Japanese government plans cyber attack institute by Online Security

The government of Japan will create an institute to train employees to counter cyber attacks. The institute, which will be operational early next year, will focus on preventing cyber attacks on electrical systems and other infrastructure.

The training institute, which will operate as part of Japan’s Information Technology Promotion Agency (IPA), is the first center for training in Japan to focus on preventing cyber attacks. A government source said that the primary aims will be preventing a large-scale blackout during the Tokyo Olympics and Paralympics in 2020, and stopping leaks of sensitive power plant designs.

The source also stated that there is potential for a joint exercise in cyber awareness between the Japanese group and foreign cybersecurity engineers in the future.

The counter cyber attack training institute will take 100 employees of electrical power and related firms and train them for a full year in Tokyo, using former hackers and cyber security experts as instructors. Funds will be allocated through an extra budget that is currently being compiled.

Cyber security is a growing concern in Japan, where over 12 billion cyber attacks were reported in 2014 by the National Institute of Information Technology. The Japanese national police force reported that instances of cyber crime investigated by the police rose 40% from 2014-2015. In February of this year, a study at Cylance SPEAR identified a hacking group that was targeting Japanese infrastructure. While the group was involved mainly in spying activities and had yet to launch a disruptive or destructive attack, the report warned that the activity was likely to escalate.

The need for a comprehensive cybersecurity training program focused on electrical infrastructure was highlighted after the December 2015 power outage in Ukraine, which left 230,000 citizens without power or heat. That attack, the first time a confirmed hack brought down a power grid, demonstrated the vulnerability of electrical stations to a malicious cyber attack. While employees were able to bring the systems back online in a few hours, the power station control centers were reportedly not fully operational for months after the attack.

In June of 2015, Japan’s pension agency was illegally accessed, and the personal data of over 1 million users was leaked. Then, in January of this year, Japan’s Hokkaido University suffered a breach that resulted in the leak of personal data for 110,000 of its students. An unsecured server in the career placement office was believed to be the source of the hack.

Fighting Online Fraud Through eDNA by Online Security

Long ago, a cartoon ran in The New Yorker, showing a canine seated at a desktop computer. “On the internet,” ran the caption, “nobody knows you’re a dog.”

The same premise holds true today and poses a knotty question in online commerce and FinTech: How do you know the person on the other end of a transaction is really who they say they are? And even if you do confirm their identity, how do you know that person can be trusted?

One firm, IdentityMind Global, provides real-time risk management and fraud prevention through “digital identities,” collecting data across dozens of parameters, separating the financial ecosystem into good actors — those deserving of trust (and completed transactions) — and, well, bad actors.

In an interview with PYMNTS’ Karen Webster, Garrett Gafke, president, CEO and founder of IdentityMind Global, said that the construction of digital identities, by necessity, goes well beyond data that might be thought of as standard, such as a street address, a credit card number or a two-factor security question test.

True merchant risk goes hand-in-hand with global digital commerce and, as Gafke described it, comes in the form of people with little or no history — no history of driver’s licenses, credit cards issued, traditional bank accounts or other standard bits of information. They may not even be scored by the traditional credit bureaus. Yet, these individuals are looking to do business and conduct transactions. Their would-be partners on the other end of the transaction must decide whether to enter into a relationship (however fleeting) with that consumer … or not.

Gafke noted that “transactions of any kind leave a kind of financial, online exhaust” and that each transaction has attributes that, taken together over time, ultimately, can be assembled into a digital identity. “This is real, current information,” said Gafke, “rather than just public, physical information. Good reputations are built slowly, while bad reputations come very quickly.”

That digital identity is established, as Gafke said, in IdentityMind Global’s platform, which links and finds correlations between disparate bits of information and transaction trails that “process, capture, rate and build overall profiles on online identities.” Emails, digital wallets and payments are all linked together, said the executive, to build a “trusted” digital identity.

“Trust” would be the operative word in the relationship between individuals and the firms with which they seek to do business. Trust would also extend to, and be colored by, the people associated with that individual or business. Consider how, in the age of social media, amidst concerns about money laundering, an individual might be viewed with demonstrable trails of following, say, terrorist-linked groups on Twitter.

In a recent whitepaper by the firm, IdentityMind Global also noted that additional data points may come from internet-enabled devices, which can, for instance, help bring location into consideration when determining good actors from bad and in screening across sanctioned individuals or nations.

Using these techniques, said IdentityMind Global in its whitepaper, can help reduce manual review time. There is also a financially positive impact, via a 60 percent reduction in transactional fraud from chargebacks and a 90 percent reduction in fraud that comes at the point of account origination.

Online Security: These Are Today's Top 8 Cyber-Crime Trends According to Europol

In its Internet Organized Crime Threat Assessment (IOCTA) report released today, Europol has detailed today's top 8 most prevalent cybercrime trends, for which investigators have seen a rise in detected incidents since the start of the year.

The report, which highlights an upward trend for volume, scope and material cost of cybercrime, comes on the heels of UK authorities announcing earlier in the year that cybercrime has surpassed traditional crime for the first time in their country's history.

#1: Crime-as-a-Service

Europol says that the digital underground is shifting towards a Crime-as-a-Service business model, with various individuals and groups specializing in a niche crime and providing technical support and service for that crime alone using online services.

From illegal weapons sales to on-demand hacks, and from DDoS-for-Hire services to exploit kit packages, you can buy online almost any type of cybercrime service these days.

#2: Ransomware

If you read Softpedia's Security News section, you can hardly go one day without reading a report on ransomware-related topics. Besides ransomware, Europol also says that banking trojans have been a popular form of malware this year as well.

#3: The criminal use of data

Recent hacks and data breaches have thrust troves of data in the public eye, which crooks are leveraging for other hacks, fraud, and even extortion.

#4: Payment fraud

Europol says it received a large number of fraud complaints, which were traced back to organized crime groups hacking ATMs, EMV, and contactless (NFC) cards.

#5: Online child sexual abuse

The large number of online tools and services providing complex and unbreakable end-to-end encryption, along with anonymous payments supported via crypto-currencies has resulted in "an escalation in the live streaming of child abuse."

#6: Abuse of the Darknet

More and more crime-related activities have now moved to the Darknet (or Dark Web), a portion of the Internet for which you need special software like Tor and I2P to access. Criminals are taking advantage of the anonymity these networks provide to go about their business unabated.

#7: Social engineering

Europol says that spear-phishing incidents aimed at high-value targets have gone up in 2016, and it highlights the increase in CEO fraud (BEC scams) attacks.

#8: Virtual currencies

Europol says Bitcoin has become the de-facto standard currency for extortion payments. This is also the reason why Europol established a Bitcoin Money Laundering Division earlier this month.

Phishing and Other Suspicious Emails by Oakmere Road

Phishing refers to an email that attempts to fraudulently acquire personal information from you, such as your Apple ID, password and/or credit card information. On the surface, the email may appear to be from a legitimate company or individual, but it's not.

As a general rule, never send credit card information, account passwords, or extensive personal information in an email unless you verify that the recipient is who they claim to be. Many companies have policies that state they will never solicit such information from customers by email.

If you are concerned that your Apple ID or other Apple accounts may have been compromised, please refer to Apple ID Security below.

Reporting Suspected Phishing Attempts

If you receive what you believe to be a phishing email purporting to be from Apple, please send it to reportphishing@apple.com, a monitored email inbox, which does not generate individual email replies.

Forwarding the message with complete header information provides Apple with important information. To do this in OS X Mail, select the message and choose Forward As Attachment from the Message menu. For other email applications or webmail based services, consult your provider’s support information to determine how to forward messages with complete headers.

Additional Information Regarding Phishing

For more information about identifying legitimate emails from the iTunes Store, see Identifying legitimate emails from the iTunes Store.

For more information about identifying “phishing” emails, see Identifying fraudulent ‘phishing’ emails.

Reporting Other Suspicious Email

To report spam or other suspicious emails that you have received in your iCloud.com, me.com or mac.com inbox, please send them to abuse@icloud.com.

To report spam or other suspicious messages that you have received through iMessage, please send them to imessage.spam@apple.com with the requested information.

Apple ID and Account Security

For information about best practices in Apple ID security, see Apple ID: Security and your Apple ID.

For information about two-step verification for Apple ID, see Apple ID: Frequently asked questions about two-step verification for Apple ID.

If you believe that your Apple ID has been compromised, please visit Apple ID to change your password immediately.

