Showing posts from October, 2019

Don’t be Held for Ransom! Tips for Preventing Ransomware

“****, my system has been attacked by ransomware…” has been one of the most commonly said statements in this year alone… The last 12-18 months have seen ransomware evolve from a relatively small hacker operation into a global IT epidemic, and one of the most dangerous security threats facing enterprise organizations today. There is one good thing about ransomware too. It doesn’t discriminate!!! It will attack your system irrespective of the fact your organization is the leader or the follower… you work for greater good or bad.  Before we move further, a brief about ransomware. Ransomware is a type of crypto-malware used for cyber extortion. Ransomware holds a victim’s computer or their files hostage via encryption while demanding payment in exchange for decrypting the files and releasing access to the user’s device. Ransomware is usually spread through phishing attacks containing a malicious email attachment, infected program, or link to a compromised website. Ransomware attacks

6 Best Practices for Email Security

While multiple modes of communication have mushroomed in the past few years, the good old fashioned email remains the top means of communication for the businesses. It also remains the top priority for all social engineers out there who come up with new creative ways to use it to spread malware, enter into the networks or grab a bunch of high profile passwords. The numbers prove it all. Users sent 30 trillion emails in 2018 and around 92% of the malware was delivered through it. If the problem is so severe, why can’t we do something about it? Well, technology can help only to a certain extent. Post that we need to apply common sense which people seem to abandon the moment they step into the virtual world. When I was a kid, I remember, my mother told me not to open doors for strangers if I was alone. This good old fashioned advice seems relevant in the virtual world too. However, we just don’t seem to follow it. Here are 6 best practices/pieces of advice which can help your bu

[ CyberSecurity Awareness Series] The VEC Scam

Bob heaved a sigh of relief after he saw the mail. The payment had been processed and he had immediately received the payment confirmation from the vendor. It was the end of the month and he wanted no non-compliance on the part of his company towards payments of dues. In fact, Bob had looped in the finance department in the emails to ensure payment was processed immediately by the department post validation of invoice. The next day, he receives a call from one of his vendors, IAMVendor, to settle down the dues for this month. Bob tells them that the payment had already been made and in fact, IAMVendor had also sent them the payment confirmation message. In order to avoid any confusion, Bob decides to send them the payment confirmation as well as the invoice sent by them. The next day, Bob receives emails from other vendors too, asking for details as to when the payments will be processed. Bob calls up his finance department and asks them to check with their bank as to why has the

[ Cybersecurity Awareness Series ] The Three Little Pigs

Once upon a time, there were three little pigs. Over time, the little pigs educated themselves. They came back to meet their mother before they went ahead and opened their new companies. Mother told them " Whatever you do, do it the best that you can because that's the way to get along in the world.” For the sake of simplicity, let’s name the three pigs - Harry, Ron and Sean. All three of them had different interests and hence went ahead to open up their companies in different sectors. All of them remembered what their mother told them - “Whatever you do, do it the best.” All three of them had brilliant ideas for their new startups. As they floated new ideas in the market and got a lot of VCs to support them,  but it also turned a lot of bad eyes towards them. One of them was the hacking group, “Bad Wolf” comprising of just 1 bad wolf at the moment. Harry had a new innovative idea of connecting doctors with patients. His mobile app collected the patient’s health info

Cyber Security Awareness Month 2019

October is here and that means it’s time to celebrate the cybersecurity awareness month. While the celebrations may last a month, it's important for us to follow basic cyber hygiene practices all the time of the year. Every year, millions of people are affected in some form or the other through cyber frauds, data breaches, cyberstalking, cyberbullying, phishing and much more. While we cannot say no to using the digital means in our day to day lives, we can surely, as the saying goes “look before we leap” or in this case “look before we click.” At too, it’s time to celebrate the cybersecurity awareness and spread the message across the globe. Every individual should have access to the resources to make themselves safe and secure online. With this aim in mind, during the month, I would be putting up : 10 cybersecurity awareness fiction stories focussing on various themes such as social engineering, phishing, cyberbullying, frauds, data breaches etc. Free Info