Stop Charging Your Phone in Public Ports

Credit:Selena Larson, CNN

As the time period of smartphones increases, its battery begins to retard. First 1 year is very enjoyable; when you are just required to charge your phone only once a day and get all the privileges all throughout of the day. In the beginning the battery even stays for two consecutive days if you do not use your phone very frequently, but as time passes you get to experience a huge lot of problems related to your phone, especially your battery.

It generally happens that when you forget to charge your phone completely, that very day you end up with an emergency when your battery runs out and you are forced to take the help of some unknown source to charge your phone, but this alternative can turn out to be very risky. Recent discoveries have been made where a different kind of scamming was discovered. The public plug-ins that are available on roads, railway stations or hospitals can turn out to be your major enemy in lieu of the benefit of charging.

The hackers are inflicting this public USB ports with some hacking device, which as soon as you connect your mobile with these ports in order to get the battery charged immediately all your information gets copied on the other side. In this world of digitalization, cashless society, paytm, mobicash all your data are mainly saved on your phone because with the help of your smartphones you avail these benefits and the data remain on your phone.
You know that this datas includes all your personal details related to your bank account details and if any scammer gets hold of it you will feel to get penalized without any mistake of yours. Just your casualty will force you to face several consequences.

This whole process involves many technicalities where as you plug in your phone into an unreliable source, your device gets infected, just like your phone gets inflicted by virus when you unknowingly visit unauthorized sites. In this case also the problem is the same by connecting your phone into a public outlet your data gets compromised.

Drew Paik who belongs to a security firm known as authentic8. This Authentic8 develops Silo, which is a high defined security browser that safeguards all the activities related to web.

Remember, the cord that you use to charge your phone is also used to share data from one phone to another. So, you can well imagine that when you plug in the cord to an infected socket what can the consequences be. If the port is truly hacked by the hackers then you cannot even imagine that to what extent they can draw your data.

The easiest way to charge your phone will turn out to be the biggest mistake of your life. So, never connect your phones to this public ports this can lead to serious consequences; you might have to face such problems that you didn’t expect to come across ever in your life.

Lack of Cyber Security Poses Threat to Modern Cars

Cars have evolved so much from being a machine only used for transportation to an all-round smart transport system, integrated with accurate navigation, music and cameras. But as all good things have their own vulnerabilities, equipping cars with accessible technology risks the danger of it being hacked. All cars manufactured in EU should be connected via emergency Call (eCall) services by the month of April in 2018. However these simple mobile devices are not built strong enough to keep away hackers and malicious programs. A research conducted by Hebert Leenstra at the Cyber Security Academy in Hague on Automotive industry, inclines that car manufacturers should take the lead on protecting people from increasing cyber threats.

Modern day cars, including cars that can self-drive are in constant connection with its surroundings. Microchips have been used in almost every car system which controls the basic functioning of the car such as navigation system, music system and managing the car engine. Microchip uses Wifi, Bluetooth, and 4G/5G services to communicate to other cars or networks. A hacker can easily gain access to the car’s network via the internet. The most vulnerable part is the CAN bus where all the vehicle’s ICT systems are stored. A hacker who has gained access to the CAN bus can virtually control the car such as changing speed and applying brakes.

Everything wrong with modern cars

There are some basic flaws and defects in the ICT structure of modern day vehicles that can be exploited by hackers. The entertainment system is often linked with the engine in most of the cars even though there is no apparent reason for these two to be linked together. Also modern day cars rely on using the internet for their navigation systems which can easily be hacked.

What can be done to improve Cyber security?

The research carried out by Leenstra has identified several steps that car manufacturers can take to protect their customers. The first thing car manufacturers should do is change their Can bus design so that essential and non-essential systems are separated making them less vulnerable to cyber-attacks. The government needs to reevaluate their policy that prevents car manufacturers from providing extended support to car software, security and firmware updates. The implementation of the update, which is done via the internet or by a USB stick, should also be reviewed as the UDB device can hold back all kinds of information.

A broader approach could be taken by governments, dealers and insurers in spreading knowledge and information about cyber security. Information Sharing and Analysis Centre (ISAC) established in the United States have taken an aggressive step to stop Cyber-crimes. All parties within the ISAC share information and experiences regarding Cyber-attacks, which Europe can learn from and adapt.

The ICT structures of the modern day cars needs to be completely revamped to ensure customer safety. With the incidents of hacking becoming more frequent, it is necessary to implement measures as soon as possible.

The Ransomware That Knows Where You Live

Ransomware - Scam Email Quoting People’s Postal Addresses -

As per security researcher, an extensively distributed scam email quoting people’s postal addresses tends to link to a dangerous kind of ransomware. After getting to know of an episode of BBC Radio 4’s You and Yours that discuss about the phishing scam, Andrew Brandt, of US firm Blue Coat had got in touch with BBC. He found that the emails seemed to be linked to ransomware known as Maktub.

The malware tends to encrypt the files of the victims, demanding a ransom to be paid before they can be unlocked. The recipients were told by the phishing emails that they owed hundreds of pounds to UK businesses and that they could print an invoice by clicking a link. However, according to Mr Brandt that leads to malware. One of the said emails had been received by You and Yours reporter, Shari Vahl. Mr Brandt had informed BBC that `it was incredibly fast and by the time the warning message had appeared on the screen, it had already encrypted everything of value on the hard drive, it happened in seconds’. Maktub does not only demand a ransom but it tends to increase the fee which needs to be paid in bitcoin, as time passes.

Addresses Highly Precise

One of the website connected with the malware had explained that during the first three days, the fee is at 1.4 bitcoins or around $580 and rises to 1.9 bitcoins or $799 after the third day. The recipients are told by the phishing emails that they owe money to British business and charities when they do not owe them anything. One of the organisations named was Koestler Trust, a charity that tends to help ex-offenders and prisoners produce artwork.

Chief executive Sally Taylor told You and Yours that they rely on generous members of the public and was very distressed when they discovered that people felt they had received emails from them asking for money when they had not been generated by them at all. A remarkable feature of the scam was that they included not only the victim’s name but the postal address as well. Several of them including the BBC staff had noticed that the addresses were generally highly precise.

Data Derived from Leaked/Stolen Databases

As per cybersecurity expert at the University of London, Dr Steven Murdoch, it is yet not clear how scammers were able to gather people’s addresses and link them to names and emails. The data could have been derived from a number of leaked or stolen databases for instance making it difficult in tracking down the source.

Many of the people had got in touch with You and Yours team to inform that they were concerned that the data could have been taken from their eBay account since their postal addresses had been stored in the same format there as they seemed to appear in the phishing emails.

The firm had mentioned in a statement that eBay tends to work aggressively in protecting customer data and privacy which is their highest priority and they are not aware of any link between this new phishing scam and the data of eBay. In an effort of creating the safest, environment possible for their customers, they tend to constantly update their approach to customer data security.

Online Shoppers Must Protect Themselves from Cybercrime Theft

High Profile Data Breaks – Cyber Theft

Online shopping can be very comfortable but most of these shoppers are falling prey to cyber criminals as the fraud rates is on the increase. High profile corporate data breaks have been taking place and a number of the country’s huge corporations from retailers like Target to major web presences such as EBay have conveyed instances of cyber theft which has caused thousands of lost consumer records as well as financial data. Cyber-attacks have not only targeted businesses’ assets and reputations but have also progressively exposed their millions of consumers to identity theft.

This has resulted in making online shoppers a bit apprehensive in indulging in shopping online for fear of cyber theft. Shopping online had become quite popular and convenient from the comfort point of view and also to get to know detailed information of the product intended to be purchased. Recent poll conducted by USA Today, indicated that around 24% of online shoppers are taking a pause on their buying habits due to the possibility of identity theft brought on through submission of their details together with credit card information provided online.

Online Fraud – Biggest Challenges for Payment History

Chris Hamilton, chief officer of APCA commented that online fraud tends to be one of the biggest challenges facing the payment history. He stated that somehow some bad guy tends to get hold of the card number with adequate information to pose to be you and purchase something from an online merchant and consumers should deal with merchants which are reputable that you know. When consumers tend to hand over their details online, by phone or through post, the card-not-present fraud rose by 42% in 2014 reaching nearly $300 million and new figures indicated by the Australian Payments and Clearing Association also found that card skimming at the ATMs is far from dead, had gone up by 17% in 2014 reaching a total of $42.1 million.

The report had outlined that the healthcare and education sectors, together with financial institutions, retailers, government bodies and computer software providers seem to be high objects for cybercrime. This issue has become so serious that the payments industry is now proposing in introducing – tokenisation, which substitutes sensitive information, for instance the use of card numbers with tokens which tend to be useless to a fraudster.

Need to Check Bank Statement Frequently 

The report also indicated the $650 billion worth of transactions that were made on Australian payment cards in 2014, were fraudulent by 0.06% and the average fraud debt was $224. Steven Munchenberg, chief executive of Australian Banker’s Association, said that the customers need to check their bank statement frequently to make sure they are not the victim of fraud.

 He further added that banks are equipped with sophisticated systems in place to detect fraud and if customers are innocent victims of fraud, they tend to bear the loss and not the customers. In 2014, frauds through `tap and go’ payments was comparatively stable around $33 million in lost and stolen fraud which went up by only 2%. In all these situations, fraudsters tend to use cards having contactless payment abilities in making transaction below $100 without the need of a four digit Personal Identification Number.