Online systems have been compromised, and a new scam is taking advantage of this

Scam alert: “I know your password”

The latest scam we’ve seen – “I know your password” – is both beautiful and scary. Read on to find out how to beat it.

Online systems have been compromised, and a new scam is taking advantage of this

Online systems have been compromised, and a new scam is taking advantage of this

Recently, some of our clients have reported receiving strange emails. These are more than the run-of-the-mill spam, they are from persons unknown claiming to know one of your passwords.

And here’s the thing – they do know one of your passwords. It’s there, in the email, in all it’s uncovered glory.

The sender usually uses this information and claims that they have infiltrated your computer with some sort of malicious software, which then used your webcam to record you while on the internet; typically claiming you’d visited some salacious web site or other.

And along comes the blackmail… pay $1,000 in bitcoin (or some variation) or else!

The “or else” usually involves telling the world your dirty little secrets.

Don’t be a scam victim

Most people freak out – and rightly so – because the password shown is genuinely one which they use, and human nature (working the way it does) leads people to be easily convinced that the sender has accessed their computer and will carry out their threat. Even if the receiver has done nothing wrong and visited no seedy web sites, the fear of what might happen is terrifying.

So, let’s pull back the curtain to see why this happened, and what you should do about it.

Many online systems (LinkedIn, Yahoo, and eBay, to name a few) have been hacked in recent years, and if you have an account on these systems it’s possible that your password was stolen. You should use this web site to see if you’ve been a victim of one of these password thefts.

If you have, then a bunch of your information would have been lifted; your name, password, possibly address and date of birth. Credit card information is usually not taken from these sites, as that information is kept separately.

In and of itself having a password stolen from an online system is not a good thing, but the real issue is if you use the same password on multiple systems.

Once the hack is done, the scam begins.

These thieves will try your email and password combination to login to other systems, and if you use the same combination elsewhere then those systems can be accessed by them. Increasingly, systems include 2-factor authentication to stop this; logging in requires more than an email and password for these systems, but most don’t.

Scammers will try many attacks, but the softest target is you.

What to do

If you receive this type of email DO NOT IGNORE IT.

The scammers most likely haven’t installed any software on your computer; their real target is money.

The #1 thing to do is change your password to any online systems which have been compromised; again, check this web site to see if you’re a victim of these.

The #2 thing to do is install anti-virus and anti-malware software on your computer. iHelp IT can help you with that, as part of our iCare Essentials package.

And finally, the #3 thing to do is to not visit any of those web sites…

Protect yourself

Contact us at info@ihelpit.com.au to find out more about protecting yourself with iCare Essentials

 

Related Tag: IT Support Sydney

tax-deduction

Get 3 Years of Tax Deductions in 3 Weeks!

Three Year Tax Deduction

Get 3 years of tax deductions in one hit.

Right now the Australian government is practically throwing money at you in the form of tax benefits. What are they and how can you take advantage of them? Read on!

A few weeks ago I wrote a blog post titled Replace or Die, showing a number of recent hardware failures experienced by our clients, and when you should look at replacing your computers (hint: it’s 5 – 7 years). No matter how good your equipment is, these failures invariably happen to good businesses!

Since writing the original blog post, we’ve had 2 more client computers experience sudden hardware issues, so the trend continues. True, as an Apple tech support company we do see more than our fair share of hardware issues, but our IT support experience guarantees us that it will happen to you, sooner or later.

The great news is that it’s the perfect time to replace your Mac, Windows PC, and any computer related equipment you may have. Read on to find out why.

The tax reward, and how to get it

The Australian Federal Government is letting small businesses claim the depreciation of any asset purchased in this financial year (to the value of $20,000 per asset) in one hit. This is great because normally assets are depreciated over several years.

To qualify, all you have to do is:

  • Have an annual turnover of less than $10 million (the majority of small businesses do)
  • Buy your new gear by 30 June 2018

Example

Peter runs a marketing business which had a potential tax bill of $85,000 in FY 17/18. Peter decided to replaces his 5 desktop computers, 4 notebooks, 2 iPads, projector, colour laster printer, and server. Each item is under $20,000, and in total Peter spends $29,000 on the gear. This saves Peter $7,975 in taxes, reducing his tax bill from $23,375 to $15,400, while at the same time refreshing his entire office IT.

Peter doesn’t have to think about depreciating the gear over 3 years; it’s all done in one step.

Of course, this is just an example, so please always consult your accountant regarding any tax or other implications and benefits for your business.

Why now?

June is the obvious best time of the year to do this, as it’s the last month of the financial year, an purchases made now will minimise the time gap between buying your new assets and reaping the tax benefit.

Hurry!

There isn’t much time until the end of June 2018! If you have a shopping list ready, or even just want to investigate what you should buy, contact us at info@ihelpit.com.au, or call us on 1300 469 622 and we can help you get the ball rolling.

Related Tag: IT Support Sydney

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

Replace or Die

Broken iMac

Over the past 4 weeks, the iHelp IT office has been inundated with a number of iMacs, MacBook Pros, and PCs with hardware problems.

In the words of the late, great, Tyler Durden, “on a long-enough timeline the survival rate for everyone drops to zero”*.

Computers are no different. Parts wear out and die the death.

What struck us, though, was the number of computers with hardware issues in a relatively short period of time. We thought maybe there was a curse, maybe solar flare activity, maybe even aliens!

But, when we looked closer, it turned out to be the ubiquitous frenemy to us all: time.

Out of the 8 machines which have had hardware problems in the last 4 weeks (yes – that’s 2 a week), the youngest was 4.5 years old. The rest were all over 5 years old, and that’s significant.

Why 5?

Big things tend to have longer lifespans than smaller things, so the size of a thing might be a fairly reliable indicator of how long it should last; it’s useful life. There’s even a theory on this – called the Rate-of-Living Theory.

That’s all well and good for the living, but can this theory be extended to the non-living, and specifically electronics?

To find out, we charted the lifespan versus the size of a smattering of common electronics, below.

Common Electronics Lifespan

The size and lifespan of common electronics. The bigger the thing, the longer it lasts.

As you can see, as a general rule of thumb, the theory seems to hold. Both lifespan and size are trending in the same direction (though not at the same rate!). Big things last longer, but it’s not linear.

Recently, I wrote a blog post on the new iPhone X, in which I specifically advised iPhone 6 and 6 Plus owners that it’s time to upgrade. This, and telco phone plans generally, would seem to give smart phones a useful life of 2-3 years before parts start to fail, the new operating system runs too slow, and new apps don’t work.

Applying this to computers, and recent events, we have a new golden rule: the rule of 5 years.

And this fits nicely with out size v lifespan chart, above.

Tipping Point

One of the 8 machines which recently failed had the simplest (and most common) of failures; a hard disk failure. This machine was from 2011, and it’s value on Gumtree was around $450. To replace a hard disk the cost is typically $110 for the hard disk, and an average of 3 hours of labour (replace the hard disk, install macOS, migrate the data from a backup), or $594.

Total cost $704, which is a lot higher than the resale value of the Mac.

Is a repair worthwhile? No (unless you get the Mac for free!)

At some earlier point in the now 7-year-old iMac’s life it was the same cost to fix it as you’d get to sell it.

This point in time is the Tipping Point**. Insurance companies know it. Tyler Durden knew it***.

A 21.5 inch iMac around 5 years old will go for anything from $700 – $900 on Gumtree, whereas leaving the decision to sell for another 2 years means that instead of getting an average of $800 for it on Gumtree, the owner is now up for a $700 repair bill.

The tipping point has passed and it’s not worth repairing. You could say it’s time for the tip.

As an added sting, 2 years ago $800 would have covered 1/3 the cost of a new iMac. The now-broken iMac covers none of that cost.

Act Now

Now is the time to check if your Mac is over 5 years old, or even approaching that age.

A working 21.5 inch iMac from 2013 will run the latest macOS and is readily sold. The money you get for it can go towards a replacement. You don’t have to sell it – you might have kids, a niece, or just a local school that could do with a working computer for a classroom.

It’s your choice.

If you’re not sure how old your Mac is and want guidance on what to do, then call iHelp IT – we’ll help you to replace and not die.

Related Tag: IT Support Sydney


* Tyler didn’t say this, but the protagonist has no name.
** I just made this name up; but it’s pretty good.
*** I’m assuming that Tyler was at least aware of the rule.

 

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

10 Reasons to Upgrade to iPhone X TODAY

iPhone XFinally. At last. About time!

It’s taken a good while, but you can get an iPhone X today; just walk into an Apple store or your nearest and dearest telco; they all have them in numerous quantities.

But should you?

I’ve never been one of those guys that lined up outside an Apple Store to get the first of anything. I did get the iPhone 3G on it’s release day – but that was because I was working at the Apple Store at the time! I’m the kind of guy that will wait until I need to upgrade to something.

With my iPhone 6 Plus workhorse, the need was clear; it’s performance was… stuttered. The moment Apple released iOS 11, the writing was on the wall. In ink. Etched. Chiseled. Written in thirty-foot high letters of fire, even*. Months of pain dealing with the sloth that had become the iPhone 6 Plus needed to end.

And that was the single reason to make the jump, but the result has been a complete delight and a new love for iPhone.


Stunning Design

iPhone Design Unlike my old iPhone 6 Plus, iPhone X looks better in real life, even without the benefit of photoshop. The web imagery does no justice to the finish. The smooth shine of the glass front, the depth of the glass back, the stunning chrome edge.

iPhone X feels good in the hand too; significant but not cumbersome. The screen is large, but the device is compact, due to what’s been taken away.

Don’t underestimate design. Design is more than looks and feel.

If you’ve ever seen the documentaries Helvetica or Objectified, you’ll understand that design is more than the look of a thing – more than vacuous beauty. If design ended there you simply wouldn’t use a thing. The stunning design that starts with the outside continues throughout every tiny, thoughtful aspect of iPhone X.

And, yes, I’ve seen both Helvetica and Objectified.

Call me crazy.


Face ID

Face IdThis is it. It’s the mother feature. The main selling point. The reason for iPhone X to exist.

And also probably the most under-appreciated.

Gone is the ubiquitous Touch ID fingerprint identification; replaced with a technology so seamless that it feels like magic. Face ID uses 30,000 (count them!) dots, sprayed across your face, to learn who you are, and then uses your face to unlock everything which would previously need TouchID, or (even further back in time), your passcode.

Does it work? Seamlessly. Outside of on-screen cues that FaceID is being used to unlock your phone, make app-store purchases, log into online banking, or populate your password on a web site, it’s literally as simple as looking at your phone – something you do every minute you use it.

I’ve thrust my phone into several people’s faces and tried a photo of myself (and others) to try to fool it – it doesn’t get fooled. I setup FaceID with my glasses on, and it recognises me with them off, and even with my hand covering my chin (as you do when you’re looking at your phone, thinking). Apple claims the phone learns how your looks can change over time, so growing a beard isn’t an issue. Does it work if you have a large bushy beard, and then shave? I’m not sure about that, but it does work if I cover the entire beard area of my face – so it well may!

FaceID also makes iPhone X more secure. For example, when locked, your phone tells you that your have a notification, but doesn’t reveal the content until you look at it. Arthur C Clarke is quoted as having said “Any sufficiently advanced technology is indistinguishable from magic”.

Magic, meet FaceID.

And, yes, FaceID does work for the blind. By default, FaceID requires you to look at the iPhone to activate, but this can be switched off, such that all you need is a face.


That Display

iPhone X DisplayWhile FaceID is staring at your face all day, your face is staring at the display, so changes to the display are always a big deal, and iPhone X’s display has changed in major ways.

Firstly, there’s size. At 5.8 inches it’s bigger than any other iPhone screen. The display is the phone. The bigger size is a no-brainer, though going bigger always has the potential for associated downsides. Making the display the phone means that, despite the bigger screen, iPhone X is surprisingly compact.

Secondly, there’s OLED. OLED displays show true black – not just very dark grey – but actual, lack-of-light, black. Colours on OLEDs really, really, pop, the displays are thinner, and they use less power than LCDs. OLED hasn’t been without it’s flaws; colours shift depending on the viewing angle and can change over time, and they have struggled in bright light (notably, daylight), so Apple’s been slow to the OLED party, knowing that it’s customers expect only the best. Apple’s implementation has mostly dealt with these issues, and implemented OLED as a retina display, and the result it spectacular.

Androidians will tell you the Samsung Galaxy S9 has a higher resolution display (570 ppi versus 458 ppi on iPhone X), but the human eye can’t see past 300 ppi, so I’m not sure of the point.

iPhone Notch

Out, damn notch! (Photo by Qi Heng/VCG via Getty Images)

Finally, there’s the elephant in the room – The Notch. To get iPhone X as small as possible Apple made the, um, bold design decision to take a notch out of the top of the display, where the front-facing camera, earpiece, FaceID, and various other sensors live. Personally, it bugs me. I don’t notice it like I did a week ago, but I would have preferred 5mm more height and no notch.

Having said that, the notch doesn’t interfere when it really counts; viewing wide-screen videos, taking a screenshot, taking a photo, or scrolling through your photos. Apple has told developers to embrace the notch. Some are avoiding it, but mostly you just don’t notice it, like watching a play when someone with a bouffant is sitting in front of you and off to the side a bit – it’s a tiny distraction in your peripheral vision that you eventually get past.

On the plus side, having the notch does make iPhone X smaller overall, and this is a good thing. While I love the larger displays of the iPhone Plus line and other “phablets”, my 6 Plus was always too big for my hands. It was OK in my pocket, but making calls was like holding a frying pan to my cheek!

iPhone X has a big, beautiful, bright, poppy screen in a compact form factor – imagine Cinerama, in a phone booth. It’s only slightly bigger than the iPhone 8, but its screen is roughly the size as the iPhone 8 Plus. Finally, I can watchStar Trek Discovery on Netflix, in the dead of night, on a gorgeous, personal display.

What a display!


No Home Button

With FaceID replacing TouchID, we say goodbye to the home button, an integral part of iPhone since day one. It’s sudden removal is one of those jarring deletions that Apple is famous for, and I didn’t know how I would deal with this, but relearning takes very little getting used to. The home button single-press functionality has been replaced with a swipe up from the bottom of the display, and double-press has been replaced with swipe-and-pause. These changes take a short minute to learn, and you quickly realise Apple had prepared us for these gestures when it released iOS 11. It’s not a terribly dramatic change.

I knew I’d mastered the gestures when I found myself trying to use them on my iPad. Oops. My finger no longer drifts to the home button, but automatically swipes upwards, to no avail, alongside that awkward moment when I expect my iPad to unlock itself just by giving the camera my best Blue Steel.

The removal of the home button is philosophically in line with Apple’s loathing of buttons; I’m surprised that volume and power are even still buttons, and not little touch pads. No doubt they will disappear when a completely submersible iPhone is released in due course.


The Camera

iPhone CameraiPhone has always been at or near the forefront of mobile camera photography, and – as the archetype of all smart phones – is indirectly responsible for the mass accessibility of consumer photography, and consequently, for trillions of pointless #beentheredonethat photos. We’re all guilty!

The iPhone X camera represents a major upgrade over iPhone 6 / 6 Plus. Since I’m not a photo buff, I’ll leave it to others to go into a detailed technical analysis, and just skip to what it means for your family photos and videos, and why they’ll look so much better.

Pixels pixels pixels. iPhone X’s camera sensor has more megapixels (12 versus 8), so photos have more detail and look sharper. Should you ever, you know, accidentally print your snaps, they’ll look great – even if blown up as posters. Want proof? Check out Apple’s Shot on iPhone campaign, littering billboards literally everywhere.

Low light? No problem! For those intimate family dinners, iPhone X takes better photos in low light, with less graininess. Take you happy snaps with natural lighting instead of filling with flash and avoid those awful night-time shadows.

Optical zoom. Like the iPhone 7 and 8 range, iPhone X has an optical zoom – not just a fake digital zoom. OK, it’s just 2x, and there are phones with 10x zooms, but they have heavy trade-offs; either the processor is slow, or the screen is small, or they can’t shoot 4K video, or they have low storage – you don’t get something for nothing!

The best portraits, Jerry. The best! This feature is my favourite, as it’s so simple and creates such beautiful photos. Take a portrait of your best friend / girlfriend / cat / pot plant, and see the background fade into soft focus, and your eye drawn to the subject. Magic.

Then there’s 4K video. Newer TVs, TV shows, and movies are all in 4K, and iPhone X can shoot 4K at up to 60 fps (frames per second) – sharp and smooth, like Barry White. You could shoot a film with iPhone X, and then watch it on your 70-inch home TV. Don’t believe me? Fine… ask You Tube. This video compares iPhone X to a professional grade video camera.

If you’re serious about taking well-above-average photos and video, then I recommend investing in 3 more things: a lens kit (Moment, for wide, telephoto, fish-eye, and macro), a gimble (for super-smooth motion), and time; to learn how to set up your shots and make photos and videos. Check out this video to learn how to shoot more cinematically.

Most importantly, I can report that I look both stunning and frightening in selfie portrait black-and-white with stage lighting!


Sheer Performance

Everything is punchier – everything reacts when you say go!

I can’t remember the number of times I’ve yelled at my iPhone 6 Plus with iOS 11 installed. “Go, you tendrille’d beast! Push forth thou sloth!” – or words to that effect.

