New Job Post New Target | Hackers

LinkedIn Privacy – Don’t Let Your New Job Post be a New Target for Hackers

LinkedIn is a fantastic social network for connecting with colleagues and industry associates, but posting about your latest new job on the platform could make you a target for cybercrime.

Here’s a brief overview of the current threats on LinkedIn and how to keep your profile secure.

Cybercriminals targeting professionals on LinkedIn

The excitement of getting a new job is something we all like to share with our social network – but unfortunately they aren’t the only ones looking at our LinkedIn profiles.

A new wave of cybercrimes using LinkedIn is on the rise with professionals around the world wishing for the days when their most annoying connection requests came from pushy recruiters.

Today, hackers and cybercriminals are tracking professionals who have started new jobs and using the information they gather to carry out impersonation scams.

The typical MO of a LinkedIn impersonation scam goes like this:

  • The new employee who has recently joined a company receives an email from their boss or supervisor, requesting that they make an unexpected purchase or funds transfer.
  • Not wanting to make a bad impression on the boss, many overly trusting people will follow the instructions as given – only to find that their actual manager knows nothing about the request.

In reality, the person who sent the email was simply impersonating a senior member of the company after researching both the employee’s and manager’s details on LinkedIn. This double violation of privacy has cost workers in various countries a small fortune – and you certainly don’t want it happening in your organisation.

As online scams escalate, privacy protection is non-negotiable

Protecting your LinkedIn profile from unwanted eyes –  and ensuring that everyone in your company does the same – is an essential first step when it comes to avoiding these LinkedIn scams that are becoming more and more common.

  • Employees should be guided to not accept connection requests from people they don’t know and have never interacted with before.
  • The onboarding process is an ideal opportunity to educate your team on the importance of verifying that emails are legitimate and have been sent from one of the company’s official email addresses before following instructions.

Online scams and other cyberthreats are a reality that every business needs to prepare for. To secure your confidential data and enjoy peace of mind, browse our range of secure cloud storage solutions today.

Hackers and daring online scams | Cybersecurity

The Most Daring Online Scams 

At Soteria we work around the clock to help companies secure their data and prevent cyberattacks, and we will be the first to say that data security is no laughing matter.

Except when it is.

Hackers may be our sworn enemies, but we have to admit that some of the tactics and tricks they use to fool internet users, including some of the smartest people in the world, can be inspired and hilarious.

In this article, we take a lighter look at the world of cybersecurity and some of the crazy lengths cybercriminals have gone to in their quest to access your crucial private data.

The first hack in history

Hacking may be the scourge of the ultra-connected 21st-century, but illegal interception of communications started over 100 years ago.

Back in 1903, the Royal Institution was getting ready to demonstrate a new telegraph technology invented by Guglielmo Marconi. Just as the demonstration was about to kick off – with the kind of excitement you’d expect from a new iPhone release back when we still cared about them – the telegraph machine suddenly sprung to life with the word “rats” being repeated over and over on the ticker tape.

Before long, a dirty poem mocking Marconi arrived over the telegraph, causing a stir in the press. When the authorities investigated, they discovered that the magician Neville Maskelyne, who had a grudge against Marconi, had managed to intercept the telegraph transmission.

This was a sign of things to come 120 years later in our own time, when hackers routinely attack unpopular public figures or execute denial of service attacks on websites that they dislike.

Ocean’s 11 –  in a fish tank

The Internet of Things has brought about a situation where smart devices are connected in almost every office in the world, and some of them are so obscure that you’d never think to secure them.

Several years ago, a Las Vegas casino suffered a major data breach when hackers took control of the electronic sensors that monitor the water temperature and mineral content of one of its fish tanks. Once they gained access to the casino’s network, they were able to identify some highly sensitive unsecured data which they transmitted to Finland –  a fitting location for such a fishy crime.

X marks the spot for a celebrity bitcoin scam

In 2022, when X was still known as Twitter, the company’s current CEO Elon musk was one of many internet users scammed by a cybercriminal who offered to double any amount of bitcoin that they sent to him.

Needless to say, not one of the countless number of people who fell prey to the scam got even a cent back. Then again, since Elon is estimated to have overpaid by $19 billion when he bought Twitter he probably didn’t let the loss of a few bitcoin get him down.

Jokes aside:  you won’t be laughing if you’re the victim of a cyberattack

The ingenuity that cybercriminals have shown in cheating internet users out of their money is only going to get more impressive in the years to come.

