Sunday, March 31, 2024

Cyber Scams: ACT AGAINST SCAMS. Protect your data and money with good cyber hygiene

The Straits Times
2024-03-31

In partnership with the Singapore Police Force

ACT AGAINST SCAMS

Protect your data and money with good cyber hygiene

Scan to stop the con-man

By JEREMY THESEIRA

E venings are a time when Mr Ng Jia Xiang, 38, winds down with video games. But one evening in 2021 was anything but relaxing.

"I couldn't log in at all, which is strange as I had not changed my password recently," says the freelance web designer. He didn't, but someone else did - without his knowing who, how or when.

"I became really paranoid," he says, adding how he had previously received unknown email login notifications.

Since then, Mr Ng has been running weekly anti-virus scans on his computer and mobile devices, and enabled two-factor authentication (2FA) wherever possible. He also started using a password manager to save all his login details, and to generate stronger passphrases.

The episode continues to bug him. "I never figured out how it happened, and can only hope that the perpetrators did not obtain sensitive information. I'll just try to keep everything cleaned, checked and updated as much as possible."

Mr Ng's actions are in line with "cyber hygiene" recommendations. The Cyber Security Agency of Singapore (CSA) defines "cyber hygiene" as practices performed regularly to maintain the digital health and security of devices, networks and data.

"Adopting good cyber hygiene practices will enable us to better secure our confidential data and valuables from cyber criminals," says Mr Henry Tan, deputy director of the Cybersecurity Engineering Centre, CSA.

"It is also important for everyone to keep up to date with scam trends as cyber criminals are constantly thinking of new ways to trick victims."

He adds that users can subscribe to CSA's advisories and follow their social media accounts (details at csa.gov.sg) and visit the Scam Alert website (scamalert.sg) for the latest information.

Yet the use of good cyber hygiene practices has been mixed, notes CSA's Cybersecurity Public Awareness Survey in 2022, which polled 1,051 respondents, aged 15 and above. More had enabled 2FA (35 per cent) and installed cybersecurity apps (50 per cent) compared with those polled in 2020 (22 and 39 per cent respectively).

But there was a dip in users who could identify strong passwords (54 per cent, down from 56 per cent) and those who did timely software updates (27 per cent, down from 30 per cent).

To enhance safeguards against scams, the CSA rolled out two initiatives this year.

The Safe App Standard, launched in January, provides a common benchmark and guidance for local app developers and providers to protect their applications, guarding users against common malware and phishing attempts. Measures include having secure authentication mechanisms to validate a user's identity, preventing unauthorised access.

"We encourage developers of apps created and hosted in Singapore to adopt the standard, especially for apps with high-risk financial transactions," says Mr Tan.

An enhanced fraud protection for Android mobile users rolled out last month, in partnership with Google, blocks the installation of apps not registered with Google and distributed through Internet- sideloading sources such as browsers and messaging apps.

The feature will assess and block these apps if sensitive permissions, such as access to SMSes, are requested.

No comments: