Connect with us

Tech & Innovation

Why you should care about your digital footprint

In this age of digital and technological transformation, information about anything and everything is readily available online. While we may reap the benefits of this more often than not, we must still remain vigilant and take active steps to protect ourselves and the people around us. 

Published

on

With how widespread the use of technology and the internet has become, it is practically impossible to come across someone that hasn’t used Google at least once in their lifetime. Likewise, people who don’t own a single social media account are far and few between; and while access to such websites have their perks, their accessibility in itself could easily lead to one’s downfall.

In a presentation entitled “Online Privacy and Risk Management” by OSINT Intelligence Analyst Ritu Gill held during Trend Micro’s annual cybersecurity conference DECODE 2021, Gill points out common habits of internet users that could be threatening their safety. Gill also shares instances when we unknowingly leave traces of our identity and ‘digital breadcrumbs’ that hackers could easily use to access sensitive information.

While the conference is primarily attended by cybersecurity professionals, students looking to learn about the field are still welcome. “The various panel discussions and presentations are designed to cater to different sectors as part of our efforts to educate vulnerable audiences and raise awareness on online safety and security,” said Alma Saturnino-Alvarez, Director of Threat Hunting at Trend Micro.

To better protect ourselves and minimize our digital footprint, here are some DOs and DON’Ts from Intelligence Analyst Gill herself that can apply to everyone –expert or otherwise. 

1. Be careful when posting photos of things that could contain sensitive information.

While this may be obvious and self-explanatory, it still persists to be a common mistake of social media users. Gill shares that even when covering up flight information and ticket numbers, an exposed barcode or QR code alone could already make your personal information (such as destination, boarding gate, address, and even bank information) available to anyone that knows where to look (or anyone that’s used an online barcode reader).

P.S. This also goes for photos of packages bought from online stores and vaccination cards.

2. 20 questions? This or that? Favorite ____? Be mindful of the information you publish online.

What may look like an innocent game to get to know people better, might actually be the key for hackers to unlock your personal data. These games, according to Gill, are prime examples of oversharing sensitive data online. Answers to seemingly innocent questions like “What street did you grow up on?” or “Name of first pet?” could provide hackers with the answers to security questions commonly asked for when securing an email address or bank account. 

Posting or publishing information like addresses, phone numbers, and birthdays without any security settings can unlock a mine full of data for hackers. 

3. Don’t click on suspicious links even and especially if it states that you’re now supposedly the heir of a recently deceased monarch and a billion times richer. 

Being on the receiving end of a suspicious text or email is something most of us have probably experienced at one point in our lives. While some links come accompanied by intriguing messages or seemingly automated “official” looking notifications, they’re no different from those obviously sent to scam in that one click on the link could automatically infect your entire system. Gill suggests using URL or website checkers like urlscan.io to get a read on where the link came from and to trace malicious activities from the source.

Remember to ALWAYS think before you click. 

4. Everything you post online builds your digital footprint. Be aware and thoughtful of what you post and how it can potentially endanger yourself and others.

Always exercise caution when posting online, especially if your accounts are not on private. Aside from refraining from posting phone numbers, addresses, and bank information avoid geotagging locations you are presently in or posting while on vacation. Such information could make people aware that your house is empty at the time or may compromise the location of you or your family. Gill warns to keep in mind that privacy settings don’t always work and sites may be “leaky” so manual precautions like these could save your life.

You have control over the information you release online; therefore, do so responsibly. 

5. Utilize the resources available to you to build your security and stay secure. 

While it may seem taxing, simply going through and adjusting your privacy settings could make a big difference. Gill advises to use strong passwords (not based on the names of pets or loved ones), turn on two-factor authentication, and install the latest software and app updates on your devices. Additional steps you can take include using a password manager, encrypted email, and a paid Virtual Private Network (VPN). Securing ourselves online can also be as easy as removing old accounts that are no longer in use and deleting software or unnecessary third-party apps from devices. 

Beyond securing social media accounts, Gill also reminds us to think about our online search habits and the search engines we use. Even on incognito, websites and service providers can still access search histories. Sites like coveryourtracks.eff.org, amiunique.org, and whoer.net can easily show how your browser appears to other sites. Using browser extensions like HTTPS Everywhere or Privacy Badger can help further adjust your privacy settings and keep you protected.

In this age of digital and technological transformation, information about anything and everything is readily available online. While we may reap the benefits of this more often than not, we must still remain vigilant and take active steps to protect ourselves and the people around us. 

To quote Gill’s final words, “Don’t be a soft target. Take control of your online privacy and security”.

BizNews

GoDaddy encourages MSMEs to streamline their online presence

Having your own website allows you to leverage borderless communication, control your own messaging, and increase your reach among audience segments you might otherwise lose to other brands on social media. 

