Connect with us

Tech & Innovation

4 Things that make people feel good about using chatbots

A recent study identified four factors that predict user satisfaction with customer service chatbots. The study also found that a positive chatbot experience was associated with customer loyalty, highlighting the potential importance of the findings to corporate brands.

Published

on

Photo by @cottonbro from Pexels.com

A recent study identified four factors that predict user satisfaction with customer service chatbots. The study also found that a positive chatbot experience was associated with customer loyalty, highlighting the potential importance of the findings to corporate brands.

“Chatbots that use artificial intelligence to address customer needs are already in widespread use, and are expected to become even more common over the next few years,” says Yang Cheng, corresponding author of the study and an assistant professor of communication at North Carolina State University. “We wanted to know how these chatbots are affecting the user experience and how they affect the way consumers feel about brands.”

For this study, researchers conducted a survey of 1,064 consumers in the US who had used a chatbot from at least one of the 30 US brands with the most highly regarded chatbot services. These brands represent industries ranging from fashion to food to software.

The researchers found there were four attributes that positively predicted user satisfaction with a chatbot.

1. The most powerful predictor was convenience.

Cheng says: “If people thought chatbots were fast and efficient, they were more likely to be satisfied. I can sympathize with those people – I hate talking to customer service and being transferred from one person to another.”

2. Focus on iInformation.

It matters if the chatbot provided information that was useful and relevant to the user.

3. Entertainment counts.

It also matters if interacting with the chatbot was pleasant or fun.

4. Social presence.

Lastly, if the chatbot made users feel like they were interacting with an intelligent being, they are more prone to using chatbots.

But one factor was associated with reduced customer satisfaction: perceived privacy risk.

Specifically, if users felt that the information they were sharing with the chatbot could be misused, they were more likely to report being dissatisfied with the chatbot service.

“Companies need to pay attention to these results as they invest in AI-driven chatbot services,” Cheng says. “Because we also found that a customer’s satisfaction with their chatbot experience was associated with the customer’s loyalty toward the relevant brand. This really highlights the importance of taking steps to protect consumer data – and ensuring that chatbot services are convenient, fun and helpful.”

The paper, “How Do AI-driven Chatbots Impact User Experience? Examining Gratifications, Perceived Privacy Risk, Satisfaction, Loyalty, and Continued Use,” appears in the Journal of Broadcasting & Electronic Media. The paper was co-authored by Hua Jiang of Syracuse University.

Tech & Innovation

Staff’s malicious actions bring risks to cybersecurity in businesses

A Kaspersky study found that in the past two years, 77% of companies around the world have faced cyber incidents, 1/5 of which were caused by deliberate malicious behavior by employees.

Published

on

Cyber incidents caused by “human factor” are usually attributed to occasional employee errors, but one more important element is often overlooked: deliberate malicious behavior by staff. Corroborating this fact, a new Kaspersky study found that in the past two years, 77% of companies around the world have faced cyber incidents, 1/5 of which were caused by deliberate malicious behavior by employees.

A variety of elements can be found when examining the “human factor” that can negatively affect the running of a business, ranging from ordinary employee mistakes to the misallocation of budget by decision makers. But one of the most important factors that is often overlooked is malicious actions by staff. This crucial finding was revealed in a recent Kaspersky study showing that, in the last two years, 20% of companies worldwide suffered cyber incidents due to malicious behavior for personal gain exhibited by employees. 

A recent case occurring at the Tesla company illustrates the dangers insider threats pose to business. Two of Tesla’s ex-employees leaked the names, addresses, phone numbers and email addresses of 75,735 current and former employees to a German newspaper. Maine regulators were informed of the incident in a data breach notification on August 18, after the company learned of the breach on May 10 from German news outlet Handelsblatt, and conducted an internal investigation. 

Insider threats: what you need to know

What are insider threats?

There are two main types of insider threats: unintentional and intentional. Unintentional, or accidental threats are employees’ mistakes such as falling for phishing and other social engineering methods, or sending sensitive and confidential information to the wrong person, etc. 

In contrast, intentional threats are perpetrated by malicious insiders who deliberately hack into their employer’s systems. They usually do so for financial gain from the sale of sensitive data or as an act of revenge. Malicious insiders aim to disrupt or stop an organization’s regular business operations, expose IT weaknesses and obtain confidential information. 

