Online safety

Kids Online Safety: Five Handy Tips for Parents

When it comes to taking care of our children, the world can seem a very scary place – and the internet even scarier. But attempting to keep kids offline in 2022 is just not going to cut it, so how can we protect them from the darker parts of the web and ensure their online safety?

There are two simple answers to this question – knowledge and communication. If we can empower ourselves and our children with information, and ensure they come to us in situations where they feel uncertain or suspicious, these are huge steps towards cyber safety.

Educate yourself

Do you know how to stay safe online? Have you taken control of your own privacy and security settings, checked your social media conversation controls, and looked into using a password manager? The easiest place to start when it comes to cyber security is with yourself – then, armed with this knowledge, you’ll be ready to help your kids.

Other education actions include talking to your child’s school about the online protection they offer, as well as checking out the main apps and websites your child is interested in to ensure the content is age-appropriate and to understand how they operate. 

Know – and use – parental controls

An innocent online search can quickly lead to a rabbit-hole of not-so-innocent information or images. Parental controls and search-engine filters – although not 100% accurate – can help prevent your child from accessing the majority of online violent and/or sexual material. There are free and paid options when it comes to parental controls, with different levels of protection – the Australian Government’s eSafety website has an excellent Taming the Technology section that covers protections you can access via your home wi-fi network, computers, devices, gaming consoles, smart TVs, web browsers and more.

Note that it’s a great idea to get your child on board with using these controls – discussing with them that they are age and experience appropriate, and letting them know that the use of these tools can be reviewed and changed as they get older. 

Talk openly with your kids (and get involved!)

As noted in point two, talking with your kids, and getting them on board with ensuring their own online safety, is the key here. Your child should know that they can always talk to you about something they’re unsure of online, and they should also know the responsible online behaviour you expect of them (see point four). Encouraging kids to think critically about what they read and see online and teaching them about the public and permanent nature of internet interactions gives them the power to make their own sound – and safe – decisions.

One way to have these open and supportive discussions is to get involved in your kids’ online experiences – talk about their favourite games or apps, take turns to play, and chat about the risks of the internet while you’re there in the midst of it. Talk to your kids about what you think is appropriate – and remind them that this may be different for other families.

Set some ground rules (and be prepared to stick to them!)

What these rules entail will be unique to your family and should also be tailored to the ages of your children. Some things to consider, though, include:

  • the amount time of spent online (or using devices in any manner)
  • where in the house online access can occur (common areas only, for instance)
  • the type of apps that can be accessed or websites that can be visited
  • any definite no-nos when it comes to online interactions (such as never posting or trading personal pictures, never revealing personal information, only being ‘friends’ with people you already know offline, and always telling a trusted adult about any online communication that was odd or scary).

Remember: the consequences for breaking these ground rules should be clear and discussed as a family so that everyone knows where they stand.

Lead by example

Okay, so we all know this one is the hardest, but consider making some rules for the parents too! This might include not looking at your phone during ‘family hours’ and/or switching off work alerts during the same. Don’t be a ‘do as I say, not what I do’ parent!

Need more help? Talk to the Geelong cyber-security experts

Remember, these conversations with your kids aren’t about creating anxieties in your child or preventing them from accessing the many entertainment and educational benefits of the online world. The real end goal here is to give your children the knowledge and skills to use this incredible tool in a responsible and safe manner.

For more information about keeping your children safe online, check out the government’s eSafety website for parents. The helpful team at Geelong Technology Group are also here with plenty of online and cybersecurity experience – don’t hesitate to give us a call on 1300 GET GTG (1300 438 484) or drop by our store at 166 Francis Street, Belmont if you need some further advice or tech assistance.

online safety

Staying Safe Online – Tips for Internet Safety & Security

With so much of our time spent using the internet every day, it has never been more important to promote the safe use of technology, to build digital skills, and to help everyone have safer, more positive experiences online. Taking a leaf from the recent Safer Internet Day 2022, held on the 8th of February and celebrated in 170 countries, the following are some things we can all do to increase online safety (& kindness).

Update your security and privacy settings

Yes – we know – it’s one of those things we all mean to get around to, but don’t necessarily do… But how about this? The next time you’re sitting down with a cuppa, rather than spending five or ten minutes scrolling past images of dogs doing the darndest things or happy snaps of school friends you haven’t seen since school, why not take a moment to check the privacy settings on all of your devices and apps to improve online safety?