Published

on

As a company that empowers everyday entrepreneurs, GoDaddy supports small business owners and entrepreneurs for them to be well-equipped to thrive online, especially given the current landscape. The company is particularly focused on empowering micro, small, and medium enterprises (MSMEs), as the global pandemic has significantly impacted this sector. 

The Department of Trade and Industry (DTI), in a recent survey, said that 10% of Philippine MSMEs have closed operations since June of 2021, with 46% of MSMEs in partial operations, and 53.8% reporting a decline in their sales. 

With these figures, it’s no surprise that many have adapted a digital means of conducting business, with varying degrees of success. While social media is often the main entry point and a great first step in establishing an online presence and futureproofing your business, GoDaddy also emphasizes the need to identify the unique advantages that having an official business can bring to help entrepreneurs move along in their digital journey. 

While it’s instinctive, especially for small businesses, to think that creating a website is time-consuming and expensive, establishing an online presence via an official website is actually a great, long-term investment. Having your own website allows you to leverage borderless communication, control your own messaging, and increase your reach among audience segments you might otherwise lose to other brands on social media. 

With tools like the GoDaddy Website Builder, you can launch your website in no time, as the tool gets you started with thousands of templates to choose from, as well as a drag-and-drop editor to easily build the website’s look. Custom site content can also be added in each section of the website. The Website Builder features tablet and mobile layouts, making your website more responsive and unique to your business. 

Having a website can also allow you to spotlight your brand’s offerings, away from the clutter of images on any given social media platform. You can organize this further, and dedicate an ecommerce shopping section integrated with your website, with GoDaddy E-Store

Another benefit of having your own website in the early stages of a business is being able to pin down both the quantity and quality of your website traffic. To maximize this capability, a powerful tool you can add in your kit is the Digital Marketing Suite, with inclusions such as analytics to track marketing success, and Search Engine Optimization (SEO) training to guide you in driving even more traffic to your site. This suite of digital tools comes with tailored action plans, enabling you to plan your next moves, guided by data, in attainment of your business goals and toward expansion of your business. 

“It’s only logical to go where the audience is, and that is online with the quarantine having increased the online activity. With  a lot of businesses having started doing so, the challenge now evolves to how to drive and retain online engagement,”  Norman Barrientos, GoDaddy’s Director of Marketing for Southeast Asia, said. “There are many ways to go about this and one of the most exciting things about digital is the capability to experiment. For those who have little wiggle room for extra time, having a website can be a way for businesses to strengthen and streamline their online presence,” he added. 

Continue Reading

Tech & Innovation

GCheck these tips to spot phishing scams and protect yourself

Scammers have found creative ways to sneakily get these info so it’s important to expose them and  get to know their methods.

Published

on

Ever experience that moment when you get a text message early in the morning and you excitedly jump out of bed thinking it’s crush-laloo greeting you, only to find out it’s some random SMS with bad grammar asking for your personal details? That inis-factor you’re feeling for these scammers — yes we’ve all been there, we feel you!

It doesn’t just stop there though. Nowadays, with the convenience of being able to buy anything with just a pa-“mine” comment at a live selling session or order that flash sale item with a tap of our fingers, come new levels of scam tactics. A common one is called phishing, where scammers send fake SMS, Emails, or links designed to trick people into giving away sensitive information such as personal information, banking details, and passwords. 

Scammers are getting more and more creative that we have to be G to be informed about what’s going on. Knowing the different ways they work is the first step in protecting ourselves. We all give in to certain types of “budol” as we call it—wherein we willingly fall for irresistible discounts or all-in-one bundles, or when you know you don’t need a new phone case but you purchase it anyway because it’s cute. To buy your wants and needs is okay, especially that you’ve been working hard for it. What is not okay is when you get yourself into types of budol that actually robs you of all your hard-earned money.

Are you G to be protected? Here are some common phishing scams and ways to protect yourself especially as we enter the merriest season of the year:

A popular method for scammers is to pretend to be an authorized customer representative on different platforms by appropriating company logos and a person’s profile picture. In social media, this can happen if you post your complaints publicly. They send a direct message and pretend to offer help with your concern. In emails, they use what seem to look like official addresses and create a sense of urgency to pressure you into following the steps they have outlined, otherwise, you will lose access to your account or incur possible charges. While in SMS, they send suspicious messages and links that will prompt you to install an app or require you to input your MPIN or OTP for many reasons: you’ve won a contest, have expiring rewards to claim, or that you need to update your contact information. Sometimes they’ll even call you. 

How do you spot scammers? Start by checking the sender. Is the text or call from a random phone number? Does the email look credible or does it look like it came from a sketchy free platform? Always check the source. Second, did they send you a link? GCash, for example, will NEVER send you an email asking to click a link. Scammers have become clever to make sure they no longer have typos on their message alerts. They used to misspell words like GAcsh or replace letters with numbers like GC4sh, but they’ve leveled-up to replicating official web pages by using the same visuals or actual promos to phish details from users.