Securing your network, updating your firewall and antivirus, and never responding to communications from anyone you don’t know and haven’t confirmed as the sender are three simple ways to stay safe online – but you these days you will likely need more protection.

Secure cloud storage offers a powerful layer of protection for your crucial data, with automated and encrypted backup ensuring that files are sent to the cloud on a regular basis to prepare your organisation for anything the dark web can throw at it.

Learn more about our range of packages for business and home users and take a powerful step in securing your data in the battle against hackers.

Security Breach | Hackers

Staying a step ahead of hackers

Cybersecurity is an investment that no business can afford not to make. With ransomware and hacking attempts skyrocketing internationally – especially in South Africa – securing your personal and business data is as important as keeping your physical belongings safe.

The law enforcement community has an old saying: to catch a criminal, think like a criminal. Let’s find out how this sage advice can be used to stay a step ahead of hackers by learning how they think and predicting their next move.

Reality check: it’s never been easier to become a cybercriminal

Hollywood movies have done a good job of portraying hackers as geeky loners with an antisocial agenda.

Shady characters in hoodies shut in a basement with their faces half illuminated by a computer screen may be the movie image of hackers – but in reality they are highly organised and sometimes extremely social criminals.

  • The rise of software-as-a-service means that bad actors on the dark web also have access to the latest apps. But while we subscribe to Uber and Microsoft Office, hackers sign up for ready-made criminal software to infiltrate our cyber defences.
  • The rise of AI also means that bots are being trained to write malicious code, with the potential to affect millions of web users.

Considering the availability of hacking tools out there, criminals no longer need to have an extensive IT background in order to capitalise on the weaknesses in our cyber defences.

The big question is: how exactly do they go about planning and executing cyber-attacks?

The cybercrime mentality: understanding hackers’ MO

Before a cyber-attack or infiltration attempt takes place, cybercriminals will typically carry out these steps:

  • Footprinting. This involves gathering information about your business to determine whether it’s a good target to pursue.
  • Scanning. This phase is focused on finding out more about your company’s cyber defences and create a strategy to penetrate them.
  • Enumeration. This phase is akin to knocking on the door to see if anyone is home and is usually carried out through DNS.
  • The hack itself. Gaining access to your network using a vulnerability discovered in the first few steps.
  • Privilege escalation. Once inside, hackers will increase their level of access to your files and password information to carry out the attack.
  • Covering their tracks. Hackers will typically delete all evidence of having been in your system to avoid detection and prosecution.
  • Creating a back door. In case they want to come back to steal again, hackers usually install an innocent seeming piece of software that will let them gain access to the network easily in future.

To stay a step ahead of hackers, it’s essential to counter each of these steps before they take place. Here’s how four steps can keep you one step ahead:

  1. Make your business less accessible by training your staff to spot and report social engineering attacks
  2. Strictly control permissions and file access on your network
  3. Use encrypted cloud data storage and multi factor authentication
  4. If an attack occurs, have a response plan ready and have an IT expert scan your network for back door software.

Soteria’s range of secure cloud storage solutions gives you a safe place to stash your data treasure. Click here to choose the package that best suits your needs.

Beware of ChaptGPT False Promises

ChatGPT False Promises – Is AI a Hacker’s Dream Come True?

Artificial intelligence has taken a huge leap forward recently with ChatGPT showing off its ability to write text that resembles human output. Many companies are experimenting with this technology to simplify their business communication processes – and as usual, hackers aren’t far behind.

While ChatGPT attracts new fans and foes around the world, cybercriminals are relying on the hype around the new generation of AI to lure unsuspecting internet users into downloading malware and ransomware promising AI capabilities.

“Chat GPT enabled software” is likely fake  – and dangerous

Next time you’re on social media or browsing the web, you may come across ads for an app claiming to have a “ChatGPT functionality” that can significantly boost your productivity.

At present, the only ways you can use ChatGPT are by visiting the official website of its developer Open AI or by using the Microsoft Bing search engine.

Other apps that claim to be powered by ChatGPT have been found to be malicious software developed by hackers in order to spread malware or steal user data.

Once installed on your smartphone, these apps could start searching your files for personal information including internet banking login details.

Your smartphone operating system could also be hijacked and used to mine cryptocurrency or carry out acts of cybercrime without your knowledge. According to CIS Guy Rosen, “From a bad actor’s perspective, ChatGPT is the new crypto”.

