Youth debate: Cybercrime Securing our connection

According to the International Telecommunication Union (ITU) and the ABI research, Mauritius ranks 9th when it comes to cyber security. However, we still hear about fraud cases on Facebook.   Cyber crimes are rampant in Mauritius, the most vulnerable being children and youngsters. Still Mauritius can get a good score if the appropriate measures are taken. How do the young people react to this threat? News on Sunday opens the debate...

Yoan Jacob: “We can never really be 100% safe”

Yoan reveals that cybercrime is a word with which people are very unfamiliar. “We usually think of it as a strange word, where only tech professionals are concerned. However, we should be aware that a cybercrime is a criminal activity, carried out by means of computers or the Internet. Eventually, every Mauritian using a computer is at risk of being a victim if he or she does not take the necessary precautions. Cybercrime includes but is not limited to attacks on a computer system, cyber-bullying, email spam and phishing, identity theft, sharing of illegal contents, and the list is long. The first and most basic thing any computer user should do is to use an antivirus. This one precaution greatly reduces a computer user’s risks. Then, the utilization of “strong” passwords is highly recommended. For instance, using a combination of figures, alphabets and symbols instead of common names or a date of birth. At last, being careful to which information you share online can be a great step in protecting oneself: not revealing vacation dates, personal address or credit card information on unsecured platforms.” For him, there are still a lot of measures and we can never really be 100% secure on the Internet. “However, we should always take all the necessary steps to be safe, and this starts with mass sensitization campaigns.”

Mazia Khan: “Stay with more trusted sites”

Mazia argues that it is important for a person to be cautious while using the Internet. For her, the most important protection, which people ignore, is the use of strong passwords. “People tend to make use of passwords that are easy to remember, but this is a risk. Passwords should be at least eight characters long, including a combination of numbers, symbols and letters and most importantly, not related to you. But many people ignore this fact.”

She further adds that “it is also very crucial to stay away from vulnerable sites. We know that some actions put us at greater risk of being victims of a crime. The Internet is the same. Going to hacker’s sites, viewing adult content or visiting sites that are scams can induce a cyber-attack. Stay with more trusted sites. Don’t fall for pop-ups. If an e-mail or pop-up window asks for your username or passwords, don’t do it. Concentrate on what you can do to protect yourself and your computer. Check your financial accounts regularly to ensure that no fraudulent activity has taken place. For business with complex and sensitive operations, this often involves hiring a cyber-security consultant to develop a customized solution. The systems must be regularly monitored and tested, ensuring that they are still effective against emerging cyber-attacks.”

Abhishek Fowdur: “Always be cautious while on the web”

Abhishek explains that an Internet user should always be cautious while using the Internet.  “It all starts with what equipment the user has in his possession. Whether it is a smartphone, tablet, laptop or computer, the user must ensure that the hardware is updated with the latest software and security features, and also verify whether the operating system is not counterfeit. Often, “the windows is not genuine” message appears. This should not be disregarded. For example, on the social networking sites, the majority of people will input data starting from date of birth to job position. But is it safe? The limited information exposed has less chances of being hacked. The user should know what information she/he must provide to avoid adverse circumstances.”

According to him, being in a global world, e-commerce is on its pace. “This platform attracts lots of hackers. But being cautious is one step. Direct payment from credit cards should be avoided. Alternate is PayPal or opting for e-secure provided by the bank. Very often such e-commerce websites are often seen on social networks specifying  “quality products at cheap price.” These are attractive statements for gullible users. Mauritius is not free from cybercrime, as the rest of the world. Mauritius needs the help of more advanced countries to protect its data. The I.P address is the most vulnerable for any hacker to gain access.  High cyber professionals should be formed or brought in Mauritius to give data protection a new direction.”

Avinash Dhondoo: “The best solution is education”

For Avinash, cybercrime is undoubtedly considered one the most dangerous threats for the development of any state. “The prevention of cybercriminal activities is a critical aspect in the fight against crime. It’s mainly based on the concepts of awareness and information sharing. A proper security posture is the best defense against cybercrime. Every single user of technology must be aware of the risks of exposure to cyber threats, and should be educated about the best practices to adopt in order to reduce their “attack surface” and mitigate the risks. We should never forget that the best solution will always remain education. Education and training are essential to create a culture of security that assumes a fundamental role in the workplace. Every member of an organization must be involved in the definition and deployment of a security policy and must be informed on the tactics, techniques and procedures (TTPs) belonging to the cybercriminal ecosystem.”