Their goal is to get your One Time PIN (OTP) so they can link their device to your account, and your MPIN so they can login. If they can’t get your MPIN, they will try to ask for more OTPs in order to reset your MPIN. If you’ve been saving money for your pending bills and you don’t want to wake up as a player in Squid Game, never give out your MPIN and the OTPs that you receive on your phones.

However, scammers have found creative ways to sneakily get these info so it’s important to expose them and  get to know their methods. Here are some examples:

  • Hiram mobile phone – they borrow your phone for a variety of excuses but their real intent is to request OTPs to be sent to your phone so they can reset the MPINs themselves without you knowing.
  • Shoulder surfing – from the name itself, they spy over your shoulder to steal personal information that might help them in hacking your account.
  • Live selling sessions – this usually happens to online sellers when they broadcast what’s on their phones. Scammers just need good timing to initiate the OTP, display it on your screen for all to see, and therefore compromise your account.

If you find yourself on the receiving end of any of these suspicious instances or if you have concerns with any of the GCash services, the best way to address them is through the Help Center accessible within the app only.

The Christmas season and mega-sales online are happening soon so it’s important to remember this GChecklist: 

(1) check the sender or credibility of any website where you are being redirected 

(2) never share your MPIN or OTP

(3) only do actions within the GCash app. 

Once you tick off everything on this list, make sure you’re G to share this so your friends and family can protect themselves, too. For your holiday hauls, don’t forget: magpa-budol wisely!
For more information, visit gcash.com.  

Continue Reading

Tech & Innovation

Account protection essential in avoiding phishing attacks

To protect yourself, you must scrutinize the details of the post, such as spelling, grammar, and even the links posted, as suspicious-looking details almost always leads to unscrupulous activities online. 

Published

on

More often than not, phishing is likened to a simple hacking. However, it is more than that. These attacks can be avoided when people know and understand what data should be protected.

“Data is like gold we need to protect, especially for professionals and businesses,” Jaypee Soliman, UnionBank VP/MSME Segment Head, mentioned as he talked about phishing at the ACACI PH 37th Annual National Convention, Technical Session 5: Prevent Cyber-Attacks: What Accounting Professionals Need to Know.

Phishing is defined as “a fraudulent practice of sending e-mails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.” In reality, fraudsters are “pretending to be from huge companies, and that they need your personal information. Once you have given usernames or passwords, they have several ways to hack into your accounts.” 

For example, phishing can happen through compromised emails. Fraudsters can easily get your passwords that allow them to go through your sensitive information or files. Usually, the same password is used for mobile banking. Thus, when they pose as bank representatives and convince you to give your OTP, they now have access to your online banking accounts.

Phishing has evolved greatly in this age of social media. It is no longer limited to emails as it can be done through popular sites like Facebook, Instagram, or Twitter. These can be through bogus promos or ads that you come across as you scroll your timeline. To protect yourself, you must scrutinize the details of the post, such as spelling, grammar, and even the links posted, as suspicious-looking details almost always leads to unscrupulous activities online. 

Scammers also do phishing through SMS or “smishing” and Voice calls or “vishing”. In these, they try to attack your emotions — either scare you or guilt you into giving up your sensitive financial details. They convince you to act urgently and disclose you card or banking details, pretending that someone is trying to make an unauthorized transaction using your card or bank account. 

Smishing often happens with a fraudster sending a message with a clickable URL. When clicked, these links direct you to a website prompting you to enter your details, including sensitive ones. Once done, cybercriminals can now use these to access your accounts and steal money or more data. 

Soliman walked through the steps that professionals and businesses should know to avoid falling victim to these phishing attacks. 

1. Understand the entry points or gateways where fraudsters can get in, such as an email. Each and every access point is a potential entry point of threats.

2. Have an early detection system. Depending on the strategy of the company, it can be an internal communication system where threats are recognized. 

3. Have a response mechanism. This may vary depending on what industry the company belongs to. 

4. Have a solid communications system. This helps get information about potential threats inside the company that also extend to the customers.

5. Have a recovery plan. This is your strategy on how to treat intrusions, how to block or even eliminate these threats.

Soliman also recommends the following:

  • Don’t share sensitive info to other people;
  • Think before you click;
  • Enable multifactor authentication 
  • Don’t use the same passwords across platforms and emails especially for mobile banking;
  • Choose a reputable email provider;
  • Only shop in reputable sites;
  • Keep your devices and software updated

In addition, to monitor if data has leaked out of your accounts:

  1. Check if your e-mail is compromised thru https://haveibeenpwned.com/ 
    • See the sites or apps where your information is compromised
    • If there are any, best thing to do is change passwords
    • Or even delete or deactivate apps or software you do not use anymore
  2. Check all your online accounts
    • Check your recent activity, or log-in activity
    • If there are irregularities, respond right away by calling the platform to block devices using your account 

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending