Mom, someone has spammed my inbox! What do I do?

We have all been there!

I was carefully applying the sugar frosting onto the mouth-watering blueberry cheesecake to offer it a creamy texture. It was the result of organizing best tips from a minimum of ten recipes on YouTube, when suddenly I heard a yell- “Mom!”

I left everything as is (leading to extra frosting spilling over the cake) and rushed out to the dining room to see that my dear daughter was checking her e-mails on her laptop. I see everything was ok with the child so heaving a sigh of relief, asked her, “What is it dear? Any unexpected news? You did scream at the top of your lungs to call me out here?”

Look at my inbox, Mom! I have 50 unread mails, 50… from XYZ bank!”

One look at the inbox and yes, it was indeed strange, or rather this is SPAM- I thought out loud.

My daughter continued, “This one here says the first 50 people to fill up the attached form stand a chance of winning a prepaid credit card of Rs 50,000!! Shall I click and check? I won’t share any personal details, promise.”

“Woah! Don’t even go there little lady. Just think, why should anyone give away such gifts? What do I always tell you?”

The little lady timidly replies, “That there are no free lunches. So I will mark all these unsolicited mails as junk and delete them.”

And then, I just remembered that my excellent blueberry cheesecake is now ruined due to this trail of spam mails.

Like I said earlier, we all have been there. Unsolicited and often suspicious mails pop up in our mail boxes and this is something all parents want to help their kids out with but we too may be unsure whether the mail is genuine or intended to steal our personal data online. Fear not! Here’s a quick refresher on spam so that you and your children can all stay safe online.

Question no. 1: What is ‘Spam’?

According to Intel Security, “Spam is an email message sent to multiple recipients who did not ask to receive it. Email messages are not considered spam if a user has signed up to receive them or if they come from a trusted source.”

Question no. 2:  Why do people send spam?

Well, it could be for any of these reasons:

  • To sell products
  • To phish for information with an intent to exploit
  • Send malware
  • To lure people to inappropriate sites

Question no. 3: What are the most popular types of scams or frauds initiated via spam mails:

  • Employment offers, especially the work from home types
  • Lottery, remittance of large sums from abroad or quick money-making
  • Mails purportedly from your bank, other financial institutions and government authorities directing you to other sites or asking you to download attachments to verify details
  • Dating site scams wherein unsuspecting users are emotionally blackmailed to part with money
  • E-tailer scams: mails from online sellers that ask for more money to ship products (usually expensive)
  • Education offers, especially abroad

The next step is learning to identify possible Spamming techniques by looking out for the following:

  • Check sender’s address – Do you know the sender? Does the email id look fabricated?- Hmm, suspicious
  • Spelling – Spam mails are often grammatically incorrect
  • Tone – The tone of the mail is general, not personal E.g.: It will address you as Dear Customer and not by your first name – Hmm, suspicious
  • Attachments – Does it contain a link to other sites or .exe files? – Definitely suspicious
  • Update details – Is it from your bank or credit card company, asking you to update details or verify password? – Strongly suspicious
  • Lure – Is it about a free gift, lottery, windfall gain, and easy money-making schemes? – Definitely suspicious

Now how do you play Superhero and create a safety shield around your family’s online life?

  • Ensure your Spam filter is turned on
  • Teach kids how to mark mail as spam so in the future these are automatically directed to the spam folder
  • If the child has unwittingly subscribed to some newsletter, show them how to unsubscribe to stop the flood of unwanted mails
  • Spam has even grown beyond traditional tactics to spread on Google alerts, websites and even social media so remember to think before your click and as we always say: STOP.THINK.CONNECT.
  • Help make the internet a safer place by reporting such suspicious sites. You can find Google’s spam reporting tool here
  • And the most important of all, use reputable comprehensive security tools on all devices to keep your family safe online. That’s what parents do best, look out for their young ones.

Stay safe online folks!!


Digital Cleaning? Spruce it up this Summer

Exams are finally over and we are settling into the vacation mood. Hurrah!

And true to your promise, you are now returning smart devices to your kids, and removing internet usage restrictions. Before that, though, you will apply a new scratch guard over the smartphone, painstakingly wipe the dust off the gaming consoles, power up your favorite e-readers, correct? Sort of spring cleaning for the house to add new sparkle and energy to our lives but even more for our digitally enabled devices, isn’t it?

Here’s another thought. Why not use this opportunity to start afresh with our digital lives? Essentially, a scrubbing for all our social media accounts so they become squeaky clean! And while we are at it, let’s also oil the old joints, i.e. tighten up our account security & privacy details online. Better yet, let’s make this a family tradition for young and the old who are young at heart.