If you need additional help, contact Apple Support for assistance:

- Apple ID Support

- iCloud Support

- iTunes Store Support

- iPhoto Support

- Apple Store Support

Frequently Asked Questions (FAQ’s) - Axia Consultants

about Axia’s RFI/RFP Templates     

General questions

·         How impartial are your RFI/RFP Templates?

·         Why should I spend GBP £100 or more, on a tool to help me select new software?

·         Our software selection process has started and we’re already talking to vendors – have we left it too late to use a Template?

·         What will you do with our (confidential) personal information?

Template content questions

·         How accurate is the information in your Templates?

·         We have one or more software product areas that we are interested in, which are not covered by your Templates. Is there any way we can add them?

·         Do you have industry specific versions of your Templates?

·         Do you have country specific versions of your Templates?

·         I am unsure which Accounting Template to order - both Essentials and Professional versions appear to be suitable?

·         Are the contents of the two individual HR and Payroll Templates the same as the combined HR Payroll Template?

Template user questions

·         How do I amend the Template to my requirements?

·         What if we need help with a Template or with the software selection process?

·         Should I base my software purchase decision solely on vendor responses from the RFI/RFP Templates?

·         What if I don't like your product?

Consultant Questions

·         I only recommend / work with software products I know, so how can your Template help me?

·         We already use a similar RFI/RFP tool – so why should we consider an Axia Template?

·         Are there consultant versions of the Templates which can be used to support multiple clients / organisations?

·         Can your Templates be used as a training tool or for educational needs?

General questions

Q: How impartial are your RFI/RFP Templates?

A: Axia’s Templates are completely impartial. Axia does not operate a referral service and we do not receive any payment from any software vendor. As such, we have no vested interest in the software solution you ultimately select. We are only concerned with giving you impartial information and knowledge for a successful software selection.

Q: Why should I spend GBP £100 or more, on a tool to help me select new software?

A: The process of selecting new Accounting, Business Intelligence, CRM, HR or Payroll software can be very time consuming and frustrating. Axia’s Templates follow a structured methodology and will significantly reduce the time it takes for the whole selection process. If you compare the value of time saved for those involved within your organisation with the cost of a Template, you will see your investment paid back many times over.

Q: Our software selection process has started and we’re already talking to vendors – have we left it too late to use a Template?

A: Not at all. Our Templates are used within many stages of a selection process and even within implementation stages eg to flesh out detailed requirements prior to configuring and testing. Other organisations use our Templates to check that they have included all their requirements within their new system specification. It’s rarely too late to use a Template in the software selection process.

Q: What will you do with our (confidential) personal information?

A: Axia is committed to protecting your privacy. We only use your information to process your order and provide impartial consulting advice/services. We will not share, rent, sell or give away your personal information. For full details, please visit our Privacy Policy.

Six Holiday Booking Scams to Avoid - Bacall Associates

Don't get ripped off by fake airline tickets, timeshare schemes or travel scams with our guide to six cons that target people booking holidays.

The first few months of the year are some of the busiest times for holiday bookings, as those fed up with the cold, wet weather think about escaping to sunnier climes.

But if you are about to book a holiday, you need to be on your guard, as fraudsters are ready to pounce on those distracted by the excitement of organizing a trip to a dream destination.

Here we look at six of the common scams, the warning signs, and the steps you can take to protect yourself.

1. Dodgy accommodation websites

When booking a holiday, you need to keep your wits about your to avoid getting duped by a fake travel website.

A common crime sees fraudsters hacking into the accounts of well-known accommodation sites, or redirecting people to bogus imitations.

If you do book through one of these so-called “clone” websites, you could end up handing over money for a villa or apartment that simply doesn’t exist.

Always check the authenticity of travel providers before booking a holiday and a do a thorough online search to check the firm’s credentials.

If the company has been defrauding people – or has a bad reputation – it’s likely that consumers will have posted warnings about it.

Also look to see if the holiday provider is a member of a recognized trade body, such as Abta or Atol.

But watch out for “fuzzy” logos for trade associations – as well as for credit card companies – as this could be a warning sign that the site is not genuine. Be sure to do your research before parting with any cash.

2. Fake airline tickets

You need to check – and check again – that the plane tickets you are buying are genuine. If not, you could end up parting with cash for a fake ticket, or a ticket that never arrives. Flights to West Africa are particularly prone.

