If you're thinking about getting into cybersecurity next year, do it. We need you.

#cybersecurity #securethenation #australia

I understand it can sometimes be frustrating explaining the basics to someone like why password reuse is a bad, bad, not very good, terrible idea. I think it helps to keep in mind though how we'd feel if our mechanic, hair dresser, barista, doctor or dentist made fun of us for not knowing the fundamentals of their field instead of delighting in the opportunity to educate us. It's easy to lose sight of what people are up against when we're surrounded by our infosec echo chambers.

Everyday people are caught in the exact trap that teams of experts over decades have specially designed for them to sell them the feeling of safety while monetising their lack of technical understanding. It's important we help those who are willing to understand, and if we have to, find a way to manage the risk of those who are wilfully negligent.

#cybersecurity #awareness #securethenation #australia #risk

Seeing an uptick in the last 2 weeks of those nasty graphic sextortion emails doing the rounds again for corporates. Thier MO is to spoof the mail headers and make it look like you've sent an email to yourself, giving off the impression your account has been hacked. If you open the email it'll be a wall of text where the cyber criminal claims all sorts of vulgar garbage about how they've infected your computer with malware, they've got recordings of you doing embarrassing things and if you don't pay X bitcoin they're going to send the videos to everyone you know. This is a well known scam.

The part that's scaring people is the email does look like it's been sent from your email account. Hovering over the email doesn't reveal an alternate address, it looks legit. It's not until you check the email headers that you can clearly see it's forged. This content can be very confronting and distressing and that's exactly the point. The juxtaposition between the professional environment and receiving an email like this at work is meant to send you into a tail spin of shame and embarrassment so you don't think clearly and make mistakes.

It's OK, if you've recieved this email many people have received this just like you, it's not your fault, you've done nothing wrong. These people are gross and trying to scam as many peopleas possible and you've just happened to be one of them. It's highly unlikely they have access to your account. Always reach out to your IT or a close twch savvy friend or family member to talk about if you're unsure of what to do in your circumstances. Otherwise block, delete move on.

#Australia #scam #email #cybersecurity #securethenation

Her mother was scammed out of $137 with a Linkt scam she received via text. After her mother paid the "fine", the scammers "checked her account" and found the "fines had actually incurred interest over many months into the hundreds" and asserted she'd need to pay that too or they'd "defer her case to debt collectors and the police." Angry her mother hung up and called her daughter to talk about how "unbelievably grubby" the #Melbourne toll companies were, but did intend to call them back to pay the rest.

This is when the scam was detected. More would have been sent had she not called her daughter to vent, and had the daughter not been able to detect a scam herself. A message from a random number

This is a story of a lady I helped provide reporting resources and advice to for a scam that took place recently.

I read up on the scam and the Australian Communicatios and Media Authority has also made a post about this just a few days ago, they're kicking up a notch presumably with all the holiday travel.
https://www.acma.gov.au/articles/2022-11/scam-alert-toll-road-impersonation-scams

Linkt is also very aware of these scams and has made a helpful post where you can see all the other common scam text examples they warn customers about:
https://www.linkt.com.au/help/security/about-scams/melbourne

Please remember to talk to your loved ones these holidays about the common scams going around in Australia.

#Australia #scams #holidays #cybersecurity #securethenation
*image attachment not working for me at the moment, will edit when I can attach the screenshot

Enable #MFA on that account you've been putting off. Go on, do it bby I believe in you 😘

#motivation #security #securethenation

Every day we unreasonably delay disclosing a breach where password hashes, sensitive or personally identifiable information (PII) is stolen, is a day that victims exposed in the breach lose to protect themselves from harm.

The tough part is what's defined as reasonable differs between people and places.

#breach #disclosure #PII #password #securethenation

Seeing a notable increase of the "Hi Mum" SMS scam being sent out in the lead up to the holidays in AU. If your family is in AU, please remind them of the common scams going around these holidays, it'd be a terrible time to fall victim to one of these.

The "Hi Mum" scam is a "family impersonation” scam. It's not particularly new but scammers will use what works. I've had 3 reports of this scam being successful this past week among quite a few recipients in my circles.

The victim receives an #unsolicited text or social media message claiming to be their child and letting the parent know they've lost their phone, that this is the best way to contact them and to delete their old number. They'll often establish rapport and then ask for money with a premise like they can't access their funds because of their lost phone or they need help with a bill.

Remember to talk to your family about these scams, it's easy to forget to let them know when you spend all day warning others about it for your job.

More info on AU scams can be found here:
https://www.scamwatch.gov.au/
#scam #holidays #impersonation #securethenation