Did I just hear you say, “Come again?” Perhaps you are wondering if this is similar to deleting temporary files, running defragmentation and freeing up space on your computing hardware. Well, I am not only recommending a hardware clean-up but also a digital clean-up.

Over the years, we may have signed up for several social media sites, and other online accounts. Gradually however, we limit our activities to a few and ultimately neglect most others. We may be leaving behind a veritable photo-documentary of our life history, dated records, thoughts and actions. Most importantly, with time, the information may not be relevant.

Stay Vigilant:

  • Be Mindful – unsecured old online profiles are likely to fall prey to trolls, bullies and cyber criminals who may even use your digital identity as a front
  • Be Future Ready– It is now a known fact that colleges and would-be employers often check social media profiles of candidates to understand their background. Our virtual records might offer a different perspective, one that we may not want to present in certain scenarios

A digital clean-up also frees us of unnecessary worries in the future by eliminating the chance of leaving undesirable digital footprints.

So it’s time to pick up the virtual dusters!

  • Cut Down: Revisit all content, personal details, pictures, delete or deactivate accounts for sites that you don’t visit any more
  • Privacy settings: Maximize privacy on all apps, especially for kids. Children may not have usernames that reveal their full names. Sharing of details about birthdays, addresses, even school details should be monitored
  • Permission: Update the settings for social media accounts so that every time a third party wants access to personal information, you get a notification
  • Install and update security tools: Do not neglect this step for it is the most vital of all

Two super handy tips that can be used over and above the earlier pointers:

  1. Google Alerts: Set up Google alerts against each family member’s name so that every time their names are mentioned in the virtual space in any context, you would know
  2. Turn on tag notifications for social media accounts: This is to ensure your timeline isn’t filled with undesirable pics

Social media is super exciting but it’s essential to engage with a purpose to have positive effects. Have fun connecting online with new people but do so with the aim of sharing, learning and gaining from such interactions. Remember, appearances and perceptions can change with time for what may look ‘cool’ today may not look so ‘cool’ a decade later.  Most importantly, remember that “What goes online, stays online.” That is, unless, you make an attempt to clean up your digital presence.

And always do keep in mind the mantra- STOP. THINK. POST. so that we have a positive surfing experience!

What You Need to Know About Stagefright

Any mention of stage fright transports us to our schooldays when we had to go up on stage to recite an oh-so-long poem, or act out a part in a play or sing a song. The jitters that came along! Oh yes, we all may have suffered from stage fright to some degree.

But when I talk about Stagefright in this blog it refers to a new cyber threat – a malware that is potentially scarier. In July 2015, security experts discovered several vulnerabilities in the Android operating systems that cybercriminals were targeting with the intent to steal personal data stored on our smartphones. Experts named this group of malicious code “Stagefright,”which is a nickname for the media libraries found in operating systems of our Android smartphones. Intel Security’s Mobile Threat Report for 2016 found that the count of Android-based devices detecting the Stagefright-based exploits has remained steady in Q4 2015.

So how dangerous is Stagefright and why should we be concerned? Well, it allows cybercriminals to remotely execute a code on a user’s phone by sending a specially designed MMS message. All that a cybercriminal requires is the target’s phone number to launch the attack. The attacker can then implant a remote access tool that gives them full access to your device.

This attack could happen while your phone is being charged. This means that the user has no hand in enabling the malicious code on his device, say through clicking on an infected link or downloading a malicious file.

There are even reports about the use of specially designed MP3 & MP4 files used to launch the Stagefright attack. This makes the situation even more pressing here as India has a booming smartphone market and a majority of the smartphone owners rely on the Android ecosystem.

While device manufacturers take note of such macro threats and share regular patches with customers, we must be vigilant every step of the way.

cybermum blog picture

If you are an Android phone user, it is important for you to know the risks that could affect your device and how to protect yourself. So what can you do to keep your device secured and stay safe?

  • Update your device regularly: enable auto updates, for both the operating system and security tools. Yes, even if it means a 10-minute delay in starting your work because the Android tablet or smartphone needs to install updates and restart. While it may be inconvenient it is a small sacrifice to make for the safety of your personal information online
  • Secure all devices: All your devices (and not just the Android-based ones) with comprehensive security software from a reputable brand.
  • Turn off auto open feature: Because MMS-based messages and later, MP3 & MP4 files, were used to introduce the bug it’s wise to keep the auto-open MMS messages feature turned off. Similarly, disable auto-download or opening of files. This will allow you to personally verify authenticity of the source before you open a message or document
  • Err on the side of caution: It is better that you be suspicious and check files and messages before opening them than to be too trusting and fall prey to a cyberattack.

And always remember the cybersafety mantra I share frequently- STOP. THINK. CONNECT.

Don’t act in haste, make time to check and consider all options and consequences before you click on the ‘open’ tab.

Stay safe online!