3. Jazannul Azriq Aripin
Senior Executive, Outreach Dept., CyberSecurity Malaysia
Mr. Jazannul Azriq B. Aripin; Senior Executive of Outreach
Department, CyberSecurity Malaysia. He has a degree in
Computer Science from Universiti Malaysia Sabah. A Microsoft
Certified System Engineer (MCSE) and ISMS Lead Auditor. Five
years with CyberSecurity Malaysia doing Facebook Security,
Facebook Forensic, Information Security Audit (ISMS/ISO27001-
2005) and Social Engineering
6. What You Keep Inside Your
Computer
Work-Related Information
company information
(structure, process, systems)
corporate email
business applications access
business servers access
business documents
customer information
vendor information
Personal-Related Information
personal information
personal emails
online banking
social networking
personal documents
personal photos
your dirty little secrets
- Anybody can access ur computer, data…..nak tanya……mcm mana nak tau lappy tu bebetul secure…..
The way hackers nampak…….bukan nya computer itself…..
Hardware
Software
Meatware
Goreng sikit ttg apa yg ada dlm komputer….
In terms of hacker will attack……..ada password or anti-virus….
Secure our computer with a password so that unauthorized users may not have access to our data and personal/confidential information. If we have a shared computer at home that is used by the children as well, each user should have a login ID and a password and as the head of the family, we should create an Administrator's password.
Go to this link to test our password : http://www.cybersafe.my/pswd-checker/index.html
This application is designed to assess the strength of password strings. Just type in our password and get an instant strength rating: Weak, Medium, Strong, or Best. To really pick a good password, we should assume the best case scenario for the attacker, and the worst case scenario for us. When an attacker brute-forces our password, they basically iterate through all possible character combinations.
Don't worry: Microsoft isn't secretly collecting passwords ,this page doesn't record what we type, it merely generates a response based on the nature of the input.
How to create a good password? Please refer below link for more information:
httphttp://netforbeginners.about.com/od/antivirusantispyware/tp/5-steps-to-a-strong-password.
htm://www.microsoft.com/security/online-privacy/passwords-create.aspx
http://en.wikipedia.org/wiki/Password_strength
Http://www.passwordmeter.com/
http://howsecureismypassword.net/
This is another option for the Privacy Setting
How You Connect – control how you connect with people you know
How Tags Work – control what happens when friends tag you or your content
App and Website – control what gets shared with apps, games and websites
Limit the Audience for Past posts – Limit the audience for posts you shared with more than friends
Block People and Apps – manage the people and apps you’ve blocked
This is the new interface for the Facebook Privacy Setting.
Much more simple and easy to read and understand. Each of the option have the explanation for it and this is easy for the Facebok user to know and understand what is all about for each option.
These two option; Control Privacy When You Post and Control Your Default Privacy, basically you can control whose going to read you post and who can view your profile.
We may explore more on the next slide.
DontPhishMe v.1.6.0 has been fully reviewed by Mozilla [1] and Google [2] and it is now available to public.
DontPhishMe v.1.6.0 will be the last major changes/release in version 1 and the whole detection method/algorithm will be changed, re-code and release as version 2.
Here are the changelogs of DontPhishMe v.1.6.0:
1) Whitelist only the domain instead of subdomain and domain to prevent false positive
2) Major famous websites' domain added to whitelist to increase performance and reduce resource utilization
3) Added support for Bank Muamalat
4) Added support for BSN
Waspada sindiket penipuan bungkusan melalui internet
KUALA LUMPUR: Polis Diraja Malaysia hari ini mengingatkan orang ramai supaya berwaspada dengan sindiket penipuan bungkusan yang semakin berleluasa melalui Internet. PDRM dalam satu kenyataan di laman Facebook hari ini menjelaskan modus operandi sindiket berkenaan adalah dengan berkenalan dengan mangsa melalui laman sosial seperti Facebook, e-mel dan laman sembang dalam tempoh satu hingga empat bulan.Selepas persahabatan terjalin, anggota sindiket kemudian memaklumkan kepada mangsa bahawa bungkusan telah dihantar kepadanya sebagai barangan hadiah.Bungkusan itu dikatakan mengandungi barang perhiasaan, wang, emas dan disusuli dengan kiriman resit penghantaran melalui e-mel kepada mangsa. Menurut PDRM, mangsa kemudian akan dimaklumkan oleh sindiket bahawa bungkusan berkenaan ditahan oleh Kastam Malaysia. "Mangsa diminta menjelaskan beberapa bayaran kepada Kastam dan syarikat ejen dengan memasukkan wang ke dalam akaun yang akan diberikan oleh sindiket bagi tujuan menuntut bungkusan terbabit. "Mangsa yang terpedaya hanya sedar ditipu selepas membuat beberapa bayaran sebagaimana yang diminta oleh sindiket tanpa mendapatkan bungkusan itu," kata PDRM. Justeru itu PDRM menasihatkan orang ramai supaya sentiasa berhati-hati dan tidak mudah percaya dengan kenalan melalui Internet dan mengelak daripada menjadi mangsa kepada penipuan jenayah siber itu.
- BERNAMA
Source:http://www.bharian.com.my/bharian/articles/Waspadasindiketpenipuanbungkusanmelaluiinternet/Article
Different names, same parcel scam
KUALA LUMPUR: First, there was 'Greg Kennedy', then 'Clinton Morris' and 'James Mattson'. Now, a Mr John Miller has pierced the heart of another lonely woman in cyberspace in the 245th case of parcel scams this year.
All the scammers were Nigerians posing as Britons and operating from here with local women as their accomplices.
Federal Commercial Crime deputy director II Datuk Rodwan Mohd Yusof said the 245 women had lost a total of RM9.4 million to the fraudsters from January to April this year.
He said 48 Nigerians and their accomplices have been caught over the past four months in connection with parcel scams that has left the authorities baffled over how easily some women are sucked into parting with their life savings.
“It’s puzzling how these women, some of them professionals and well-educated, fall for such tricks easily despite such cases being highlighted in the media.”
He said the well-publicised cases of 130 people charged and convicted for such crimes last year has not helped prevent more women from falling victims to the fraudsters.
Source:http://www.mmail.com.my/content/72699-different-names-same-parcel-scam
Nigerian men like to scam people, they invented UK addresses, European names, even Malaysian addresses to attract the victim. Don't be surprised, some of these Nigerians have Indonesian women friends, and they use their women friend's Maybank accounts. & claiming that these account belongs to the custom staff.
Many of these Nigerian men pretended to be European guys and chatting with Asian girls online and after 2-3 months "online dating", these Nigerians will start scamming the desperate Asian women, by "sending" a parcel which "contains" a wedding gown, cash etc. This parcel scam also involves custom, parcel stuck at KLIA immigration, custom staff's Maybank account
Interesting Story
“Nigerian Parcel Scam Terbongkar Lagi!
Saya kongsikan klip audio, rakaman perbualan di antara saya dan ahli sindiket Nigerian Parcel Scam dirakamkan pada jam 2.30 petang tadi menggunakan telefon bimbit dan dimuat naikkan dengan bantuan rakan, Sabil. “
From Mazidul Akmal Blog
http://www.mazidulakmal.com/2011/05/nigerian-parcel-scam-terbongkar-lagi.html
Email Notification indicates that the parcel has been withhold by Malaysian customs.
Continued from previous slide.
Fake parcel delivery website to convince the victim about the parcel has been arrived and withhold at Malaysia customs.
If the victim enters the tracking code number which has been enclosed in the email notification, the fake parcel delivery website will display the parcel delivery record from origin location to destination. This record is a fake!