In modern society, building an inclusive employer brand should be considered mission critical for businesses large and small. The most successful companies are the ones that see challenges and opportunities from many different angles, and having a diverse employee population allows you to do just that. An inclusive employer brand lets you engage, recruit, and hire a wonderful spectrum of people who can bring their varied backgrounds to bear for your business. Simply put, building an inclusive employer brand brings a diverse set of experiences and perspectives to the table, which in turn allows your company to be smarter, more thoughtful, and ultimately more successful.
Three prominent digital services companies in Asia – Digile Technologies, Reveron Consulting, and Innopia Global – have merged to create a digital services powerhouse with a formidable presence in the Asian region.
Vigilance is urged during this 2023 Black Friday and Cyber Monday, as “AI generated scams enhance the threat to this year’s festive shoppers, as it’s revealed over 7 in 10 British people worry that AI will make it easier for criminals to commit online fraud” – NCSC.
But while AI scams like voice cloning, romance scams, and language mimicking are on the rise, “93% of the biggest spenders, millennials aged 24-35, plan to shop during this coming weekend. And they spend an average of $419.52 per person.” But with cyber security threats at an all-time high, how can shoppers and businesses stay cyber safe?
Here are our top tips for staying safe online, and the preventative measures that can be taken while shopping for your latest bargain.
- Be Aware of Phishing & Quishing Attacks
SecurityHQ analysts have recently observed a significant increase in Business Email Compromise (BEC), regarding phishing attacks containing QR code (Quishing) and captchas for credentials harvesting. Quishing attacks usually occur via the scanning of a QR code. This technique involves tricking users into scanning a QR code using a mobile phone. The QR code then redirects the user to a phishing or fake website that aims to steal their credentials.
Read more about Quishing, and how to spot QR Code vulnerabilities, here.
- Read the Small Print
If something seems too good to be true, it probably is. While Black Friday deals can offer huge discounts that are genuine, people still need to make money. Anything ridiculously cheap is a red flag.
What to look for:
- It is worth checking the reputation score of retailers to determine if that retailer can be trusted.
- A website with no company address, descriptions or specifications on items are all red flags. Look for the details. And do not base purchases solely off star ratings, as these can be fake.
- Pop-ups that offer free electronics are obvious scams, containing malicious phishing links, and should be avoided at all costs.
- Read the small print. Often cons are perfectly visible if you know what to look for. Like seeing a picture of a laptop being advertised, going to buy said laptop for a reduced rate without reading the small print, and receiving a literal picture of a laptop in the post. The devil is in the detail.
- Use Reputable Websites/Companies
Tried and Tested – Using websites that are globally known is a good way to avoid any nasty surprises. Even if it is a couple of pounds more, it is worth knowing where your money is going and that your purchase will be tracked and delivered.
Use Antivirus Software that will warn you of potentially dangerous sites in search results as well.
Look For Suspicious Emails, as well as suspicious calls and text messages. Never click on a link you are unsure of, and never provide personal information over the phone. Read more on email security, here.
- Stop, Look, Check, Pay
Secure Sockets Layers (SSL) are used to ensure data is encrypted before being transmitted across the web. It is also an indication that an organization has been verified. Keep an eye out for HTTPS in the address bar rather than HTTP, as this highlights a site uses SSL.
Make Sure the Website That You Intend to Shop on is Not a Copy of a legitimate one. Verify that the date and name of the organization are consistent with the site you are visiting. And look for typos in the URL. Your best bet it to go directly to the website yourself, and do not access it through links on other sites/emails.
When using public Wi-Fi, use a VPN as the most effective way to stay safe and so that hackers do not steal your personal data while you are on an unsecure network.
- Check Your Bank Account
- Use a credit card or payment method which offers protection (i.e., PayPal).
- Check your accounts regularly for fraudulent activity.
- Only provide enough details to complete your purchase (no extra details required)
- Keep Your Passwords Safe & Don’t Use Default Credentials
Default credentials used by applications and appliances are often published on the internet. This can be a big problem. An attacker will typically first scan your network to see where they can move next. If an attacker was lucky enough to identify applications or appliances with default credentials enabled, it won’t take them long to hunt on the internet for these published credentials. Read how to detect default credentials, here.
Finally, keep your passwords safe. Read this blog on password protocols to learn more. Don’t let cyber scams ruin your festive fun this winter!
- Be Aware of Phishing & Quishing Attacks
DigiCert released the results of a global study at its annual Trust Summit conference, exploring how organizations are addressing the post-quantum computing (PQC) threat and preparing for a safe post-quantum computing future.
Alibaba Cloud, the digital technology and intelligence backbone of Alibaba Group unveiled its latest large language model, Tongyi Qianwen.
After years of steadily picking up steam, online learning is experiencing undeniable explosive growth. The market is racing toward $1 trillion, with the corporate e-learning space expected to skyrocket 250% in the coming years. As e-learning continues to expand beyond the walls of academia, another game-changing phenomenon is going mainstream in a big way: artificial intelligence (AI).
A new study from Juniper Research forecasts that the greatest merchant losses to fraud will be via remote physical goods purchases, with losses reaching $5.1 billion across emerging markets in 2028, up from $1 billion in 2023.
Microsoft introduced Microsoft 365 Copilot earlier this year, which will bring powerful new generative AI capabilities to apps millions of people use every day like Microsoft Word, Excel, PowerPoint, Outlook, Microsoft Teams and more.
With new brand identity. LG aims to actively communicate with customers beyond generations and locations
LG Electronics (LG) unveiled a new brand direction and visual identity, which will shed more light on the value of Life's Good with a more dynamic and youthful look across all physical and digital customer touch points.