Insiders with malicious intentions are the most dangerous of all employees who can provoke cyber incidents. Threats posed by their actions are complicated by several factors:

  • Insiders have specific knowledge of an organization’s infrastructure and processes, including understanding of the information security tools used.
  • They are already inside the company’s network, and do not need to penetrate the perimeter from outside via phishing, firewall attacks, etc.
  • They have colleagues and friends within the organization, so it’s much easier for them to use social engineering.
  • Insiders with malicious intentions are highly motivated to harm their organization.

What are the reasons for insider malicious actions? 

One of the main reasons for employees to commit malicious actions against an employer is financial gain. Often it means stealing sensitive information with the intention of selling it to a third party: competitors, or even auctioning it on the dark web where cybercriminals buy data to attack businesses.

When employees have been fired, malicious behavior might take place out of revenge. This can be conducted even through connections with current staff, but the worst-case scenario occurs if they still can log into their work account remotely because the organization hasn’t removed their ability to access its systems as soon as the employee left the company.

Employees can also act maliciously when they are unhappy with their job or “to get even” with an employer who didn’t give them an expected raise or a promotion, for instance.

Another interesting type of malicious action occurs when one or more insiders collaborate with an external actor to compromise an organization. These incidents frequently involve cybercriminals recruiting one or more insiders to carry out different kinds of attacks. There may also be cases in which third parties, such as competitors or other interested parties, collaborate with staff to obtain the company’s sensitive data.

“Malicious actors can be discovered anywhere – in huge enterprises or small businesses, you never know. That’s why businesses should build an up to date, resilient, transparent IT-security system, uniting effective security solutions, smart security protocols and training programs for both IT and non-IT staff to safeguard against this threat. Additionally, it’s crucial to implement products and solutions that will protect the organization’s infrastructure. For example, our Kaspersky Endpoint Detection and Response Optimum contains Advanced Anomaly Control which helps detect and prevent suspicious and potentially dangerous activities, both by an insider working in a company or an actor outside the organization”, comments Alexey Vovk, Head of Information Security at Kaspersky.

To combat malicious insider threats, Kaspersky recommends:

Continue Reading

Tech & Innovation

Brace for more phishing, scams, data breaches, APT attacks in APAC 2024 – Kaspersky

Global cybersecurity company reveals that, in particular, the dangers of phishing, scams, data breaches, and geo politically-motivated cyberattacks are seen to continue targeting organizations and individuals from the region.

Published

on

Driven by the Asia Pacific’s (APAC) rapid digitalization movement and known geopolitical frictions, experts at Kaspersky predict the upcoming cybersecurity threat landscape in the region this year.

Global cybersecurity company reveals that, in particular, the dangers of phishing, scams, data breaches, and geo politically-motivated cyberattacks are seen to continue targeting organizations and individuals from the region.

“Asia Pacific’s digital economy continues to grow exponentially and is expected to keep its momentum in the next five years. With digitalization efforts including adoption of technologies like digital payments, Super Apps, IoT, smart cities, and now generative Artificial Intelligence (AI), cybersecurity will be key to ensuring the resilience of the region’s overall defenses against potentially damaging cyberattacks,” says Vitaly Kamluk, Head of Research Center for Asia Pacific, Global Research and Analysis Team (GReAT) at Kaspersky.

“When it comes to sophisticated Advanced Persistent Threats (APTs), we have seen that cyber espionage remains to be the main objective of Asian groups. We expect this trend to continue in 2024 due to the existing geopolitical tensions in the region,” Kamluk adds.

Kaspersky’s GReAT researchers have also specified the key cyberthreat predictions in 2024 for the key countries and territories in APAC.

South East Asia (Singapore, Philippines, Thailand, Vietnam, Malaysia, Indonesia)

The scale of scam in Southeast Asia

According to a report by the UN, hundreds of thousands of people from Southeast Asia (SEA) were recruited to join online-scam operations such as romance-investment scams, crypto fraud, money laundering and illegal gambling. Recruitment to these criminal operations are mostly done via advertised professional roles such as programmers, marketers or human resource specialists, through what appear to be legitimate and even elaborate procedures. 