If the flight prices you are looking at are considerably cheaper than competitors, proceed with caution, as this could be a scam.

You should also be wary if you are offered a discount for paying the whole bill upfront. Most legitimate bookings will require you to pay a deposit, and then the remaining balance a month or so before the trip.

The key is to go with your gut instinct: if something sounds too good to be true, it probably is.

Do all you can to ensure you are buying from a trusted and reputable source. Also bear in mind that buying direct from an airline will often work out cheaper.

3. Watch out for fraudsters targeting big sporting events and caravan stays

It’s also worth noting that big sporting events are often targeted by conmen, with sports fans ending up out of pocket on hotels and tickets for events such as the recent World cup in Brazil.

In addition, criminals will often target caravan stays, and will post fake promotions for accommodation on Facebook, as well as advertising websites, Craigslist and Gumtree.

4. Take care before posting holiday details on Facebook

Think carefully before posting any information about your forthcoming trip on a social-networking site, such as Facebook, Twitter or Instagram, as you could end up essentially advertising the fact you are going to be away.

Fraudsters will trawl sites such as these in search of details about people’s holiday plans, and could then target your empty property while you are away, safe in the knowledge that you are not at home.

If you do want to share details of your travels, be selective about the information you post, and avoid discussing holiday plans on sites which are accessible to the public.

5. Watch out for copycat websites

If you need to apply for a new passport for your holiday, take care not to get caught out by a copycat website. These sites offer access to online Government services, but often charge a premium for a public service which is either free – or much cheaper – when accessed via the official site.

To avoid getting duped, go directly to the Gov.uk site.

Also exercise caution when applying for a European Health Insurance Card (EHIC) – the card which entitles you to state-provided healthcare either at a reduced cost, or for free.

A host of unofficial sites will offer to help you through the application process – often for a fee of up to £25.

But there is no need to part with any cash, as you can apply for a card for free at Nhs.uk.

6. Fraudulent resort presentations

Once you’re on holiday, keep your wits about you if you get invited to a so-called “holiday club” presentation in the resort in which you’re staying.

You may be persuaded into attending by the lure of a “free” holiday.

But if you’re not careful, you could get duped into buying a timeshare – and if you pay by bank transfer or cash, there is often no means of getting your money back.

Reporting fraud

If you do suffer the misfortune of falling victim to fraud, you should register your concerns at Action Fraud on 0300 123 2040. 

Meir Ezra Proven Ideas Make You Affluent

George was tired of being broke.

Every day was a struggle. "How will I pay my bills? I'm going deeper into debt. I can't afford to buy anything."

So George constantly worked on new ways to make money. "If I could invent a new can opener, all my money problems would be over. Maybe I could sell funny hats on the Internet. If I found some investors, I could open a new underwater restaurant."

George had tried a few ideas, such as manufacturing a razor blade that never got dull, building the world's largest tree swing and selling lamps made of salt. All his new ventures had failed. To survive, he had to work at McDonald's as an assistant manager.

George felt he should solve his money problems with new untried ideas. Unfortunately, unproven ideas are often wrong.

Affluence

"Affluence* Attainment, consists of . . . Doing the things that won, not new things untried as yet." -- L. Ron Hubbard

(Affluence: abundance; wealth)

In other words, you cause an affluence, not from new ideas, but from things that have already worked. Even new ideas that create wealth are based on several proven ideas.

George decides to try out this approach. He asks himself, "What has made me money in the past?" He lists the following:

• Selling shoes at a store paid $350 per week.

• Selling sunglasses at weekend festivals paid $1000 per weekend.

• Buying old cars, fixing them up and selling them. The last car he restored, a 1961 Ford Mustang, earned $1500 profit with two weeks of work.

• Working at McDonald's pays $560 per week.

George realizes he can go back to his two best-paying jobs immediately: sunglasses and car restoration.

He convinces the sunglass company to give him 200 pairs on credit so he can sell them at an outdoor market that weekend. He then finds a wrecked 1988 Mercedes and makes a deal to buy it for $500, on credit.

George quits his McDonald's job. He makes $800 selling sunglasses that weekend. He spends three weeks on the Mercedes and sells it for $4500.

George uses old, proven ideas to boost his income.