (and the security software associated), for smartphones and computers.

We, therefore, have the technology to make transactions ourselves without having to rely on others to charge us for things we can do ourselves.

The financial institutions have long preyed on people’s ignorance, obedience, and unquestioning trust while they brazenly burn cash dabbling in equally questionable high-risk investments like derivatives and futures.

A new wave arises
120x600

It is only a matter a time before the banking institutions and big companies get on board to benefit from the high-level encryption and speed provided by digital currency.

They would even if it meant creating their own blockchain and not bowing down to the pressures and potential competition that these altcoins pose to their modus operandi.

To conclude, the ‘wait and see’ mantra all that we can exercise when predicting the future of digital currency.

But for now, it is a bright one considering the three points mentioned above.

There are, however, concerns on how secure the encryption can remain with the advent of quantum computing.  This ground-breaking tech has the potential to make calculations at millions of speeds faster and thus able to crack the toughest data encryption.

Regulation, however, while feared by hardcore decentralization pushers, would be required in some form to keep Crypto prices stable. This is in addition of helping to manage the daunting task of keeping cryptocurrencies away from criminal exploitation.