We recommend using different (STRONG!) passwords for each online account (and signing out each time you finish). You can also add multi-factor authentication to many apps/accounts for extra protection. Remember that social media sites also have privacy settings to help control who sees your posts and who can send you friend requests – use them!

Locate your location settings (and amend them as necessary)

While it is important for map applications and various other types of technology, GPS location information can also be used to track your movement and whereabouts. To improve online safety when using GPS:

  • Keep your devices (phones, tablets, laptops etc.) secure with strong passwords or passcodes. Do not leave your devices on the default settings, particularly the default device name and password.
  • Turn off GPS and location services when they are not in use.
  • Audit your apps to identify those that use location information and turn off those services unless they’re completely necessary. (If privacy or safety is a concern for you, do not opt into sharing your location through apps that allow location sharing with friends.)
  • Delete the location history from your phone habitually and, for iPhone users, clear out your frequent locations history also.

Manage your online engagement

Online communities and social media options can, of course, be both blessing and a curse, but you can control what you see and read online. Conversation controls are available to help you manage your social media feeds, ensuring your chosen platforms are a more positive place to spend time online. For the lowdown on how to mute, block or unfollow people across various applications, check out The eSafety Guide.

Don’t downplay or ignore online abuse

If someone said those things in a face-to-face public forum – at a bus stop, perhaps, or in line at the supermarket – would they be okay? If not, they’re not okay online either. Research shows that people, particularly women, often downplay online abuse. If you feel it is safe to do so, collect evidence of any online abuse you receive – take a screenshot and save a URL – which can then be used if you choose to report online abuse to the relevant platforms and, depending on the level of harm, to eSafety or the police.

Instagram, Facebook, YouTube, and other social media sites provide community rules to follow. 

Remember: If you or someone you know sees something that’s not respectful, you can anonymously make a report and ask the site to remove it.

Contact Geelong’s technology experts to help improve your online safety.

If you’re not sure how to turn off your location information or you’d like a hand with setting up two-factor authentication on your business accounts, drop by the office or give our experienced technicians a call. We’re here to help individuals and businesses in Geelong, Ocean Grove, Barwon Heads, Torquay, Bellarine Peninsula, Surf Coast, Golden Plains, Colac, and Warrnambool.

1300 GET GTG (1300 438 484)

📍 166 Francis Street, Belmont

Social Engineering

What is social engineering? The psychology of phishing, smishing and scareware

When it comes to the security of our computers and online devices, what we often think of first is keeping them free of insidious viruses – throwing up firewalls and ensuring our anti-virus protection is bang up to date. Unfortunately, those protections can be quite easily overcome by one small vulnerability – human psychology.

Social engineering: a definition

Social engineering is the process of manipulating people in order to obtain confidential information or to trick users into making security mistakes. The term is used to cover a broad range of malicious activities from phishing, smishing, vishing (voice phishing) and scareware, to deceptions such as the ‘honey trap’ (whereby attackers pretend to be romantically interested in the victim) and the well-known ‘Nigerian prince just briefly needs your bank account’ scam.

Social engineering: how does it work?

When it comes to cyber-security, people are often the weakest link in the security chain, with the unpredictability of mistakes made by users making them harder to identify and avoid. It is much easier, for example, to pretend to be a company tech support agent and fool a user into giving up their password than it is to hack that same password (unless, of course, the password is password1!)

Social engineering attacks happen in one or more steps. Particularly when it comes to business attacks, a hacker may first investigate their target to gather background information, such as weak security protocols or potential points of entry. They will then move to gain the victim’s trust and to provide motivation for the user to give up information or to grant access to business resources.

Social engineering: what are a hacker’s motivational methods?

Knowing your Psychology 101 is a good way to avoid being scammed, as social engineering relies almost exclusively on what are known as the ‘principles of influence’ (a theory established by psychologist and professor Robert Cialdini in 1984). These methods of influence include:

 

Authority – whereby an attacker poses as someone ‘in charge’, requesting (ordering!) compliance.

Consensus – influencing users by convincing them that this is ‘what everybody else is doing’.

