Advisory on Black Friday and Cyber Monday
Source: OAK Consulting for Sophos , Author: John Shier
Posted: Thu November 23, 2017 12:54 pm

UAE. As the threat of phishing increases during the upcoming holiday season, John Shier, Senior Security Advisor at Sophos offers a few tips for staying safe online. He has just issued the following advisory:

⦁ If an online deal or email offer with price discounts looks too good to be true, it probably is
Hit delete immediately. It’s common knowledge that though there are some great deals to be had over Black Friday, most products are cheaper or the same price at other times of year, so it’s unlikely you’ll find the deal of a lifetime. The best way to confirm if it is real is to go directly on to the vendor’s site to check the price, and avoid clicking the link in the email which is likely to be malicious. 

⦁ Feel free to browse deals on your phone but be cautious of the wireless network you’re connected to when you’re online shopping
Only ever enter your credit card information when you’re on a secure network that you trust. And remember the best way to keep your money safe is to use PayPal or your credit card. Where possible, avoid using debit cards to purchase gifts online.


 
⦁ Be on the lookout for Typosquatting
This is where cybercriminals take a popular online brand and change one letter or two to trick you into clicking and sharing personal information. Always check the spelling and be on the lookout for smart typosquatting like the famous Tvvitter attack.  

⦁ Be sensible about password security and incorporate length and complexity
Make account passwords different and difficult to guess. Include upper and lower-case letters, numbers and symbols to make passwords harder to crack – you can see the best tips for creating strong passwords here.

⦁ If you’re contemplating clicking the link in an email, take a look at the URL first
Before you click, hover on the link if you’re on a computer or hold down the link on your phone and you should see the full URL appear. Once you can see it look at the source and ask yourself does this look legitimate. Bear in mind that just because the URL has a padlock icon next to it or starts with ‘https’ doesn’t mean it’s safe. As a rule of thumb if you aren’t sure if its genuine just delete it straight away.

Too late? If you think you’ve fallen victim to a phishing attack always change your password immediately. It’s always worth contacting your bank immediately to see if there has been any fraudulent activity.

Photo Captions:
1. (above)  John Shier, Senior Security Advisor, Sophos
2. (inset)  For illustrative purposes only (File photo)

 

MIDDLE EAST BUSINESS COMMENT & ANALYSIS

date:Posted: December 13, 2017
UAE. The first of its kind survey in the Middle East aims at gauging the "market sentiment" and share the internal challenges faced by the downstream industry in the Gulf Cooperation Council (GCC).
date:Posted: December 13, 2017
UAE. Security blossoms in the boardroom; Ransomware has not gone away; IoT - a security time-bomb; Cloud insecurity - it's up to you; GDPR - have most businesses missed the point?
date:Posted: December 12, 2017
UAE. The Middle East's lack of understanding of the upcoming EU regulation is likely to place businesses across a wide range of sectors at significant risk.
dhgate