Cyber Security

Computer security, cybersecurity or information technology security (IT security) is the protection of computer systems and networks from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.

The Australian Government takes the issues of cybersecurity very seriously due to the personal and commercial losses that can accrue from cyber fraud. Two websites that are designed as resources to assist industry and consumers to safely and reliably use the technologies that we take for granted today, computers, smartphones, the internet, on-line commercial transactions and so-on, are:

https://www.staysmartonline.gov.au/

https://www.scamwatch.gov.au/ 

Some of the Terminology

Phishing refers to the practice of sending fraudulent email communications that appear to originate from a trusted source with the aim of gaining personal information or influencing the target to do something. Phishing combines technical trickery with social engineering to gain access to sensitive data such as login information and credit card data.

Phishing could be used to install malware* on your systems using an attachment sent via an email to you.  It could also be in the form of an illegitimate website that tricks you into handing over sensitive information or downloading malware.

* Usually a software that is designed to cause problems on your computer (or other device).

Spear phishing is a form of targeted phishing activity whereby an attacker can specifically target you. To protect against phishing:

  • Read and analyse all your emails carefully to determine their credibility.
  • Do not open any links directly in your email. Instead, hover over them to see the URL and open them in a new tab. If the details look suspicious, delete the message without opening.
  • Analyse email headers. The “Return-Path” and “Reply-to” parameters should lead you to the same domain stated in the email.
  • Sandbox any suspicious emails to analyse their eligibility.

Hover Mouse over a message in Inbox prior to opening

The words Spam and Scam are, in 2020, used as somewhat of catch-all terms for all types of Internet related nuisance and malevolent behaviour. It you are tempted to click an interesting, but too good to be true link, the ACC has a booklet for you The little black book of scams click the link and learn more and you may choose to download the booklet to your computer or device.

Spam  Spamming is the use of messaging systems to send an unsolicited message (spam), especially advertising, as well as sending messages repeatedly on the same website. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, etc.

Hacking  Hacking occurs when a scammer gains access to your personal information by using technology to break into your computer, mobile device or network.

Identity theft  Identity theft is a type of fraud that involves using someone else’s identity to steal money or gain other benefits.

Remote access scams  A scam trying to convince you that you have a computer or internet problem and that you need to buy new software to fix the problem.

Let’s look at some advice on how to manage these threats.