If you notice anything unusual about your phone – including the following – you’ll want to take action right away.

  • Your smart phone is suddenly running a lot slower than before or isn’t responsive.
  • Your phone overheats frequently, or the battery drains extremely quickly despite having been charged recently.
  • Your data usage starts to spike to levels that you’ve never seen before – even though your usage is similar to previous months.

How to safeguard your mobile device against cyberattacks

If you suspect that your device has been hacked or that malicious software is running in the background, there’s no time to lose. Disconnecting your phone from the internet will stop the flow of data that hackers may be using to steal your sensitive information.

Installing updated antivirus software and running a scan immediately should help you detect malware or ransomware. For a 100% privacy sweep, you could also wipe the device and restore factory settings.

Keep your data safe with Soteria

Cloud-based encrypted data storage is your best defence against cybercriminals. To secure your information, browse our range of secure backup solutions today.

Image credit: https://pixabay.com/photos/cyber-security-smartphone-cell-phone-2765707/

Click here to view online

Discarded Routers – Hacker Opportunity | Router Security

Discarded routers an opportunity for hackers

If you had  to clean out your office storeroom right now, you might just find a few old WiFi routers lying about taking up valuable space.  But before you get rid of these items for good you may want to wipe them completely – before hackers get hold of them and access your important data.

A WiFi router may not seem like it could be the key to your important financial and customer information, but in reality every device attached to your network could be a weak link in your cybersecurity chain.

Let’s take a look at the unique threat posed by discarded routers and other devices, and how you can ensure that they don’t compromise your important data.

Routers are a cybersecurity weak point

A recent UK survey by the consumer protection agency Which?, showed that a shockingly high number of Britons – over two million, to be exact –  hadn’t updated their router software in years.

A similar trend is likely unfolding in SA, putting entire IT networks at risk of cyberattacks.

The survey showed the routers pose three threats to cybersecurity:

  1. Weak passwords – Most routers come with default passwords that can be accessed online – and you don’t have to be a super hacker to do it. The information can be learned by simply reading the manual.
  2. Out of date software – Routers need to be updated just like phones and other devices or they could become highly vulnerable to cyberattacks.
  3. Local networks with weak security – This is a general flaw of the IT network itself and could result in attackers gaining control of the router entirely. This could be the perfect launchpad for an online attack or data theft.

How to keep hackers away from your current and old routers

When most of us throw something away it goes into the “gone and forgotten” category in our minds.

Unfortunately, if your router or device falls into the wrong hands it could reveal sensitive corporate information such as network passwords, third-party data connections, network credentials and other information that criminals could use to access important data or launch an online attack.

  • Every router currently in use on your network should be updated, patched, and have a regular password change to ensure maximum security.
  • When you dispose of old routers it’s essential to change default passwords and ask your IT manager to wipe them using the manufacturer functionality.
  • Ideally, old devices should be recycled professionally or physically destroyed so that they can’t be accessed by unauthorised parties.

Reduce your physical hardware risk: secure your data in the cloud

Routers, laptops, and other physical devices are a risky way to store data because they can so easily be stolen.

With secure cloud storage, your data will be encrypted in the cloud – not sitting on your premises. To secure your valuable business information with us, browse our range of packages today.

 Secure your New Business | Cybersecurity

Secure your New Business for the Future: Cybersecurity for Entrepreneurs 

If you’re thinking of starting a business or growing your SME this year, you’re probably already preparing for a number of challenges. Load shedding, the weak Rand, and inflation are difficult enough, and now there’s one more risk to navigate: increased risk of cyberattacks.

More than half of all SA businesses have experienced cybersecurity failures, and many of them are smaller enterprises. While you take your business online to serve new clients, you’ll need to keep bad actors away from your new enterprise.

Here’s why your business needs top notch online security and how to get it up and running.

Cybersecurity isn’t just for big companies

One of the biggest misconceptions among business owners is that cyberattacks only happen to large corporates.

It could be because most of the cybercrimes reported in the news tend to be perpetrated against large corporations and banks, but this mistaken belief persists despite being factually untrue. The latest data shows that SMEs are equally at risk – or even more likely to fall victim to a cyberattack.