Familiarity – after all, if you receive an email from a friend, surely the link they have provided is legitimate?!

Intimidation – whereby the attack comes with a threat of negative consequences should the request not be granted.

Scarcity – ‘Only five left!’ or ‘While supplies last!’, which goes hand in hand with:

Urgency – ‘Act now or it will be too late!’

 

Note that scarcity and urgency often both relate to that little human tendency towards greed – many of us don’t want to miss out on something great, which can lead us to clicking first and thinking (and possibly regretting) later.  

Defending against social engineering attacks

When it comes to protecting your business and safeguarding against malicious social-engineering attacks, your defence should be four-pronged:

  1. Ensure the lines of communication within the company are open and positive. If an employee believes that an attack has occurred due to their inadvertent error, the first thing you want them to do is report it – not hide it away in fear of reprisal.
  2. Train your staff to recognise the various methods of influence and to always think, check and double check before providing sensitive information. Cybersecurity staff awareness is key!
  3. Test the effectiveness of your training (yes, you can do some phishing yourself to check if you catch anything!) and redeploy the training often to ensure it is always fresh in the minds of your employees.
  4. Close your protection circle by also implementing cybersecurity measures – this will not only limit the number of attacks getting through to your staff, but can also help to minimise any damage caused by a successful attack.

Call Geelong’s cybersecurity experts 

Servicing Geelong, the Bellarine Peninsula, the Surf Coast and surrounding regions, Geelong Technology Group helps small and medium businesses succeed by supporting and managing their IT requirements. Armed with the latest social-engineering information, we can not only assist your business with security awareness, we can also implement comprehensive cybersecurity solutions, ensuring your important business information is cybersecure.

Give us a call today to find out more on 1300 GET GTG (1300 438 484) or stop by our showroom at 166 Francis St, Belmont.

Clean Up Your Computer Month

January is Clean Up Your Computer Month: Organisation and Efficiency Tips

If freeing up hard-drive space and ensuring your computer is running at maximum speed and efficiency is top of your New Year’s Resolutions list… we’re here to help! (And, of course, even if you think New Year’s Resolutions are rubbish, and you haven’t considered the state of your hard drive for some time, we would still urge you to read on!)

With January officially dubbed Clean Up Your Computer Month; here are some easy ways to clean up your laptop or desktop and get organised for the new year:

Number one priority: Backup your computer

Sometimes when we start cleaning, we can get a little gung-ho with files and something important can be inadvertently deleted along with the ‘trash’. (It’s a bit like vacuuming – the job is going so well that you don’t see those Lego pieces until it’s too late…) So – the first priority of any clean-up is to ensure you do a computer backup first. A backup can involve mirroring your hard drive on an alternate disk, duplicating files to the cloud or backing up your data to an external hard drive. For more details, see our computer backup blog.

Organise your photos and your files

Okay, so we all know that organising photos is never a quick process; reminiscing over that Thailand trip can take hours, after all – but slotting those images into a dedicated Thailand folder (and ensuring they’re backed up to the cloud) will save searching time in the future. Likewise, ensuring your important files are correctly named and placed into a logical folder structure is a kindness to your future self. (Remember: if your computer desktop looks like a giant virtual toddler has scattered documents and folders across its entire surface, this is the place to start. A clean virtual desktop is just as practical and advantageous as a clean and organised desktop IRL. Oh, and while you’re at it, why not check that your physical desk setup is ergonomically sound?)

Delete what you don’t need

Downloads you don’t need? Delete! Files that are no longer relevant? Delete! Programs and applications you haven’t used for months or years? You know what to do! (Actually, with programs and applications – make sure you actually correctly uninstall these, rather than just hit ‘delete’, otherwise they may still be there running and taking up space in the background.) Oh, and when you’re done with your delete-athon, don’t forget to clear your recycle bin as well.

Straighten up your online self

All of this productivity enhancement will be curtailed if you still have 10,077 unread emails in your inbox and no less than 43 tabs open on your internet browser. Make your email attack a three-pronged approach. First, delete old emails that no longer require your attention. Second, create a folder system that will work for you, allowing you to prioritise and differentiate between work, family and friends. Finally, get busy unsubscribing from email lists you know that you don’t need – time spent now will leave your inbox much clearer in the future.

Cleaning up your cookies and deleting your browser history can help improve your internet experience. Further enhance your online browsing by also tidying up your bookmarks (delete those you don’t need, rename and assign to custom bookmark folders those that you do use). And, if you’re feeling really inspired, you could even jump into your social media accounts, ensuring your security and other settings are tailored to your requirements.

Get physical

We wrote a blog last year about the importance of physically cleaning your computer and computer accessories – for your health and for the health of your equipment. If you haven’t checked it out yet, Clean Up Your Computer Month should be an excellent catalyst to do so!

January might also be time to take stock of your hardware and to get rid of those items – laptops, computers, monitors, tablets, mobile phones, printers, chargers, cords or other accessories – you no longer need. Remember that up to 95% of materials from recycled electrical goods can be recovered for reuse, so check out Planet Ark for details on what can be recycled and where.

And finally…

Make sure your cybersecurity is up to scratch (all of this cleaning will be for naught if your system is invaded by a virus or malware) and reach out if you need assistance. The experienced team at Geelong Technology Group can help; backups, anti-virus protection, managed IT support solutions, computer repairs, Ubiquiti phone systems and new software or hardware. So, don’t hesitate to give Geelong’s technology experts a call. 1300 GET GTG (1300 438 484) or stop by our showroom at 166 Francis St, Belmont.

computer_cookies_what_are_they

HTTP cookies, web cookies, internet cookies, browser cookies: What are computer cookies?

They don’t involve raisins or chocolate chips, but they are bite-sized: the computer version of cookies might not be as tempting as the IRL version, but can certainly come in handy. Essentially, computer cookies are small slices of information that enable convenient and personalised web browsing. These small packets of data are generated by a web server and sent to a web browser that stores the cookies for a predetermined period of time. 

What are computer cookies used for?

Generally, cookies are there for web-browsing benefits (although they do also free up storage space on servers). They are used for:

  • Session management to ‘remember’ individual login information and user actions or preferences.
  • Personalisation to customise a user’s experience, often through targeted advertising.
  • Tracking within shopping sites to track items that users view (or have viewed previously) and to record items in a shopping cart while a user browses further. Without these cookies, every time you visited a new page within a site, your shopping cart would revert to ‘empty’.

Different types of HTTP cookies 

Get to know your main two types of cyber-world cookies:

Session Cookies

These computer cookies are short-lived. They last just for the period of time that you are navigating a website – once you exit a site, the session cookie is deleted. These particular cookies are only ever stored in Random Access Memory, never written to the hard drive.

Persistent Cookies

Rather than expiring when a website is exited or a browser closed, longer-lasting cookies – or persistent cookies – expire only after a specified length of time or after a specified date. These cookies are used for two main purposes – authentication and tracking.

  • Authentication cookies help manage user sessions by tracking when a user logs in and under what name. They can also ensure that the correct user information is delivered to the correct user.
  • Tracking cookies log multiple visits to a site over time – building up a picture of a user based on what they browse when they return to a site. This information can be used for targeted advertising, but can also help users by retaining details such as log-in credentials.

Managing your computer cookies (and any cookie concerns)

Computer cookies consist of information that is sent out and back without being changed. This unaltered data cannot infect your computer with viruses or malware. Unfortunately, some internet nasties may be disguised as cookies (known as ‘super cookies’ – which many browsers will be able to block). Some cyberattacks can hijack cookies, enabling access to a user’s browsing sessions.

Cookies are an optional part of your internet experience. However, banning all cookies may make some websites difficult to navigate. Different browsers store their cookies in different places, but all will allow you to remove cookies already stored. Plus, allow you to choose how future cookies are collected or stored. (Generally, the cookie section of a browser is found under Settings > Privacy.)

Choose Geelong’s IT experts for your internet security

Regardless of how you manage and govern cookies, it’s best to remain vigilant and clean up your cookies regularly. If you are concerned about your online security when it comes utilising cookies, or if you’re not 100% confident regarding the online security of your business, Geelong Technology Group is here to help.

With our extensive experience and comprehensive cybersecurity solutions, we can assess your current situation and recommend actions to ensure your business is safeguarded against cyber threats in the future, so get in contact today. 

1300 GET GTG (1300 438 484)

📍 166 Francis Street, Belmont

smishing

What is smishing? SMS phishing attacks and protection tips

When it comes to cybercrime, there’s always something new on the horizon, hoping to catch us unawares. One of the latest is ‘smishing’ or SMS phishing. It’s fast becoming an ever-increasing problem for both individuals and businesses.

 

Definition of smishing

SMS phishing is essentially a form of phishing attack undertaken through text or SMS messages. The messages often contain an urgent notification regarding banking or courier services or an offer for a free product. They aim to manipulate people into turning over sensitive data such as bank account details, credit card numbers, account passwords, or access to a business’ computer systems.

 

How does smishing work?

Smishing works much like email phishing. It uses social-engineering tactics to appeal to our desire to have things work smoothly (Oh no! There’s a problem with my bank account!), to help others (A message from a bushfire relief charity? Sure, I’ll help out!) or to help ourselves (Eighty percent off a new phone? Heck, yeah!). Unfortunately, because text messages seem more personal,  we may be more likely to click a link in an SMS than we would nowadays in an email.

Utilising trust (scammers pose as legitimate organisations), context (lots of people are expecting packages around Christmas, for instance), and emotion (we must act now!), cybercriminals write messages that will generate action. In this case, the clicking of a link within the text message. This malicious link may either trick you into downloading malware onto your phone that then masquerades as a legitimate app (into which you enter your personal details) or takes you to a fake site, again requesting your sensitive data. These apps and websites are often well disguised and look ‘legitimate’, tricking the unwary.

 

How can we avoid smishing attacks?

As more and more mobile phones are used for work, SMS phishing has become not only a consumer threat, but also a business threat. Avoiding smishing attacks is paramount. But how do we do this? First, we need to lose any false confidence we have in text message safety – smartphone security DOES have its limitations, and CAN be compromised. 

So, the best way to remain safe? Follow the golden rule and do nothing. That is, always err on the side of caution and don’t click on links in text messages.

Of course, sometimes we may have clicked a link in a hurry or in error, and some messages may include legitimate links, so how can we manage the risk?

  • If you have clicked on a link that you now believe may be suspect, DO NOT give any personal details.
  • If you believe it may be a legitimate message, but you’re not sure, navigate to the official business webpage via a separate browser or call the company using a number that you look up independently of the text message. (And remember, legitimate institutions are extremely unlikely to request login information or account updates via SMS.)
  • Don’t reply to messages that look suspect, even to text ‘Stop’ – this will indicate your number is active and may prompt further smishing attempts.
  • Only ever download apps from an official app store.
  • Utilise multi-factor authentication (MFA) wherever possible. A password inadvertently provided via a phishing attempt may still be useless to a cybercriminal if the second level of verification/authentication is required.
  • Report possible smishing attempts to the ACCC Scamwatch.

 

Need more information?

At Geelong Technology Group, our experienced IT professionals are here to help you avoid smishing messages, phishing emails, and other cyber-related scams or attacks. Helping homes and businesses in Geelong, the Bellarine Peninsula, the Surf Coast, and surrounding regions with their online security is what we love to do, so give us a call today on 1300 GET GTG (1300 438 484) or drop into our showroom at 166 Francis Street, Belmont.

Cybersecurity

Cybersecurity and the Essential Eight

Although it may sound like a bulked-up bedtime story (remember The Famous Five?!) or a Tarantino flick, the Essential Eight is instead a list of eight essential strategies for Australian businesses to mitigate cybersecurity incidents. The Australian Government, in conjunction with the Australian Cyber Security Centre (ACSC), has created this security to-do list to help businesses and organisations avoid the – sometimes catastrophic – fallout that can occur following a targeted cyber attack.

Read more

Computer back-ups

Quick and Essential Guide to Backing Up Your Computer

If you’re one of the (many, many) people who ‘know they should back up their computer’ but don’t actually get around to it, you may ask – but WHY should I back it up? Well, to put it simply, catastrophes do happen. Even if you’ve taken all the best precautions against malware or virus attacks, hardware can still fail and human error can still occur. And if this is insufficiently backed-up business data we’re talking about, you are putting your entire business at risk.

Read more