Yes, iOS 11 is great. Yes, on a phone as old as the iPhone 6, it’s awful. Even after wiping my 6 Plus and not restoring from backup, it still sucked the life out of me, making me wait for everything. With the 6 Plus, I was actually scared to install apps. Was constantly closing them. Was always looking to reduce background tasks or minimise add-ons, and forever waiting. Waiting. Waiting…

iPhone X features more of everything that makes a computer go faster; faster processor, more processor cores, more memory, and faster graphics. The end result is that you’re never left waiting for iPhone X to do it’s thing. It’s performance is smooth no matter what; and that’s all that really matters.


Augmented Reality

Augmented RealityAR is the next big thing in mobile phones.

Do not be fooled into thinking it’s all Pokemon Go. Yes there are cute games, like The Machines, which transmogrifies your kitchen table into a superhero battleground, or classics like Halo, now available in AR form. There’s the general silliness of animojis, where your face is used to animate a cute emoji, or Snapchat’s weird take on that, by layering masks and floral haberdashery onto your animioji face.

But all this is the tip of the AR iceberg.

The tremendous performance, display, and multiple sensors in iPhone X make it a perfect AR tool. Like the humble mobile phones of the 1990’s, AR will unlock new opportunities, and likely impact 3 areas in addition to the obvious (games).

Tradies. Apps like Magicplan, which lets you create floorpans on the go with just your iPhone X, are great for real estate agents, architects, and others in the building and renovating industries. Alongside this are design apps like IKEA Place, which lets you place virtual furniture in your living room.

Retail. Bricks and mortar retail has been significantly eroded by online stores, but AR can enhance physical shops, making the experience distinct from, and superior to, online shopping. Nothing beats tactile interaction, and AR can significantly improve the physical shopping experience in ways online cannot ape.

Education. Insight Heart is an app which places a virtual human in your living room and then lets you extract and examine it’s huge, bloody, beating 3D heart, suspended like a fugitive from a horror movie! It’s surreal and educational! Rolls Royce has a Trent 1000 app; for those times you just have to know how this engine works. It’s easy to see how these AR apps will quickly become educational must-haves.

Like the first iPhone apps, the computer GUI, and the invention of the mouse, AR is disruptive because of what it will let people do, and that will be figured out in the coming tomorrows.


Audio

iPhone X leaps ahead of iPhone 6 and 6 Plus in the speaker category, with stereo speakers, and front facing audio. Plus, the earpiece acts as a speaker when you’re watching videos in landscape mode, so you can actually hear stereo.

Of course, you’d never seriously watch anything without your AirPods, but – in the event you’ve left them at home, the audio coming right from the phone is awesome, and loud enough to hear most anywhere.


Battery Life and Wireless Charging

iPhone Battery Timing Yes – iPhone X has a smaller battery that iPhone 6 Plus, but it uses that power better, mainly due to the OLED screen needing less power than an LCD screen. The end result is that I have around 35% power left after a full day’s work, whereas my iPhone 6 Plus would be at around 15% at the same time, and tanking.

This means that I can go out after work, take photos or videos, make calls, even tether, confident in the knowledge that I won’t need to recharge before I get home late into the night. This makes a much bigger impact on how you use the phone than you’d think – you no longer have to plan to charge your phone before you head out for a big night.

Unlike the case with photography, I am an avid fan of increased battery life and thus appreciate the iPhone X’s alleged two extra hours of power between charges (compared to an iPhone 7). I had no time to assess this scientifically, but can verify that my unit powered through the usual late-afternoon low-battery doldrums and still seemed to have some juice when it came time for nighttime charging. That charging occurred on a wireless pad—though, at this point, adding another gadget to the house just to free myself of plugging in a cable seems a dubious trade-off.

No matter how good the battery is (unless it’s a radioactive diamond battery), then eventually your iPhone will need re-charging. Wireless charging is new for iPhone. Along with my Apple Watch and AirPods, I can now use a variety of charing pads which adhere to the Qi charging standard, to charge my gear just by putting them down on the pad.

No more looking for the cable – or worse – the right cable. Imagine a table top which charges your phone. The real beauty here is that you no longer have to think about these things – they just automagically happen.


Water Resistance

iPhone X is rated IP67, but what does that mean?

The first digit (6) refers to dust – so no dust should be able to get into my iPhone X. This is great for, um, gardening, going to the beach, visiting a dustbowl…

The second digit (7) refers to water – under lab conditions, iPhone X was submerged in water of depths of under 1m for 30 minutes, and didn’t sustain any permanent damage. In reality you can get the phone wet, and don’t need to panic in the rain or if a bottle of coke spills over it (aside from the sugar), and should even be OK if it takes a quick dip in the tub. But don’t go swimming with it. Having said all that, the touch screen doesn’t work if either it or your hands are wet.

It’s better than my old iPhone 6 Plus, but there’s a ways to go for true water proof-ness and usability.


So, Should You Upgrade?

With every single iteration of the iPhone, Apple has claimed that it’s the best one the company has ever made. But for this anniversary edition – coming at a time when critics are griping that the company had tumbled into an innovation trough – Apple’s genuinely pushed the iPhone to the next level.

Tim Cook calls the iPhone X “the future of the smartphone.”, and I agree.

If you have an iPhone 6 or *gasp* older, just go out – today, right now – and upgrade to iPhone X.

You’ll thank me later.

* thank you, Douglas Adams

 

SaveSaveSaveSave

SaveSaveSaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

New Mandatory Data Breach Notification Laws

Catherine Higgins from Lawbase

New Mandatory Data Breach Notification laws came into effect during February. Catherine Higgins from Lawbase explains how these laws affect you, and what you need to do in the event of a breach.

Why are they needed?

Strong data management is integral to the operation of businesses and government agencies worldwide.  At the same time, data analysis has been widely recognised for its value as fuel for innovation.

This noted, one of the biggest risks organisations face with data management is a data breach.  A data breach involving personal information can put affected individuals at risk of serious harm and consequently damage an organisation’s reputation.

A change to the law

To support this protection, on 23 February 2018 and for the first time in Australia, those subject to the Privacy Act 1988 (Cth) (the Privacy Act) now have a mandatory obligation to promptly report eligible data breaches to both the Office of the Australian Information plainmissioner (OAIC) and any individuals who may be potentially affected by the data breach.

Mandatory data breach notification is designed to protect the individuals affected by a data breach so that they may take the necessary steps and measures to protect themselves from any harm or damage.

We believe notifying affected individuals is simply good privacy practice as it gives each person the opportunity to take proactive steps to protect their personal information and also helps to protect an organisation’s reputation by displaying transparency and openness.

Examples of an eligible data breach could be:

  • There is unauthorised access or unauthorised disclosure of personal information
  • Personal information is lost in circumstances where unauthorised access or unauthorised disclosure of the information is likely to occur
  • A reasonable person would determine that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates.

Notification obligations

If you believe there is an eligible data breach, there is a requirement to provide notification as soon as practicable.

The notification obligation involves a two-step process.

  • The organisation must prepare a statement containing certain (prescribed) information about the data breach and provide it to the OAIC
  • The organisation must then notify the affected individuals.

The notification statement must set out:

  • The identity and contact details of the organisation
  • A description of the eligible data breach
  • The kind or kinds of information concerned
  • Recommendations about the steps the individuals should take in response to the eligible data breach.

Will the new laws affect me?

Organisations with a turnover less than $3 million a year will fall outside the legislation.

Noting this, however, the Privacy Act does apply to some types of businesses with an annual turnover of less than $3 million so the new laws may still apply.  These businesses can include health service providers, gyms, child care centres, private schools, businesses that sell or purchase personal information and credit reporting bodies.

We recommend you confirm your status with OAIC.

How do I prepare if I’m impacted by these new laws?

First of all, don’t panic!  Experts are reporting that as many as 44 per cent of eligible Australian enterprises are not yet ready to comply with the new changes.  This said, you need to get your business up to compliance as soon as possible.

Taking reasonable steps to minimise risk

Eligible organisations should be proactive and take appropriate and reasonable steps to ensure the security of personal information.  It will, of course, depend on the circumstances and be determined by the following:

  • The nature of the entity holding the personal information
  • The amount and sensitivity of the personal information held
  • The possible adverse consequences for an individual
  • The information handling practices of the entity holding the information
  • The practicability of implementing the security measure, including the time and cost involved
  • Whether a security measure is itself privacy invasive.

Noting this, as guidance, the OAIC has advised that reasonable steps would include:

  • Performing or conducting Privacy Impact Assessments
  • Implementing Privacy by Design principles
  • Performing information security risk assessments
  • Creating and maintaining a Privacy Policy
  • Having a comprehensive and up to date set of information security policies
  • Restricting physical and logical access to personal information on a "need-to-know" basis
  • Keeping your software up to date and current
  • Employing multi factor authentication
  • Configuring your systems for security
  • Employing end point security software
  • Security monitoring tools to detect breaches
  • Using network security tools
  • Penetration testing exercises
  • Vulnerability assessments
  • Having a data breach response process

The Guide

For those that have begun the above process or those that need to act quickly to become compliant, we strongly recommend you review the OAIC Guide.  It has been prepared to assist Australian Government agencies and private sector organisations prepare for and respond to data breaches in line with their obligations under the Privacy Act.

As an overview, it is broken into five key parts.

Part 1: Data breaches and the Australian Privacy Act

This section outlines the requirements of the Privacy Act that relate to personal information security and data breach response strategy.  The principles contained within the Privacy Act for the handling of personal information may be adopted by any entity to lower the risk of a data breach occurring and to effectively reduce the impact of a data breach.

Part 2: Preparing a data breach response plan

The faster you respond to a data breach, the more likely it is to limit any negative consequences.  A data breach response plan is essential to enable a swift response and ensure that any legal obligations are met following a data breach.

Part 3: Responding to data breaches — Four key steps

An effective data breach response generally follows a four-step process — contain, assess, notify, and review.  This part of the guide outlines key considerations for each of these steps to assist entities in preparing an effective data breach response.

Part 4: Notifiable Data Breaches (NDB)

This section outlines the requirements of the NDB scheme under the Privacy Act.  The NDB scheme contains mandatory data breach reporting obligations in relation to certain data breaches, and requirements to assess suspected data breaches.

Part 5: Other sources of information

The obligations of the Privacy Act in relation to data breaches co-exist with other reporting obligations.  This section assists entities in identifying where they can find information about other data breach reporting requirements

Are there any penalties if I don’t meet my requirements?

Yes.  If you don’t comply with the notification obligation, you may be subject to anything from investigations, or in the case of serious and repeated non-compliance, substantial civil penalties.

In saying this, we believe not acting to protect the information of someone in your ‘care’ is simply bad practice and penalties should apply.

If you have any questions on the new laws or would like to discuss any elements surrounding them, please contact the author, Catherine Higgins, at Lawbase (lawbase.com.au).

 

Related Tag: IT Support Sydney

Password Security

Perfect password security

Your passwords are a tremendous security measure, but sometimes they seem to be no more than an inconvenience, designed to stop or slow you from accessing a computer or web site.

For decades (literally since the 60s) passwords have been the first line of defence to secure access to computer systems, and are increasingly important against a growing cyber threat; from the password you type to log in to your Mac, to the PIN you enter on your iPhone.

Even apparently fancier technologies like Apple's TouchID and FaceID have only one job; ensure access to the existing PIN on your iPhone. It's the PIN (or more complex password) which in turn actually unlocks the phone.

So passwords aren't going anywhere, and consequently it’s always a perfect time to review your approach to passwords, and find out how a few simple changes can give you an immediate security boost.

But, in this digital world, password are everywhere. Each time you login to your computer, iTunes, FaceBook, Google Drive, iCloud, work-based systems, DropBox, Zomato, Seek, Uber, Tinder, and (of course) the numerous financial systems which we take for granted these days. The list is almost endless.

So how do you effectively protect yourself?