Increased usage and trust in digital payment methods, lack of regulations protecting the rights of users online and large numbers of people forced into joining online-scam operations add complexity to this major issue in SEA and in resolving it.

“Law enforcement is working on many of those cases, involving scam and phishing attacks and we have seen successful operations in 2023, such as a joint operation of Australian Federal Police (AFP), and United States Federal Bureau of Investigation (FBI) and Malaysian Police which led to the arrest of 8 individuals behind a syndicate running a phishing-as-a-service campaign online,” says Kamluk.

“Nevertheless, we think that the scale of online scam and phishing attacks in Southeast Asia will only continue growing in the coming years due to technical and legal illiteracy of many people involved in such attacks from operators to victims,” he adds.

Singapore

Major technology safety and security highlights in Singapore in 2023 were related to data breaches and outages.

Financial service outages

In October 2023, DBS, one of the largest Singapore banks, experienced an operational failure due to datacenter outage, which resulted in 2.5 million failed transactions. Although, the reason for failure was not to be associated with a cyberattack at the time, given a prior history of outages, it will have implications on the bank’s strategies and priorities among which shall be increased reliability and safety of the services. As reported by the media, Citibank operations were also affected. While we embrace attention to improving the reliability and security of the infrastructure, it’s still the time of changes, which always opens a window of opportunities for the attackers.

DDoS attacks

Another highlight was related to web service outages of several public hospitals and polyclinics due to a distributed denial-of-service (DDoS) attack: the attackers flooded servers with internet traffic to prevent users from accessing online services. The disruption did not result in a compromise of data or internal networks according to publicly known information. This incident tells us that while the websites demonstrated resilience against potential compromises, they were unfortunately unprepared to a DDoS attack. 

Website defacements

A number of Singapore websites suffered from politically motivated defacement attacks in late 2023. Those attacks affected a historical temple website, a retirement info website, a tourism agency and other businesses located in Singapore.

“The bottom line is that the trend for future attacks in Singapore will likely be related to denial of service attacks, politically motivated compromises, defacements, and data leaks. Targeted ransomware threat is still real too, but will adopt the newest trend of pressuring the victim through regulator complaints,” explains Kamluk.

South Korea

Prominent political event and cybersecurity threats

In the upcoming year of 2024, South Korea is poised to hold a significant general election. Historically, major political events such as this have consistently attracted the attention of threat actors, who view them as prime opportunities for launching direct cyberattacks with the intent of disrupting the political proceedings. Furthermore, these threat actors often employ sophisticated social engineering techniques to achieve their goals. Thus, it is our firm belief that this impending major event will serve as a catalyst, intensifying the frequency and complexity of cyberattacks.

Customized Cyber Threats Targeting the Local IT Environment

Over the past several years, alleged state-sponsored threat actors have systematically infiltrated numerous entities within South Korea, employing widely adopted software solutions that are integral to the country’s IT infrastructure. These adversaries adeptly exploited vulnerabilities specific to the local, well-known software and IT ecosystem, thereby facilitating the successful dissemination of their malicious software to their unsuspecting targets. This nefarious activity wreaked havoc across various industries, causing extensive damage.

“As we look ahead to the year 2024, it is evident that these customized threats, meticulously tailored to exploit South Korea’s unique software landscape and IT environment, are poised to persist and pose an ongoing challenge,” adds Kamluk.

China

Telecom fraud activity will decrease, but phishing attacks may increase

In the past year, the Chinese government has been trying to find ways and even seek international cooperation to combat telecom fraud. In this high-pressure environment, the telecom fraud groups, known to be located in northern Myanmar, may soon collapse. 

However, Kaspersky researchers still have seen a wave of phishing attacks from unidentified groups over the past year launching frantic QR code phishing attacks on Chinese citizens, targeting personal credit card information. This group’s operations do not appear to be affected by the situation in northern Myanmar, and based on Kaspersky statistics and observed behavioral patterns, attacks may peak again at the end of the year and early next year. 

APT attacks on high profile targets will become increasingly active

Earlier this year, Chinese authorities reported cyberattacks on various national institutions and organizations. The CVERC reported isolating a spyware artifact named “Second Date”. This advanced cyber-espionage tool can fully control targeted network devices and enable prolonged data theft.