He also adds: “We should never provide any kind of personal information, which can be sent to scammers when we start filling any form. What we should also know is that Google does not run a lottery business and they never ever provide any kind of money to their users. Therefore, we should always remain alert as an ounce of prevention is worth a pound of cure.”

Ways to protect yourself from cyber crime

• Use anti-virus software: Your net-savvy friend may tell you that he doesn’t have anti-virus on his computer because it slows things down. But look at it this way, one wrong click and he may have to make the entire college project from scratch.  
• Didn’t expect, don’t click: The golden rule: Hackers infect PCs with malware by luring users to click on a link or open an attachment. Social media has helped criminals profile individuals. They can see what you’re interested in or what you [post] about and send you crafted messages, inviting you to click on something. Don’t.  
• Different site, different passwords: Keeping a common password for all online accounts is a lot like having the same key for all locks. Only difference being that it is a lot easier to get hold of the online key. Also never reuse your main email password. But most online users own accounts in over a dozen sites. So either try and use clever variations or start doing some really heavy memory-enhancement exercise.  
• If in doubt, block: Just say no to social media invitations (such as Facebook-friend or LinkedIn connection requests) from people you don’t know. It’s the cyber equivalent of inviting home the guy with an eye-patch who stares at you at the bus stop.  
• Don’t bank on public wi-fi: Most Wi-Fi hotspots do not encrypt information and once a piece of data leaves your device headed for a web destination, any ‘packet sniffer’ (a programme which can intercept data) can intercept your unencrypted data. If you choose to bank online on public Wi-Fi, that’s very sensitive data you are transferring. 
• Only shop online on secure sites: Before entering your card details, always ensure that the locked padlock or unbroken key symbol is showing in your browser. Additionally, the beginning of the online retailer’s internet address will change from “http” to “https” to indicate a connection is secure. Be wary of sites that change back to http once you’ve logged on.
• More than one email account: A hacker who has cracked your main email password has the keys to your [virtual] kingdom. Passwords from the other sites you visit can be reset via your main email account. A criminal can trawl through your emails and find a treasure trove of personal data: from banking to passport details, including your date of birth. A separate account for your bank and other financial accounts, another for shopping and one for social networks is a good idea. If one account is hacked, you won’t find everything compromised.  
• Ignore pop-ups: Pop-ups can contain malicious software which can trick a user into verifying something. “[But if and when you do], a download will be performed in the background, which will install malware. This is known as a drive-by download. Always ignore pop-ups offering things like site surveys on ecommerce sites, as they are sometimes where the malcode is.  
• MACs are as vulnerable as PCs: Make no mistake, your shiny new Mac-Book Air can be attacked too. It’s true that Macs used to be less of a target, simply because criminals used to go after the largest number of users – hat is Windows – but this is changing. Determined attackers are able to find new ways to exploit users on almost any platform.  
• Two-step verification: If your email or cloud service offers it – Gmail, Dropbox, Apple and Facebook do – take the trouble to set this up. In addition to entering your password, you are also asked to enter a verification code sent via SMS to your phone. So a hacker might crack your password, but without the unique and temporary verification code should not be able to access your account. Keying in a password or code 40-plus times a day might seem like a hassle but it is your first line of defence.  
• Lock down your FB account: Remove your home address, phone number, date of birth and any other information that could used to fake your identity. Similarly you might want to delete or edit your “likes” and “groups” – the more hackers know about you, the more convincing a phishing email they can spam you with. Change your privacy settings to “friends” from “friends to friends”.  
• Don’t store your card details on websites: Err on the side of caution when asked if you want to store your credit card details for future use. Mass data security breaches (where credit card details are stolen en masse) aren’t common, but why take the risk? The extra 90 seconds it takes to key in your details each time is a small price to pay.

Source: TNN