If you are having trouble viewing this email, click here to view this online

 

VOLUME 55

   ISSUE 55

18 February  2016

Article of the Month Around the World

Stay safe with our Facebook cheat sheet

 

Once upon a time, it was possible to prevent personal data from getting into the hands of the wrong person by using a paper shredder and a bit of common sense.
However, with the rise of digital culture and social sharing, information traditionally shared between friends – such as relationship status, personal photographs, birthdays and even cell phone numbers – can be inadvertently accessible to anyone with a bit of Google search know-how.
For many people, social networking has become a normalized part of social life. As the most established and widely used social networking site, Facebook contains ‘years of details’ about its users’ lives.
The consequences of this information being public can range from anything as serious as identity theft, to making those photos from your friend’s bachelorette party available to prospective employers.
Studies have shown that although 92% of internet users worry about their online privacy, only 29% have taken steps to change their privacy settings to ensure greater protection on social networking sites.
The fact that this information isn’t automatically private doesn’t mean that Facebook doesn’t offer users the option to be selective about the information they share publicly, it’s just up to the user to activate these features for themselves.
Being aware of your privacy settings is empowering in a number of ways. Firstly, you can selectively share positive information about yourself on your public profile. For example, it might be useful to share a piece of work that you’re proud of publicly, but keep controversial political opinions for friends only.
Secondly, you reduce the risk of your account being compromised and your personal information being exploited.
With this in mind, on Safer Internet Day, we show you how to customize your Facebook privacy settings.
 

1. Choose a secure password

A weak password can leave your account vulnerable to being improperly accessed, yet a surprising number of people choose obvious, easily guessable words or phrases.


A good password should be a random word that is at least 10 characters long, with a mixture of upper and lower case characters.


Using something random but relevant – say a word from the 10th page of your favorite book – ensures that your password is obscure without being irretrievable, should you forget it.

2. Setup login alert

Switch on login alerts on Facebook to receive a notification whenever someone logs onto your account from a new device.


If someone attempts to access your account then you will instantly receive an email notifying you of this, which gives you the option of changing your password.

3) Set up login approvals

One step further than a login alert, a login approval means that you will need to input a security code every time someone attempts to access your Facebook account from a new device.


The security code will be unique each time and sent to you via your registered cell phone number.

4) Set up your posts to be shared with ‘Friends only’
 


Set ‘Friends only’ as a default setting on all your posts. If you wish to share something publicly you can change the privacy on a post-by-post basis.

5) Check who can see your personal information

Such as physical address, email address or phone number. Set these to be seen by ‘Me Only’ for maximum privacy.

6) Change who can see posts from friends on your timeline

 

 

 

 

 

 

 

 

 

Avoid sharing your happy birthday messages with the world by limiting who can see posts from your friends in timeline and tagging settings.

7) Set up tag approvals

Review all tagged photos of yourself before they appear on your timeline. You can’t control other people’s privacy settings, but you can prevent yourself being the front cover of your own personal tabloid newspaper!



8) Customize the visibility settings for each individual post



Keep in mind which information will enhance your public profile and which could damage it.
As we mentioned at the start, whereas it may be useful to publicly share a piece of work that you’re proud of, you might prefer to keep controversial political opinions for friends only.


9) Never agree to connect with anyone who you don’t know


Agreeing to ‘Friend’ a stranger allows them access to your public profile. Also something to be kept in mind when connecting with colleagues or new acquaintances.


10) Remember, Facebook has two sides.


Your public profile should be more formal with the consideration that a future employer may see it.
Your ‘friends only’ profile is for people who are interested in you and your private life.

 

Originally Posted here: http://www.welivesecurity.com/2016/02/09/stay-safe-facebook-cheat-sheet/

 

References

1 Statistics on the Internet growth in Sri Lanka
http://www.trc.gov.lk/images/pdf/
statis_sep_2012.doc
2.The Dragon Research Group (DRG)
http://www.dragonresearchgroup.org/
3.TSUBAME (Internet threat monitoring system) from JPCERT | CC
https://www.jpcert.or.jp/english/tsubame/
4.Shadowserver Foundation
http://www.shadowserver.org/wiki/
5. Team Cymru
http://www.team-cymru.com
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
  
 

Valentine's Day app downloads provide perfect opportunity for attacks

  

"...Each February, Symantec sees a spike in both the availability and downloads of apps related to Valentine's Day and dating. The following chart is indicative of how many applications of these types were downloaded (yellow line, left scale) and how many distinct apps were downloaded ...."

  Phishing via SMS – crooks target Australian mobile banking users
   

'...For better or for worse, most of us are familiar with bank-related phishing.

That’s where a crook tricks you into clicking a link that looks as though it belongs to your bank, and then presents you with one or more login screens that look like your bank.

The idea is that by making the experience seem familiar enough, and look realistic enough, you will simply “do what you usually do,” filling in the requested fields and clicking ....'

THE BLACK MARKET FOR NETFLIX ACCOUNTS

   
  

'....Whether you’re using your parents’ password, you share an account with a spouse, or you somehow still have your freshman-year roommate’s uncle’s login information, sharing Netflix credentials is a near-universal experience for the modern couch potato.

But many Netflix users are unwittingly sharing their account with unwelcome guests, too. On thriving online black markets, vast troves of Netflix accounts are on sale for just pennies per login.....'

eBay flaw a 'security risk' to customers

  

'....A security company has identified a vulnerability in e-commerce site eBay which could leave customers exposed to phishing attacks.

Check Point on Friday announced that it had discovered a flaw that allows attackers to bypass the trading site’s validation and control. This could leave customer computers exposed to malicious Java code....'

GOOGLE IS REPORTEDLY WORKING ON AN ACTUAL VIRTUAL REALITY HEADSET

'...Currently, the company’s only foray into VR has been the Cardboard—a literal piece of cardboard that sells for about $20, which users can strap any cellphone into to get a somewhat more immersive video-watching experience than just holding a phone in their hands. According to the FT, Google is looking to build a more robust version of that headset, made of plastic and with additional motion-tracking sensors, akin to what Samsung released late last year with the Gear VR...'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in January  2016
 
  
  Hacked
  Fake
  Other
   
  Statistics - Sri Lanka CERT|CC

VMware narrowing SDN gap with Cisco

'...Cisco says Q2 saw 1,100 new Nexus 9K customers for a total installed base of almost 6,100. ACI gained nearly 300 new customers, bringing the company’s total to over 1,400 since it began shipping in August, 2014.

By comparison, SDN rival VMware saw a threefold increase in the number of paying customers for its NSX network virtualization product from 2014 to 2015, to 1,200. VMware NSX began shipping in Q4 of 2013....'

In messaging apps for teens, talk of danger and dollars

'...Teenagers, a historically wily demographic, are increasingly moving their digital social lives from public sites where their parents hang out to smartphone messaging apps, giving them nearly complete privacy in their online social lives.

Apps such as Kik, Line, WhatsApp, Ask.fm and Whisper can often be used anonymously, without parental controls, and in Snapchat’s case even automatically erase inappropriate pictures. The popularity of these apps is showing up in surveys and focus groups. Kik’s use has soared to 40 percent of teens....'

Beware of Airbnb-themed phishing schemes

"...Airbnb-themed phishing scams do not crop up often, but customers of the service should be aware of the possibility of getting their login credentials stolen and misused.

Malwarebytes’ Chris Boyd has recently spotted an email phishing campaign impersonating the company, and directing customers towards a fake Airbnb login page:..."
7 Android tools that can help your personal security

'...For most Android users, the seven tools below should cover all the important bases of device and data security. Some are third-party apps, while others are native parts of the Android operating system. They all, however, will protect your personal info in meaningful ways -- and without compromising your phone's performance. Plus, all but two of them are free..."
Warning: Bug in Adobe Creative Cloud deletes Mac user data without warning

"...Adobe Systems has stopped distributing a recently issued update to its Creative Cloud graphics service amid reports a Mac version can delete important user data without warning or permission.

The deletions happen whenever Mac users log in to the Adobe service after the update has been installed, according to officials from Backblaze, a data backup service whose users are being disproportionately inconvenienced by the bug. Upon sign in, a script activated by Creative Cloud deletes the contents in the alphabetically first folder in a Mac's root directory. Backblaze users are being especially hit by the bug because the backup service relies on data stored in a hidden root folder called .bzvol. Because the folder is the alphabetically top-most hidden folder at the root of so many users' drives, they are affected more than users of many other software packages..."
Stay safe with our Facebook cheat sheet

"...Once upon a time, it was possible to prevent personal data from getting into the hands of the wrong person by using a paper shredder and a bit of common sense.
However, with the rise of digital culture and social sharing, information traditionally shared between friends – such as relationship status, personal photographs, birthdays and even cell phone numbers – can be inadvertently accessible to anyone with a bit of Google search know-how.
For many people, social networking has become a normalized part of social life. As the most established and widely used social networking site, Facebook contains ‘years of details’ about its users’ lives..."

Security Alert: Mazar BOT Spotted in Active Attacks – the Android Malware That Can Erase Your Phone


"...Our team at Heimdal Security has recently analyzed a text message sent to random mobile numbers. The Geographical extent is so far unknown, so please exercise caution.
The SMS / MMS in question arrives with the following contents (sanitized by Heimdal Security):.."

 
Notice Board
  Training and Awareness Programmes - February  2016
  
DateEventVenue
- 01st February 2016 - 2nd February Workshop on the establishment of school management Software South Asia Centre for Teacher Development Meepe
- 05th February 2016 – 06th February
 
Workshop on the establishment of school management Software South Asia Centre for Teacher Development Meepe 
18th February 2016 - 19th February Workshop on the establishment of school management Software South Asia Centre for Teacher Development Meepe
24th February 2016 - 25th February Workshop on the establishment of school management Software Hindu College Jaffna
07th February 2016 - 12th February Orientation Programme for newly recruited ICT teachers (02 workshops) South Asia Centre for Teacher Development Meepe
- 26th February 2016 Awareness Programme on Database related to the Provincial/Zonal ICT Centers information South Asia Centre for Teacher Development Meepe

Brought to you by: