Connect with us

Cyber Crime

Scammers Prefer Friday and Saturday Says Telstra

Published

on

Scammers are getting to know their targets very well. After analysing data from 2022 and 2023, Telstra says Australians are more likely to receive a dodgy text message on a Friday or a Saturday.

Telstra says it blocks on average 11% more scams on Friday and Saturday than any other day of the week. The big telco’s security operations also noted that scammers like to hassle Australians between 1am and 4am.

DJURO SEN APPEARS ON SKY NEWS WEEKEND EDITION TO DISCUSS TELSTA SMS SCAM DATA

By targeting Thursday and Friday scammers are clearly trying to take advantage of Australians when they are out partying or distracted by other weekend duties, like sleep. SMS is a preferred method because it usually involves a quick response and during these hours it’s a strategy that appears to be working.

The good news is we get a bit of a reprieve on Sundays with Telstra reporting it blocks almost 20% fewer scam messages compared to the weekly average.

But the overall numbers show that we are just keeping ahead of the bad guys. It’s important to remain vigilant as Telstra blocks an average of 11 million scam SMS messages every month – an increase of 69% year on year.

You can find more information on scams from Telstra here.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

AI

What You Need to Know Ahead of Windows Recall Release

Published

on

Microsoft’s next generation AI powered Copilot+ PCs will soon be available but one controversial Windows feature has already undergone a drastic overhaul. RECALL is – as Microsoft says – ‘a new way to instantly find something you’ve previously seen on your PC’ using on device AI.

Every few seconds Recall takes a snapshot of what appears on your screen. These images are analysed locally by AI so you are not sending anything to the cloud. Recall can then offer you a timeline of your computer use through a visual interface. It really is like having a ‘photographic memory’ of all the apps, websites, images and documents that you’ve interacted with on your PC.

Obviously this would be a treasure trove for cyber criminals if they could access it. Security experts are worried it could be abused once a user logs into their device. Once the drive is decrypted, the history recorded by Recall is potentially accessible by a bad actor.

As I mentioned in the Sky News Weekend Edition segment above, Offensive Cybersecurity Advocate, Alexander Hagenah, an ethical hacker, created TotalRecall to encourage Microsoft to make changes. And thankfully Microsoft did make changes.

“Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards,” said Corporate Vice President Windows + Devices Pavan Davuluri.

“With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.”

So, not only has Microsoft made Recall opt-in only, users will also need to take more security steps to activate and actively use the feature once logged into Windows 11.

Recall is now off by default

RECALL SECURITY CHANGES

  1. If you don’t proactively choose to turn it on, it will be off by default.
  2. Windows Hello enrolment is required to enable Recall. In addition, proof of presence is also required to view your timeline and search in Recall.
  3. Additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.
Windows Hello enrolment is required to enable Recall

MORE SECURITY NOTES ON RECALL

  • Snapshots are stored locally. Copilot+ PCs have new NPUs (Neural Processing Unit) and this allows on device AI processing. No internet or cloud connections are used to store and process snapshots. Microsoft says your snapshots are yours and they are not used to train the AI on Copilot+ PCs.
  • Snapshots are not shared. Recall does not send your snapshots to Microsoft. Snapshots are not shared with any other companies or applications. Recall doesn’t share snapshots with other users who are signed into the same device, and per-user encryption ensures even administrators cannot view other users’ snapshots.
  • You will know when Recall is saving snapshots. You’ll see Recall pinned to the taskbar when you reach your desktop. You’ll have a Recall snapshot icon on the system tray letting you know when Windows is saving snapshots.
  • Digital rights managed or InPrivate browsing snapshots are not saved. Recall does not save snapshots of digital rights managed content or InPrivate browsing in supported web browsers.
  • You can pause, filter and delete what’s saved at any time. You can disable saving snapshots, pause them temporarily, filter applications and websites from being in snapshots, and delete your snapshots at any time.
  • Enterprise and customer choice. For customers using managed work devices, your IT administrator is provided the control to disable the ability to save snapshots. Your IT administrator CANNOT enable saving snapshots on your behalf.

Microsoft also posted on its blog:

“In our early internal testing, we have seen different people use Recall in the way that works best for them. Some love the way it makes remembering what they’ve seen across the web so much easier to find than reviewing their browser history. Others like the way it allows them to better review an online course or find a PowerPoint. And people are taking advantage of the controls to exclude apps they don’t want captured in snapshots, from communication apps or Teams calls, or to delete some or all their snapshots. This is why we built Recall with fine-grained controls to allow each person to customise the experience to their comfort level, ensuring your information is protected and that you are in control of when, what and how it is captured.”

I’m attending the Australian launch of CoPilot+ PCs at Microsoft, so if there are any more changes, I’ll report back to you.

Continue Reading

Bitfender

Avoid Being Scammed: Bitdefender Scamio Now in WhatsApp

Published

on

Revealed First on Sky News Weekend Edition Tech Chat with Djuro Sen

Bitdefender’s excellent AI chatbot – Scamio – is now integrated with WhatsApp. Scamio is a free service that analyses suspicious links, texts or QR codes. I started using the web app when it first launched and now I’ve been testing it within WhatsApp.

On your phone, click here to add Scamio as a contact in WhatsApp. From there you’ll have to login/create a free Bitdefender account. Once you’re connected, simply drop suspicious content, like a link or text message into a conversation with Scamio. Describe how you received the possible scam and what concerns you have about it.

 Scamio analyses and provides a verdict in a few seconds, sometimes a bit longer, along with recommendations on further actions. It’s a great contact to have in your database.

The conversational manner in which the checking takes place also makes it easier to understand what potential problems you could be facing.

Bitdender says, “Scamio was developed to disrupt criminal operations as threat actors rapidly increase adoption of AI and large language models and use of popular messaging apps and online services to steal money, credentials, and personal data. ”

The QR code option is a good one to look at I believe. Many people just automatically scan and click without checking if the site is legitimate. According to the Global State of Scams – 2023 Report, 76 per cent of respondents encountered an online scam at least once a month.

It definitely pays to stay alert.

Continue Reading

Apple

Don’t Wait. Try Apple’s Stolen Device Protection Now

Published

on

If some lowlife steals your phone it’s bad. But if they also know your passcode it’s catastrophic. They can quickly lock you out of your phone, turn off Find My, clean out your bank accounts and take over your Apple ID.

To help users avoid this, Apple is introducing STOLEN DEVICE PROTECTION in iOS 17.3. It’s currently in public beta so you can try it for yourself. As I explained to Jaynie Seal on Sky News Weekend Edition in the video above, the Apple update is designed to put significant road blocks in the way of criminals.

STOLEN DEVICE PROTECTION uses biometric authorisation when the owner of the device is away from home or work which are trusted locations. So even though the thief has your passcode, they cannot get access to things like passwords, turning off Find My, wiping the phone and tap-and-go payments that require biometrics. For more sensitive data, like changing Apple ID, there’s an hour time delay for a second biometric scan. This does not apply at a trusted location.

This is enough to slow down or stop any thief in their tracks. Personally, I don’t think Apple needed to do this but I’m glad they did. There is no flaw in Apple’s system – users need to take more responsibility for their phone and online security. But this update absolutely makes changing your passcodes extraordinarily difficult for criminals. And that’s a good thing.

You might ask, “how common is this passcode theft?”

Well it’s not common, but it does happen enough to be on Apple’s radar. A thief may see you enter your passcode, follow you, then steal your device. In matter of minutes they can access your phone, change the Face ID and possibly your Apple ID.

The importance of biometric authentication cannot be overstated. When a passcode is used, there’s always the risk someone can see it.

I watched a great story by the Wall Street Journal which goes into great detail about these criminal tactics. You can watch it below.

Now if you’re wondering what happens if your Face ID or Touch ID hardware fails, you can still use your passcode in a trusted location. So you won’t be locked out. In fact, you can still use your device for text messages and phone calls but sensitive areas will be locked down.

It’s vital once you discover your phone has been stolen, you log into iCloud Find Devices to mark it as lost or erase it.

We’re expecting iOS 17.3 to come out of beta mid-January, possibly February. But my advice is, try it now.

Continue Reading
Advertisement

Recent Most Popular