  • Globally, more than 45% of cyberattacks targeted small businesses in 2021
  • Many small businesses are forced to close within 6 months of a cyberattack, highlighting the devastating effect that online crimes can have on growing enterprises
  • South African business owners who think they may be immune to this global trend are in for a surprise. SA currently ranks sixth in the world for cybercrime density and some experts feel that this figure may be understated with cyber bullying and cyber extortion often going unreported.
  • One of the biggest cybersecurity risks within a business is its staff, with almost 98% of breaches occurring due to human error.

As an SME owner or entrepreneur, laying a strong foundation among your staff for your company’s cybersecurity has never been more important.

Here are some strategies to consider.

  1. Create a cyber security plan. Every business needs a policy to deal with cyberattack mitigation and a cyber incident response plan to deal with an attack if it takes place.
  2. Recognise the threat and train your team. Compromised data is still largely the result of leaks – and that comes down to human error. Training your team on data best practices will help them seal the information perimeter around your business.
  3. Do the basics well and go beyond them. A good firewall and antivirus software are essential for every small business but they’re not enough. Encrypted, secure, cloud storage, and a professionally installed IT setup can go a long way to keeping your data safe.
  4. Monitor social media and payment gateways. It’s important to be cautious about suspicious social media accounts interacting with your business online. Your social media manager will need to be briefed on the red flags to look out for so that hackers can be spotted before they attack. If your website offers online payment, you need to know that it’s fully secure and encrypted before you process customers’ personal and financial data.

Secure your new business with secure cloud storage

In the event of a cyberattack, having a full backup of your crucial business data in encrypted form can help your SME to recover both financially and in terms of reputation.

To invest in your company’s online safety, browse our cloud storage packages for businesses of all sizes today.

Twitter data breach | Data breach  

Twitter data breach leaves 5 million users at risk

Twitter has revealed that a major data breach in January resulted in more than 5,4 million users’ personal data being lost to hackers. To make matters worse, this information is now being given away on the dark web – potentially putting millions of phone numbers and email addresses at risk of being compromised.

The social media giant, which was recently acquired by Elon Musk, is undergoing a dramatic restructuring as it struggles to retain advertisers.

This latest revelation about data security will add a further layer of challenges to the task ahead for Multi-billionaire Musk and his latest acquisition, as the company does damage control to regain user trust.

One cybersecurity slip up compromises millions of accounts.

Every business handles customer data, but when it comes to social media giants like Twitter, the sheer volume of sensitive information is staggering.

With almost 400 million registered users worldwide the platform is a major target for cybercriminals, and once in a while they manage to breach the company’s powerful online defences.

January’s incident, which was carried out by exploiting an API vulnerability, resulted in millions of users entering sensitive information only to have it stolen by hackers.

The feature that allows Twitter users to find the Twitter ID of other users by submitting their email address or phone number proved to be especially vulnerable to attack. This flaw in the platform’s API mirrors recent incidents in which location-enabled apps like EskomSePush and WeChat have been used by criminals to carry out a variety of illegal activities.

Stay safe while you get social

Keeping your personal data safe when using social media apps is essential in the current cybersecurity climate. Here are some tips that will help keep hackers away.

  • Change your passwords. You should aim to do this at least once a year, with once every three months being ideal.
  • Opt for two factor authentication. This will help ensure that you and only you have access to your account.
  • Beware suspicious messages and emails. You’ll never be required to provide your login details via email. If you can’t do it using the app, it’s probably not legit.

About Soteria Cloud

Based in Cape Town, Soteria offers a full range of cloud storage packages suited to the needs of businesses and families alike. Keep your data safe in the cloud with us.

Protect Yourself from Hackers | TransUnion Hackers

Here’s How to Protect Yourself from TransUnion Hackers (and any other Hackers)

Last month, TransUnion (one of the biggest credit bureaus in the world) suffered a hacking attack at its SA subsidiary with a $15 million dollar ransom attached. More than 3 million client records were stolen during the attack and a further 6 million IDs exposed, with hackers from the group N4ughtySecTU demanding payment in exchange for not releasing sensitive information of “28-million credit records” online.

Since the company refused to pay this astronomical amount, that they said was “extortion”, the stolen data could be circulating online right now – and any South African credit user could be affected.

If you’re worried about the implications of this huge cybersecurity breach, you’re not alone. Fortunately, there are some things you can do to protect yourself from hackers, even if your data has been compromised.

Let’s take a look at the latest news on the TransUnion leak and what you can do to secure your privacy.

millions of customers’ data is on the loose – now what?