Mutual exchange of threat intelligence and security innovations bolsters Singapore’s cyber resilience
Google and the Cyber Security Agency of Singapore (CSA) announced a strategic collaboration to bolster Singapore’s cyber resilience. This partnership covers four key pillars: threat intelligence sharing, joint operations, technical collaboration, and ecosystem development.
Prioritizing which vulnerabilities to fix is a challenge for software developers, and the complexities of modern apps and the software supply chain have only made things more difficult. SentinelOne, a global leader in AI security, is partnering with Snyk, the leader in developer security, to ease the burden by integrating Singularity Cloud Workload Security, its real-time Cloud Workload Protection Platform (CWPP) with the Snyk Developer Security Platform.
Yahoo and purpose-led ad platform Good-Loop announced a global partnership offering carbon neutral private marketplace (PMP) media opportunities to advertisers to help them become more sustainable.
Smartphones outsold laptop computers for the first time and the trend is likely to continue as many people acquired a taste to leave their laptops at home in favour of the smaller, lighter devices.While only a few mobile workers currently do all of their work on Smartphones, a survey from research firm In-Stat revealed that over 50% envision using Smartphones as their sole computing device in the future. Thus, security solutions must be in place to protect enterprises from vulnerabilities associated with this growing segment, keeping in mind that the advances in flexibility, power, and mobile access of handheld devices come with a risk. Popular features such as email and Internet connectivity, still-maturing protocols and practices, and expanded access to corporate networks and confidential information, expose enterprises to a vast and growing array of security threats. At the same rate technology makes progresses, cyber-attacks become more complex and sophisticated, including blended threats that can enter and infect multiple areas of an enterprise’s network. Protecting one part of a corpo¬rate network—for example, the network gateway—without protecting endpoint devices, such as handhelds, is a gift for hackers looking for new vulnerabilities and lapses in security coverage. So it is not surprising that handheld devices have become a growing target for malicious activity by organized criminals, who seek to exploit corporate IT vulnerabilities for financial gain.
Is security jeopardizing Smartphones’ popularity?
Smartphones, with their PC-like computing capabilities, are the fastest growing segment, as well as the most vulnerable to security risks of all handheld communication device categories. As they combine cellular phone capabilities with basic tools such as address books and contact lists, additional functionality like Bluetooth, MMS, and streaming video, plus more advanced features such as “push” email and Web access and the fact that they typically access corporate information, files, and resources over the Internet using software, specially designed for remote access and smaller user interfaces, gives an overview of lurking risks. However, given the changing business environment and ever-increasing capabilities packed into Smartphones, it is no wonder that they are rapidly becoming an indispensable part of business. Handheld wireless communication devices deliver real business value, allowing users to access information and applications like never before.
But here’s where it gets challenging. With features such as Bluetooth, MMS, email, and Internet access, handhelds are becoming a backdoor into corporate networks and a new target for malicious activity. Protecting the security at an enterprise perimeter level is not enough, not when endpoints such as handhelds can be used as an entry point for attacks or as a mechanism for spreading malicious activity like virus, worms, Trojans, spyware and other malware. The types of hand¬held threats are already broad and I don’t want to go into any further details here. Already over 400 different mobile viruses have been reported. Security experts and industry analysts expect this number to grow in much the same way that malware affecting PCs has grown over the past ten years.
Access to sensitive corporate data, often over unsecured wireless access points and networks, leaves businesses vulnerable to unauthorized access, loss or theft of data, including intellectual property and confidential customer information, and associated non-compliance with security regulations. Applications like online mobile banking and email expose users to the same types of threats facing PCs, confronting them increasingly with adware, spyware and phishing attacks.
Currently, the greatest threat to enterprises deploying handheld devices occurs when data stored on devices falls into unauthorized hands. An alarming number of devices are lost or stolen every year, and research shows that the vast majority contain confidential business data.
Growing market of handheld devices attracts attention of hackers
As Smartphone operating systems standardize and consolidate, hackers will be able to have an even greater impact for the same level of effort, that’s for sure.
So, let’s take a look at the most common operating systems in order to get a better overview:
- Symbian, an open OS dominated the market for quite some time, but has been outpaced now by Apple’s iOS and the Linux-based Android OS, according to the recent Mobile Metrics report of AdMob.
Source: AdMob Mobile Metrics Report: http://metrics.admob.com/2009/10/placing-admob-metrics-in-context/.
- Apple’s iPhone entered the scene just three years ago and now dominates the market. Running on a mobile version of its Mac OS X operating system, the iPhone software has built-in support for a VPN client and supports a range of Wi-Fi Protected Access (WPA) protocols, focusing on multimedia features.
- But Linux operating systems for mobile phones are also on the rise, as seen with Google’s G1 Smartphone, running the Linux-based Android OS
- Palm OS is a proprietary embedded operating system used on some mobile devices and was a pioneer in Smartphones with the introduction and popularity of the Treo. Research In Motion (RIM) Blackberry devices use a proprietary multi-tasking OS and place special focus on email capabilities.
- Windows Mobile is a compact OS integrated into a suite of applications designed for mobile devices based on the Microsoft Win32 API and runs on multiple hardware platforms.
As malicious entry into any part of an enterprise’s network architecture can be lethal, vulnerabilities have to be addressed by protecting all endpoints, including PCs and handheld devices.
Therefore keep in mind the five primary components to handheld wireless communication device security which are secure remote network access, virus and malware protection, endpoint security policy compliance, data security, and centralized management.
If you are interested in reading the details on how to ensure security and stability of information and network assets, watch out for the second part of this article in the August issue of Asian e-Marketing.
Excerpt from Check Point - Handheld Wireless Security: Business-critical devices face new security threats.