Cyber Vigilance Update

Today’s Connection

Cyber Engage Update - 29/03/2023 (#23)

Office Alert

when pushing comes to shove ...

Beware Rising Browser push notification scams

Browser push notifications are a common browser feature that allow websites to send you push notifications.

They can be very handy so of course scammers and criminals have found a way to exploit them. Essentially you are tricked into enabling them so they can then exploit you.

How do these scam notifications work?

  • You can be lured into enabling browser pish notifications while online, usually to access some form of apparent legitimate content.
  • Once enabled, scammers trigger multiple push notifications intending to divert your attention and redirect you to fake scam websites.
  • Scammers will bombard you with notifications for fake crypto accounts, messages from fake dating sites and adverts for products that are all scams.

What can you do?

Ways to protect yourself from browser notification scams include:

  • Only visit trusted websites – Typically game and software activation websites will offer content they think you want to see. You might get caught up in a redirector chain, where scammers try to trick you into allowing push notifications to access their content. Make sure you are always visiting safe version of these sites only.
  • Think twice before you accept – Be wary of accepting any browser notifications in general, so always follow your instincts. Remember, if you don’t allow malicious sites to send any notifications at all, they can’t send you any unsolicited ones.
  • Never click on suspicious links – We know we say this one a lot. But it really works for almost all scams that you’ll come across, from phishing emails to malicious push notifications. They prey on the idea that you may be curious or busy enough to click through. But if you do not know the sender or the source, never click.

Home Alert

Latitude's Latticework

The framework and structure of impending scams is yet to be grasped.

Financial services company Latitude has announced via the Australian Securities Exchange that its mid-March data breach was far larger than originally reported.

The company revealed on 16 March that 225,000 customer records were affected by the hack. However, the number of records exposed by the as-yet-unidentified threat actor is now expected to hit 14 million following an updated release to the ASX.

A wide range of customer data has been affected.

  • Approximately 7.9 million driver’s licence numbers from Australia and New Zealand, including 3.2 million from the last 10 years
  • 53,000 passport numbers
  • Monthly financial statements from less than 100 customers
  • The names, addresses, phone numbers, and dates of birth of approximately 6.1 million customers

Given many of us would have at some stage in our lives purchased items under finance from retail stores such as Harvey Norman, Good Guys etc, the impact of this breach on many Australians cannot be understated.

What can you do?

Whilst more information is still to be released, there are activities individuals can take now. Therefore, It’s important that you:

  • Remain vigilant and monitor all your devices and accounts for unusual activity. Report unusual activity to ReportCyberIDCARE (1800 595 160), and your bank.
  • Be alert for scams that refer to Latitude Finance. Do not click on links in suspicious emails or messages that reference Latitude Finance.

In addition, you can follow these simple steps to boost your cyber security:

  • Updateyour device and turn on automatic updates to ensure you always have the latest security protection.
  • Turn onmulti-factor authentication to increase the security of your accounts.
  • Set up and perform regularbackups to copy and store critical information.
  • Implement access controls to limit user access to only what is needed on devices.
  • Stay up to date on cyber security threats and trends withACSC Alert Service.

Remember to educate your children and ensure you remain vigilant!


This week's Training module


Cyber Threat Reporting (1/1)

Cyber Security Vigilance Program

Version 16-11-2022

Cyber Security Vigilance