Targets that were compromised include a university developing military-industrial projects and government departments that maintain basic geographic data. In addition, Kaspersky have also noticed that some long-term active APT organizations have launched APT attacks against Chinese nuclear energy companies and unknown targets. 

Given China’s geopolitical prominence, Kaspersky experts expect that the number of APT attacks targeting the country will only increase in the future.

India

India has been traditionally suffering from a number of low skill but high scale scam and fraud cases. Typical threats include the following:

  • Illegal or fake digital loan apps
  • Income tax refund services
  • Real estate fraud
  • Investment scam
  • Ponzi schemes online
  • Job fraud
  • Sextortion

“The rise of technologies and digitalization of the Indian economy, such as increased use of the sophisticated Unified Payments Interface (UPI), the software from the National Payments Corporation of India, will lead to a wave of related scams. Another opportunity for scammers is the ever-rising popularity of cryptocurrencies, which may lead to a new generation of scam apps,” explains Kamluk.

Also, a growing popularity of micro-loan apps has resulted in new schemes to target users in India through unexpected inflated premiums and personal threats. 

In addition, with India’s move towards smart cities, IoT vulnerabilities pose serious security challenges for the country. 

For organizations in APAC, Kaspersky shares the tips below to keep safe from these upcoming threats in 2024:

  • Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities. 
  • Establish the practice of using strong passwords to access corporate services. Use multi-factor authentication for access to remote services.
  • Choose a proven endpoint security solution such as Kaspersky Endpoint Security for Business that is equipped with behavior-based detection and anomaly control capabilities for effective protection against known and unknown threats. 
  • Use a dedicated set for effective endpoint protection, threat detection and response products to timely detect and remediate even new and evasive threats. Kaspersky Optimum Security the essential set of endpoint protection empowered with EDR and MDR.
  • Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.

Continue Reading

Strategies

Add sorting your digital clutter to your New Year’s resolutions – Kaspersky

Cybersecurity company Kaspersky suggests adding another practical and smart resolution to your 2024 list: to protect your precious data by clearing your digital clutter!

Published

on

This new year, you could have resolved to quit a vice, to learn something new, to manage your finances better and maybe check a couple off your bucket list of places to visit. 

Cybersecurity company Kaspersky suggests adding another practical and smart resolution to your 2024 list: to protect your precious data by clearing your digital clutter!

What is digital clutter?

It’s a by-product of the digital age. This happens when users of devices create digital documents and files at an unstoppable rate as it is now. Users install way more apps than they use, rarely update them and usually don’t adjust the security/privacy settings of these apps properly. In this situation, users don’t worry about storage limits and become lethargic about reviewing these files and updating the apps. For example, users typically install 12 Android apps every month but delete only 10 so they actually add two apps to their device every month that are generally left unused and idle. 

This means that the digital junk sits on the devices or in the cloud forever. These all amount to what we call digital clutter. 

Poor user maintenance of device content also generates a build up of digital clutter. Kaspersky data shows that in 55% of cases, people regularly revise the contents of their device and delete unused docs and apps. In 32% of cases, people sort their digital clutter occasionally and in 13% of cases, users do not try to delete any docs and apps at all. 

A Kaspersky report showed the top five data that’s commonly stored on devices are general photos and videos (90%), photos and videos of travel and personal emails (tied at 89% each), address information/contact information (84%), and personal messages via SMS/IM (79%). 

A research that Kaspersky ran with OnePoll in 2019 showed that one’s fridge can show the security risk of this human habit. Two-thirds (66%) of those who have bought the same item to go in their fridge twice by accident have also found it difficult to locate a document or file while at work. 

2023 saw at least three major cyber incidents in the Philippines that caused fear, anger and frustration among Filipinos. From ransomware attacks to data leaks that compromised massive public data and personal financial information, these threatened not just the government and businesses but especially ordinary people who didn’t think they would be affected until it happened. 

“When it comes to cybersecurity, education is the most powerful form of defense. The more we educate and prepare ourselves, the more likely that we can minimize the risks to our personal data and money,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.  