In the aftermath of the TransUnion leak, millions of South Africans – including President Ramaphosa –  have become victims of cybercrime overnight. To find out if you were one of them, the best thing you can do is to contact Trans Union directly, although TransUnion advised that affected individuals had been emailed directly.

If you think that your information has been leaked, it’s important to remain calm while recognising that your personal data could be used by criminals. Some of the crimes that leaked data can be used for include:

  • Financial scams
  • Phishing emails
  • Telephone scans
  • Tracking your whereabouts to commit physical crimes
  • Identity theft using your name

If you suspect that you have become a target of online or physical criminals, it’s essential to notify the police immediately. You should also safeguard your information by following the steps below.

how to get back your privacy after the TransUnion leak

In the wake of the biggest data breach to affect a South African credit bureau, TransUnion is offering affected individual access to its TrueIdentity Service free of charge until the end of 2023.

It’s definitely worth accepting this offer, but that alone may not be enough to prevent your information being used by criminals.

Aside from regularly checking for updates from TransUnion, here are some other steps you can take to protect your privacy.

  • Change your passwords on all your important online accounts, including your email and electronic banking profile
  • Don’t use your name, children’s names, or place of work or residence as a password
  • Be especially suspicious of unusual phone calls, text messages, or emails from people claiming to work at your bank or credit card provider
  • Verify any requests for personal information
  • Never click on a suspicious link
  • Change your security questions
  • Keep a close eye on your bank accounts and credit reports

protect yourself from hackers

Taking the above steps should help you secure your data so that you can rest easy.

Wherever possible, activate a two-factor authentication on your accounts which will certainly help block automated attacks, however, it’s important to remember that hackers are sometimes able to bypass multi-factor authentication through bots. To ensure that your business and personal data is fully protected in the future, be proactive about your data security and choose one of our secure cloud storage solutions today.

South African Security Breaches | Hackers

South African Security Breaches Raise Hackles

The latest surge in security breaches during 2021 has raised the hackles of CIOs and business owners who access sensitive data in their organisation, particularly from remote work environments. Hackers have clearly been using the lull caused by COVID-19 to hone and master their hacking skills.

most recent security breaches

In August 2021 soon after the cyberattack on Transnet, the Daily Maverick, a South African daily online newspaper, wrote that leading cybersecurity experts were warning that state agencies such as Eskom and other mining and manufacturing companies were likely to be the “next possible targets” of a well-executed cyberattack. They weren’t wrong…

Here are just a few of the more recent security breaches in SA:

An attempted cyberattack resulted in 20GB of data, taken from the space agency’s servers, being posted online.

It was determined that the stolen data didn’t contain particularly sensitive data. The downtime and stress involved in restoring the data and securing the hacked server would have impacted their productivity levels for quite some time.

Just when you thought you had done everything to keep your kids safe online, a hole was found in the proverbial fence.

Mahala by Microsoft is a site that provides students between the ages of 8 and 24 with free access to Microsoft apps. By simply supplying their name, email address, and phone number, they have access to a free Microsoft 365 license. However, these basic steps also exposed their details to other uses, raising the concern that their personal information could be sold or used for phishing attacks. Microsoft is currently working to resolve the issue.

The SA Justice Department has also become a victim of cybercrime in recent weeks.

It’s thought the department suffered a ransomware attack resulting in large amounts of personal information, including bank details, being leaked, and encrypted for possible sale on the dark web. The courts have had to resort to manual recordings to ensure scheduled cases can continue and a manual process to provide the relevant documentation for burials.

it could have been you!

If you think it’s only large firms that need to invest in data security, think again. Although hackers have targeted large firms and continue to do so, small businesses are also easy pickings. This is because hackers rely on the complacency of employees within small businesses who think that no one would want to hack their data. Unfortunately, this is what they want you to believe.

We recently heard of an SME that was hacked for ransom. Fortunately, they had both offsite and cloud data back up. However, as the attack happened over the weekend and a disc change had inadvertently been missed on the Friday preceding, it meant they lost two days of productivity and incurring the cost of an IT specialist for three days.

our final thoughts on security breaches

Data backup is essential to run your business effectively and safely. Even if you only have between three and ten employees and a handful of clients, if their payment details or personal particulars are hacked, it could result in a substantial cost to your business, not to mention the possible legalities involved. Take the steps to protect yourself and your business today and avoid the inconvenience and cost of a security breach.