Do you go the simplistic route, and pick one really good password and use it everywhere? No. Absolutely not. If someone gets that password then you're compromised everywhere.

But having secure, unique passwords to everything is unusually complex, and entirely impractical. So now what?

Fortunately, technology (the cause of the problem) also has a number of solutions. Below are 6 ways in which you can get the best of both worlds; security and simplicity.

This article should be viewed as essential reading, not just as a set of recommendations.

Related Tags: Mac SupportApple Support Australia

SaveSave

SaveSave

SaveSave

Go Long

Despite what all those prompts for unique characters and uppercase letters might have you believe, length matters more than complexity, as is elegantly displayed in one of our favourite geek comics, XKCD. The more characters, the more mathematically complex it becomes to guess a password, and the longer an attack would take.

Stringing together a sentence, and mixing in some symbols, numbers, and upper-case (think &, 4, U) makes a password much, much harder to assail.

“inever4getaface!” is a great, easy to remember but complex to guess password.

Let your Mac do the heavy lifting

Don’t trust foreign browsers. A convenient shortcut to remembering all those passwords, or getting a paid password manager account, is letting your browser remember them for you. You’ve seen the option yourself. You probably even use it on at least one site. Don’t! The option is convenient, but the underpinning security is often undocumented, and it doesn’t require that your password actually be, you know, good. If you need a free and easy option, go with a password manager like Dashlane instead of trusting everything to Chrome.

The only problem is that apps like Google's Chrome don't take advantage of the keychain, so you'll need to manually enter passwords from the keychain to Chrome, and Chrome can save the password in it's own database.

Use a password manager

Password managers like 1Password or LastPass create strong, unique passwords for all of your online accounts, and then store them for you to access across all your devices. So you have strong, unique passwords, and if one of your passwords does get caught up in a data breach, criminals won’t have the keys to the rest of your online services.

Now all you need to do is remember one master key.

The limitations with these applications is that, like all 3rd party software, you'll need to download a separate app, and then you'll need to install the appropriate browsers plugin for them to work.

Use keyboard patterns

A much-less-often used password mechanisms is using a keyboard pattern.

Instead of making up a sentence or using substitutions, you pick a pattern on your keyboard as a password. This has the advantage of being extraordinarily easy to type in, but hard for others to hack.

Of course, there's an obvious downside; if typing in the password on a foreign or virtual keyboard, the layout may not be exactly the same as your normal keyboard. Also, keys like the numbers and symbols (the top row) may not even appear on virtual keyboard - so you'll need to really remember this type of password.

An example... "cftyuijnbvc" makes so sense as a word, but you'll see how nifty it is when you type it out.

Single-serve passwords

What makes safety glass so safe? Simple... it's designed to stop little cracks becoming big ones, resulting in tiny, relatively innocuous pieces of glass rather than large, sharp, extremely dangerous shards of glass.

In the same way, using unique passwords means that if the password to one online service is discovered, then it means your other online services are not in compromised.

If you’re use a password manager then you’re already all over this. If not, then a midway solution would be to create 10 unique passwords, and evenly distribute their use, so that the exposure of any password is not entirely catastrophic. Don't believe that your passwords may have been compromised? See for yourself: The website Have I Been Pwned has nearly 5 billion compromised accounts on file - and yours may be one of them,.

Use multi-factor authentication

Increasingly, online services are using multi-factor authentication.

Users can be authenticated more than one way, including:

  • Something you know - a password or PIN
  • Something you have - a smart card, a SecureID token, a YubiKey USB key, an app like Authy, or a code via SMS
  • Something you are - a biometric measure like a fingerprint, voice pattern, or retina scan

The third factor is usually only used for physical access to something; a building, a research facility, etc.

But two-factor authentication is increasingly used for online services, and codes via SMS are by far the most popular. If an online service offers two-factor authentication then you should used it. The only down side is that you may not be able to receive an SMS code if you're overseas and don't have roaming turned on.

Backup your iPhone and save a world of pain

A long time ago, in a galaxy far far away, I used to work for the Apple Store Sydney as a Genius (note the capital "G" denoting this is a title, not a claim!)

We saw many things at the Genius Bar, but the one thing which consistently amazed me was the number of times people didn't back up their devices, whether Mac or iPhone.

In fact, the only time someone cried (literally) at the Genius Bar was when the Mac owned by a young couple had a failed hard disk. The couple didn't have a backup, and consequently they lost every precious photo they'd taken of their baby's first year!

What do you do in such a situation? There was nothing we could do but hand over a box of tissues.

The Future

Fast forward to a day in the future when you too lose all the photos on a device. I'm not saying this scenario may happen, I'm saying that in all likelihood this scenario will happen.

Why?

There are a myriad reasons. Phones get stolen, are dropped in the ocean, are forgotten on a train in a foreign city. Your ex could make off with your iPhone. Your roommate could make off with your iPhone. Your ex and your roommate could make out and then make off with your iPhone! And then everything on that iPhone which wasn't backed up is gone. Forever.

Avoid Pain

Apple, as the inventor of the smartphone, has looked into it's crystal ball to see this day, and has you covered. All you have to do is take advantage of what's available. So let's revisit how to back up your iPhone.

Firstly, some data doesn't need to be backed up separately. If you have your calendar, contacts, notes, reminders, and email in the cloud then your data is automatically synchronised, and in the event you need to replace your phone that information can be synchronised with your new phone in just a few minutes.

But what about everything else? Your game progress? Your Skype login? Your FaceBook account? And, more important than all of those - your photos!

Most people know that backing up their iPhone to their Mac or PC can be done via iTunes, but this only happens when you're on the same wifi network, and when your computer is on and iTunes is running. In some cases this is further restricted to happen only when your iPhone is physically connected to your computer.

But when you're out and about - the times you're most likely to be taking family snaps - your computer is nowhere near you. If you're on holidays it could be weeks before you get back to your computer!

Solutions

Apple has a number of solutions to this, and they all assume you have an iCloud account.

  • A free iCloud account gives you 5 GB of storage
  • 50 GB of iCloud storage costs $1.49 / month
  • 200 GB of iCloud storage costs $4.49 / month
  • 2 TB (or 2000 GB) of iCloud storage costs $14.99 / month
  • These are Australian prices, and include GST
  • Prices may change, so click here for current information

If you have an Apple ID (for the iTunes or App Store) then use that to sign in to iCloud.

Once you've setup your iCloud account on your iPhone you're ready to use one of Apple's backup solutions.

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

iCloud Backup
  • What it is: A backup of everything on your iPhone to iCloud
  • Pros: Everything on your iPhone is backed up; a lost iPhone can be restored from the last backup
  • Cons: Backups can take up a lot of space, so you may need to pay for more iCloud storage
  • To activate:
    • Go to your iPhone Settings
    • Click on your name at the top
    • Click on iCloud
    • Scroll down to iCloud Backup and switch it on
  • Important: Backups only happen when your iPhone is plugged into power, locked, and connected to wifi; use a hotspot or your hotel wifi when on vacation.
iCloud Photo Library
  • What it is: A copy of your entire photo library on iCloud
  • Pros: Uses less storage than iCloud Backup, and photos can then be shared with Photos on your Mac, so all photos automagically appear on your iPhone and Mac
  • Cons: Only backs up your photos (you may need a paid iCloud subscription if you have many photos and videos)
  • To activate:
    • Go to your iPhone Settings
    • Click on your name at the top
    • Click on iCloud
    • Click on Photos
    • Switch on iCloud Photo Library
  • Important: Photos will upload via both wifi and cellular data, so be aware of any cellular data charges (especially when overseas). To enable or disable cellular data for Photos go to Settings > Mobile > Mobile Data on your iPhone.
Photo Streaming
  • What it is: A stream of the last 30 days of photos from your iPhone
  • Pros: Takes up the least storage on an iCloud account, so you may not need a paid iCloud subscription
  • Cons: Only the last 30 days of photos are stored in iCloud, so you'll need to download these to your Mac or PC or risk losing them, only works with wifi
  • To activate:
    • Go to your iPhone Settings
    • Click on your name at the top
    • Click on iCloud
    • Click on Photos
    • Switch on Upload to My Photo Stream
  • Important: Uploads only happen when your iPhone is connected to wifi; use a hotspot or your hotel wifi when on vacation.

Follow this guide and you should never need a box of tissues because you've lost your photos.

For the full Apple support document on backing up, go here or contact iHelp IT.

Spot phishing attacks like a pro

Is it the sense of familiarity, the intriguing subject line or just being in auto-pilot that compels you to click?

Phishing is a method often used by hackers and cyber attackers to steal your credentials and sensitive personal information, or to infect your system with undetectable malicious software. A phishing email claims to be from a reputable source – however it's designed, it's job is to convince you to click on a link within the email, or to open an included attachment.  Often the email will use emotions – such as urgency, a deadline, curiosity, fear, or greed to convince you to open the malicious attachment or click on the link.

Examples of these include scenarios where the emails claims you’ve got a speeding ticket, an ATO taxation fine or refund, that you've received an unexpected invoice or resume, or have missed a parcel delivery. Curious? That’s exactly the emotional trigger they try to use to make you click on the link or open the attachment!

If you do fall for it, you may end up with malicious software installed on your device (including your Mac). This is very bad news, as the malicious software lurks in the background doing something evil. It could be software that enables the attackers to covertly connect directly to your system, to encrypt all of your files and hold them to ransom, or steal your credentials which they then use as part of a bigger scam or attack.

The fake messages with the call-to-action that lure you use clever psychological tricks.

That’s what makes it so difficult to protect yourself against phishing. You know not to click links in shady emails. You know to think twice before clicking any link in any email. (Right?)

The same goes for downloading attachments and putting your personal information or login credentials into any form that you have any reason not to trust. And yet, phishers can just needle you forever, waiting for that one moment when you finally slip up. If you do, you instantly subject yourself to any number of unfortunate consequences, whether it’s identity theft, fraud, or malware that runs rampant on your device.

Related Tag: IT Support Sydney | Apple Support Sydney

Three rules


Follow these three rules to keep from getting hooked.

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

Spot the Obvious

There are some obvious signs that an email might be a phishing attack:

  • Does the email use emotions to convince you to click on a link or open an attachment?
  • Are there some spelling mistakes or grammatical errors?
  • Is the text in the email not addressed directly to you, or use impersonal text such as “FirstName”?
  • Does the email have a strange “From:” address or a “Reply to:” address that is different to the “From:” address?
  • Does the mail have attachments or a link you didn’t ask for, or weren’t expecting?
  • Does the link look strange? Hover your cursor over the link without clicking –  does the address look unusual?
  • Is there an urgent call to action or deadline given?
Remember the basics

There’s a big difference between unwanted marketing & advertising emails (Spam) and phishing emails. If you suspect an email to be a possible phishing attempt you should contact iHelp IT immediately. We can quickly identify a email as phishing, and protect you and your employees from the same attack.

Following standard digital defense advice will help with phishing as well:

  • Keep an up-to-date backup of your data
  • Enable multifactor authentication to services if available
  • Close accounts you no longer use
  • Use unique, robust passwords for each online service
  • Use a password manager to keep track of these passwords

These steps make you a tougher target, but more importantly, they’ll help contain damage if you ever do get phished.

Listen to your gut

Your gut has a great sense for phishing scams, and you should look out for:

  • Unexpected emails (even from friends)
  • Emails with a link to click on
  • Emails asking you to check or update information
  • Emails which seem rushed or have a strange tone
  • A Facebook message when you'd expect a text message

If anything seems a little off, check with the sender on another platform to confirm the request. Also, consider why you might be receiving a message and whether it makes sense.

  • Most online services won’t asking you to make changes via email
  • Always log into sites via your browser, not an email link
  • Treat unexpected attachments with high suspicion and avoid opening them

Easily exposed


Look at the apparently authentic email below, and see how easy it is to tell that it’s a simple phishing attack, designed to get you to click on a nefarious link.

An apparently legitimate email, from ASIC.

Hover over the link to see the link doesn’t point to ASIC.

Real-life examples


Below are some real-life examples of phishing scams.

The SMS

A man received an SMS from his wife, claiming she'd forgotten her PIN, and asking him to send it to her.

The man promptly did, and shortly thereafter received a call from another number. It was his wife. She told him that her handbag, with her wallet and mobile phone had been stolen.

After successfully obtaining the wife's PIN via SMS, thieves helped themselves to over $2,000 in withdrawals from ATMs, before dumping the handbag and all contents.

  • Don't immediately reply to odd requests for information
  • Always confirm the request is real
The urgent transfer request

The head of accounts for a large organisation was at an airport lounge ready to fly overseas on vacation, when she received an email request from her boss, asking her to urgently transfer $7,000 to a bank account.

Without considering if the email was legitimate, she transferred the money immediately, as requested.

It was only at the end of her 8-hour flight that her thoughts turned to how odd the request was, and a call to her boss confirmed she had been duped.

  • Emails can be faked
  • Consider if the request is typical of the sender
Identity theft

Unlocked mailboxes are a great source of information for phishing. In this case all it took was a stolen mobile phone bill, which gave thieves the account holder's name, address, and account numbers, and Facebook revealed the account holder's date-of-birth.

Armed with this information, the thieves managed to obtain a new SIM card, and somehow (we won't tell you exactly how) used this to transfer funds via phone banking.

Thieves got away with $13,000 before the bank's security systems stepped in and stopped further transfers.

  • Be aware of how you may be giving critical information away

A thousand uses for your old iPod

If you’re like almost everyone in the world, at some point you had an iPod.

Which, at some later point, you replaced with a bigger and better iPod.

And both of them now lie idle, tucked away in a drawer somewhere… So, the clever folks at Business Insider have released a video with 5 uses for an old iPod.

And that’s nice… But I think we can do much better!

In addition to the 5 Business Insider uses, here are some that we thought of (maybe not 1000, but quite a few):

  • keep the kids entertained with games while at grandma’s
  • keep the kids entertained with movies on a long drive
  • take it out fishing; better to lose an old iPod at sea than your iPhone
  • attach it to portable speakers and play christmas carols under your christmas tree
  • donate it to a refugee, with english lessons, to give them a kickstart in Australia
  • attach it to micro speakers for some soothing, smooth background office music
  • keep thieves at bay by replaying a recording of an earlier party, while you’re away on holidays (think Home Alone)
  • regift it to grandma with her favourite old-time music; Christmas, sorted
  • watch Snakes on a Plane, and 6 other movies, on a plane, with no battery drain on your iPhone
  • use it for that little bit of extra storage for your 64 GB MacBook Air
  • empty out it’s innards and create a cool-looking cigarette box
  • bring it poolside for summer tunes with outdoor speakers, avoid possible water damage on your iPhone
  • dragged to a boring Opera House concert? bring your iPod and listen to what you want to hear instead
  • use it as prop for a video or play set way back in 2001
  • take it apart and learn a bit about electronics
  • install, boot, and run Mac OS X on your iPod classic… because, why not?
  • as a stocking stuffer for naughty kids (coal is so yesterday)
  • scrape out the insides and use it as a wallet when travelling; nobody steals old iPods!
  • make a hilarious “kids react…” video – it’s not a touch screen!!!
  • don’t unwrap it! instead hold onto it and sell it still in the box on eBay for $20,000!
  • grab a second iPod and turn them into a pair of speakers!
  • play really (really really) bad games

Seriously the list goes on an on… So enjoy the Business Insider 5, and then think of your own creative iPod re-uses.

SaveSave

SaveSaveSaveSave

SaveSave

Untangling domain names

A Tangled Mess

Most businesses start with one domain name. You’ve got one idea, you’ve found a .com.au domain name, you buy it, and you’re on your way with a web site.

Soon, though, you find the .com version is available, and decide to buy that one too. Then the .net version – just in case. You don’t want any cyber-squatting!

After a while you may branch out, starting an offshoot business, and an associated domain name with that. Then, you want to have a presence in another country so suddenly you have a .uk and a .nz version to add to your intellectual property toolkit.

Then one day you realise there’s an even better domain name for your business which you just have to have!

So one more.

Shortly after that you find out some of your clients can never spell your domain name, and often type something else, so you decide to buy the .com .com.au .net .uk and .nz versions of the misspellings.

Before you know it you’ve got 32 domain names racked up, which have been purchased from different registrars, using different credentials, are managed by different IT people, with domain name service, web, and email hosting ALL OVER THE PLACE!

And most of them aren’t even used any more!

A True Story

This recently happened to a client of ours, with over 30 domains in different countries, for different products and businesses, and with misspelled domains to cover all bases.

The problem was, when it came to changing hosting for some of the domains it was a nightmare to untangle this mess. There were primary registrars, their resellers, registrars which had been sold to other companies, and limited client knowledge as to login names and passwords.

In one case a registrar had two different sides to their business – one for the .au domains and one for the .com domains.

All up it’s taken about a day – on the phone to the client and suppliers, sending emails to registrars, on chat lines, lodging tickets for support, tracking down previous IT providers and previous hosting companies – to tame this awful mess.

The Lesson

This shouldn’t take so long, and is a doddle if you follow the 1-1-1 rule for domain names:

All domains should be managed by one IT provider, with one registrar, via one login.

It’s that simple.

Call Us

If you have a tangled domain nightmare call iHelp IT on 1300 469 622, and we can untangle it for you!

We will migrate all the domain names and domain name hosting to one account, with one login, so it’s easy to manage your intellectual property assets in the future.

All you have to do is reach out one time 🙂

SaveSave

SaveSave

SaveSave