Connect with us

TechRepublic spoke with email security firm Tessian’s CEO Tim Sadler, who tells us how to avoid being phished or scammed during the search for perfect presents.

Image: iStock/Madmaxer

The final countdown to Christmas and holiday gift-giving is nigh upon us, and why wouldn’t the 2020 holiday season be as challenging as the rest of the year? Hampered by COVID-19 protective restrictions, brick-and-mortar stores are either closed or limiting how many can go in, resulting in outdoor lineups. Travel bans, stay-at-home orders, as well as half the country experiencing “the biggest storm in several years” while the entire US suffers through particularly cold weather, e-commerce may be the only alternative if you want to give gifts.

Because of the flurry of e-commerce activity, email inboxes are filled with offers and notifications from retailers. For those who’ve already ordered gifts and have had them sent, they expect to hear from those retailers regarding deliveries, etc. This glut of messages creates just the right setting for opportunistic hackers to take advantage of retailers who haven’t properly protected their email domain. In fact, 75% of the top 100 retailers haven’t properly protected their email domain against phishing, spoofing or fraud, making it easier for hackers to impersonate a retailer and guide consumers into thinking they’ve received a legitimate email. 

A noisy inbox is a welcome arena for hackers

“Online shopping is booming this holiday season presenting a big opportunity for cybercriminals,” said Tim Sadler, CEO of the email security firm Tessian. “Hackers like to  take advantage of noisier-than-usual inboxes, crowded with deals, shipping updates, and delivery notifications to hack humans via phishing attacks. By convincingly impersonating a trusted retailer or logistics firm, shoppers may unwittingly download a malicious attachment or click a link that leads them to a fake website.”

SEE: Identity theft protection policy (TechRepublic Premium)  

Retail staff can be a target of cybercriminals, too

It’s not just customers who are in danger of being hacked, but retail staff, too. “Hackers cash in on the people-heavy nature of the retail industry by using social engineering techniques or by impersonating someone in an employee’s trusted network such as a customer, vendor, supplier or colleague,” Sadler said. “If the sender’s display name and email address looks like the real thing, why would a busy, distracted and stressed employee question its legitimacy?”

“Techniques are used to conduct spear phishing attacks that allow bad actors to steal sensitive information or wire money to fraudulent accounts,” Sadler said. “These attacks take advantage of email’s openness by using advanced impersonation techniques, mimicking a trusted relationship in the hopes that the receiver will believe it was sent from someone else.”

Identifying the red flags that signal a scam

Sadler cited “simple checks” to avoid falling victim to a hacker:

  • Click on the display name to reveal the actual email address
  • Check for spelling or grammar mistakes, legit messages rarely have errors
  • Cross-check if the deal in the email is on the retailer’s website and official social media
  • Be alert, this email associated with a sense of urgency or deadline; were you expecting it?
  • Be skeptical of hyperlinks and don’t click on them.

What scammers get for their efforts

“These types of scams are low effort and high reward,” Sadler said. “It’s actually quite easy for hackers to impersonate a retailer and trick people into thinking they’ve received a legitimate email. Hackers cash in on the people-heavy nature of the retail industry, in order to steal sensitive information or wire money to fraudulent accounts. If the sender’s display name and email address looks like the real thing, why would a busy, distracted and stressed employee question its legitimacy?”

In the event that you discover you’ve actually been hacked, Sadler offered solutions and said: “If you receive a phishing message or alert at work, make sure you report it to your IT or security team. If you’re on a personal device, you should report significant attacks to the relevant authorities in your country, such as the Federal Communications Commission (FCC).”

Also see 

Source link

Continue Reading


Samsung Galaxy F62, Samsung Galaxy M02 Spotted on India Support Page; Hints at Imminent Launch

samsung reuters 1585645176745

Samsung Galaxy F62 and Samsung Galaxy M02 have leaked in the past on several occasions, and now the model numbers associated with these phones have been spotted on Samsung’s official support page in India as well. This indicates that both the phones’ launches could be inching closer and Samsung is gearing up to introduce them in the Indian market. Samsung Galaxy F62 is also reported to be called the Samsung Galaxy E62. In some markets, this phone may likely be also called the Samsung Galaxy M62.

MySmartPrice spotted two model numbers – SM-E625F/DS and SM-M022G/DS – on the Samsung India support page. The support page doesn’t offer any details about the phone, and it doesn’t even reveal the commercial name of the phone, but the SM-E625F/DS model number is largely associated with Samsung Galaxy F62, or Samsung Galaxy E62, in the past. Likewise, the SM-M022G/DS is associated with the anticipated Samsung Galaxy M02 handset.

Samsung introduced the Galaxy M02s in the Indian market earlier this month, but the Galaxy M02 still remains in the rumour mill. As per a Geekbench listing, Samsung Galaxy M02 may run on Android 10 and come with 3GB of RAM. The smartphone could also come with the Qualcomm Snapdragon SoC that is clocked at 1.8GHz.

The rumoured Samsung Galaxy F62 has also leaked in images, hinting at a square shaped module on the back. The phone has also been spotted on BIS website and an earlier report also claims that the production of the rumoured Samsung Galaxy F62 has begun at the company’s Greater Noida facility in the Delhi-NCR region. The Galaxy F62 could be one of the slimmest phones from Samsung and it is expected to launch in the first quarter of 2021. Specifications leaked in the past include Exynos 9825 SoC, have 6GB of RAM and Android 11.

Is this the end of the Samsung Galaxy Note series as we know it? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated – see our ethics statement for details.

Source link

Continue Reading


The new Microsoft Edge browser will warn you if your password has been leaked online

istock 964579430

The new Edge 88 browser includes tough new security features, including a password generator and a tool for monitoring whether your login details have been exposed to the dark web.

Edge 88 began rolling out on 21 January.

Image: Microsoft

Microsoft Edge 88 is rolling out to users in the Stable channel alongside some new privacy-focused features, including a long-awaited credentials monitor and a built-in password generator.

The first of these features, Password Monitor, will help users stay protected against data breaches involving passwords. If Edge determines that a user’s login credentials have been exposed on the dark web (or elsewhere), it will notify them within the browser and advise them to update their passwords.

SEE: Identity theft protection policy (TechRepublic Premium)    

Password monitor was
announced by Microsoft last year,

and began rolling out yesterday (January 21) with the release of Edge 88, though it may take a week or two to reach Edge users, Microsoft said.

The latest version of Microsoft Edge, which is based on the open-source Chromium architecture, also features a built-in password generator. When users sign up to a new account on a website, Edge will automatically generate a strong password for the user, which is then automatically saved and synced across their devices.

The feature is similar to the one available on Google Chrome, and helps ensure users are using strong passwords for their accounts, while taking away the onus of having to memorize (or worse, write down) lists of complex, unique passwords for each service they sign up for. This is particularly important when creating accounts for financial services and other websites that require valuable information, Microsoft said.

Password Monitor is available for Windows 7, 8 and 10 users. Password Generator is available to the same Windows users, in addition to being available on macOS. Both features require users to be signed into Edge with a work or school account, and password sync turned on.

Microsoft has made additional privacy tweaks under the hood of Edge 88. This includes more transparent options around data collection, with users now able to dip into the permissions settings and control which sites have access to location, camera and microphone functions. Customers also have more control over how cookies are stored, specifically by allowing them to delete unnecessary third-party cookies while hanging onto ones they want to keep: say, for keeping certain settings in place for websites they visit regularly.

SEE: Top Windows 10 run commands (free PDF) (TechRepublic)

Edge 88 also adds features for making browsing in private mode even more private. Users can now toggle a ‘Strict’ mode within the InPrivate browser that will block any trackers that personalize content and ads. This will prevent users from being shown personalized ads based on their browsing history, which Microsoft said would be useful when shopping for gifts or planning a surprise. This could be inadvertently ruined by an ad that gives the game away, particularly on a shared computer.

For times when even more privacy is needed, Microsoft Edge 88 features Secure DNS. This bolsters security by looking up website addresses over the more secure HTTPS protocol, ensuring data remains encrypted and protecting it from attackers who might try to modify or eavesdrop on the connection.

Users can configure a different secure DNS provider or disable it altogether within the Edge 88 privacy settings. Strict mode and Secure DNS is available on Edge 88 for Windows 7, 8 and 10 users, and on macOS. 

Also see

Source link

Continue Reading


AI-Based Urine Test Diagnoses Prostate Cancer with Almost 100% Accuracy

test tubes

Although prostate cancer is one the most common types of malignancy in men, diagnosis is typically made on the basis of the Prostate-specific antigen (PSA), with an accuracy as low as 30%. Given how unreliable PSA-based testing can often be, many patients require invasive biopsy which often leaves them with long-term side effects, such as pain and bleeding.

To address the situation, researchers from the Korea Institute of Science and Technology (KIST) have recently developed an AI algorithm which, coupled with an electrical-signal-based ultrasensitive biosensor, can diagnose prostate cancer within 20 minutes with almost 100% accuracy.

Commenting on the findings, Professor In Gab Jeong at the Asan Medical Centre said their smart biosensor could also be used for the precise diagnosis of many other types of cancer based on urine sampling alone.

AI Based Urine Test Diagnoses Prostate Cancer with Almost 100 Accuracy

Advanced biosensor and AI algorithm might finally address the problem of wildly inaccurate prostate cancer diagnosis. Image: Darko Stojanovic via

The semiconductor biosensor was engineered to simultaneously measure trace amounts of four different cancer factors in urine. Thus far, cancer factors – present in urine only at low concentrations – have been used for classifying risk groups, rather than for precise diagnosis.

Training of the AI system was performed using the correlation between the four cancer factors obtained from the novel biosensor. Once ready, the algorithm was deployed to analyse complex patterns of the detected signals.

After performing tests on 76 urinary samples, the researchers found the algorithm to be capable of diagnosing prostate cancer with near-perfect accuracy – an achievement that could eventually improve the lives of millions of men around the world.

“For patients who need surgery and/or treatments, cancer will be diagnosed with high accuracy by utilizing urine to minimize unnecessary biopsy and treatments, which can dramatically reduce medical costs and medical staff’s fatigue,” Jeong said.

A study describing the development of the new system was published in the latest issue of the journal ACS Nano.

Source link

Continue Reading