“It’s been found that only about 8% of people achieve their New Year’s resolutions due to a lack of personal control, excessive stress and negative emotion. I say start small until it becomes a habit. A few simple changes in the beginning will go a long way towards protecting yourself and your data. Stay committed and most importantly, get help. There are so many resources, tools and people that you can count on for support to help you keep your resolutions,” added Yeo.  

Kaspersky suggests doing one or more of these tips to become safe digitally this new year: 

  1. Kiss passwords goodbye. We saw one major improvement in network security in 2022: giants Apple, Google and Microsoft simultaneously introduced passwordless sign-ins. Instead of a password, your device stores a unique cryptographic key for each site. There’s no need to type it in and it’s extremely difficult to steal. You can read more about this interesting technology here. We recommend switching wherever it’s offered as it will slash the risk of your account being hijacked. It’s also convenient because you no longer need to think up a password, memorize it and later enter it. Chrome, Edge, and Safari support the technology on both desktop and mobile platforms. 
  1.  Go disposable. Information leakage remains one of the biggest digital risks for all of us. User data gets stolen from ISPs, insurance companies, delivery services, social networks, and even school databases. The stolen data is then used to perpetrate various scams.

Unfortunately, there’s little we users can do to prevent leaks. But we can ensure there’s less information out there about us, and make it harder to match: that is, comparing the names and phone numbers in two stolen databases wouldn’t give an attacker any more info on us. We recommend giving minimal information to non-critical services (primarily online stores and commercial digital services) by not specifying your last name or social media accounts, and generally skipping optional fields. And use disposable e-mail addresses and phone numbers as your contact information. Numerous services provide temporary phone numbers for receiving confirmation texts, as well as one-time email addresses — just google “disposable phone number/e-mail address”. Some paid services of this kind even offer disposable credit card numbers, which makes online shopping even safer.

  1. Get away from toxic social media. Year after year, we encounter way too many negative events, plus the waves of hate on social media continue to reach new heights. If social media gave you the jitters in 2023, this year it’s time to part company for good. Incidentally, we’ve compiled a list of tips on how to walk away without losing valuable data. That said, some prefer not to quit, but to migrate, for example, to Telegram or Mastodon. 
  1. Stop doom scrolling. Social networks and news sites can consume hours of our time and lots of nervous energy. To avoid endless checking of news and posts, set a time limit on your phone for social networks and news apps. Start with an hour a day, and try to stick to it. Many vendors offer this feature: Apple’s name for it is Screen Time, Google’s is Digital Wellbeing, and Huawei’s is Digital Balance. And if your children are spending too much time on social networks, Kaspersky Safe Kids can help. Those prone to deceive themselves by making up for the missing time on their devices should enable additional self-control tools in the settings of the social network itself. YouTube also has such a feature, called Take a Break.
  1. Keep private and work lives separate. Separating work and private life is good for many reasons. It helps both physical and mental health since work doesn’t interfere with family-and-friends time, and domestic matters don’t distract you during working hours. And your employer gets improved cybersecurity because you don’t mix personal and work information, apps, and so on. Ideally, the separation should be physical, which means different phones and computers for work and private life. It remains only to remember not to use personal sites, e-mail, and social networks on your work device, and vice versa.
  1. Observe cyber hygiene. Use security software on all computers and phones. For each site that still requires a password, make it unique. Regularly update all apps and the operating system. These tips are nothing new, yet millions of people continue to ignore them, some out of ignorance, others out of laziness. You can avoid all the hassle by entrusting the whole routine to a comprehensive solution like Kaspersky Premium. 

Kaspersky Premium has a Hard Disk Cleaner and Health Monitor feature that:

  • removes duplicate and large files from your PC and declutters unused apps from your Android phone
  • alerts you if your hard drive is about to crash so you can back up your photos, files and data. 

This solution also has Performance Optimization that helps your computer run faster by:

  • deleting invalid Windows Registry entries
  • cleaning your folders and emptying your recycle bin
  • turning off data-hungry apps and stopping some apps from opening as you switch your PC on
  • prompting you to install app and software updates so your device gets the latest security.

Discover more about Kaspersky Premium’s security features for the entire family at https://www.kasperskyph.com/

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending