Yellow Slice is an UI UX design company in Mumbai. We are leading UI/UX design agency in India offering services like UI (User Interface) , UX (User Experience) Audit, UX Research, UX Motion & Usability Testing.
2. Cybersecurity
● Our world today is ruled by technology and we can't do without it at all. From
booking our flight tickets, to catching up with an old friend.
● Cyber security, alongside physical commercial security has slowly become one of
the most important topics in the business industry to be talked about.
● With an increasing amount of people getting connected to Internet, the security
threats that cause massive harmare increasing also
3. ● Poor password management
● Not locking the computer while unattended
● Opening email attachments from unknown addresses
● Not running anti-virus programs
● Sharing information (and machines)
● Not reporting security violations
● Unattended Paper Documents
● Unprotected Electronic Data (while at rest and in
motion).E.g: Emails, USB's, CD's, etc.
● Improper Information Handling
● Passing of information over Phone.
What are the Most common security mistakes?
5. How to Keep Instagram Safe and Secure?
● Enable two-factor authentication
● Update your phone number and email
● Report content and accounts you find questionable
● Report on this website https://cybercrime.gov.in/
● Keep your Account PRIVATE
6. Safeguarding your Digital Identity
In this digital age, social media has become an integral part of our lives, connecting us with friends, family,
and the world at large.
However, with this connectivity comes the need for heightened cybersecurity awareness to protect our
personal information and maintain a safe online presence.
Cybersecurity is the responsibility of the platforms we use, us as designers as well as us as individual users.
Cyber attacks could be platform related breaches or hacker attacks. Let’s look at both the various types of
attacks.
7. Account Takeover
Attackers gain unauthorized access to a user's social media account
Phishing
This is a type of attack in which the attacker sends a fake email or text message to the victim, claiming to be from a legitimate company or service.
The message typically contains a link that, when clicked, takes the victim to a fake login page that is designed to look like the real login page for
the company or service. When the victim enters their login credentials on this page, the attacker captures them and can use them to take over
the account.
Brute Force Attacks
In this type of attack, the attacker uses a computer program to guess the victim’s login credentials by trying every possible combination of
characters. This can be done quickly, and if the victim’s password is weak, it may be possible for the attacker to guess it successfully.
Stolen Login Credentials
If the attacker has obtained a list of login credentials that were previously stolen in a data breach, they can use these credentials to try to take over
accounts on different websites and services. This can be done by simply trying the stolen login credentials on various sites until they find one
where they work.
Man In the Middle Attack
Internet traffic goes through various server routes before reaching a website. If, during that process, a cybercriminal were to intercept the traffic
while en route, and if it isn’t encrypted, they can view and track all the movement on the internet, including the victim’s username and password.
Here, features like end to end encryption can provide safety to the platform users.
8. ● Unauthorized access or exposure of personal
information.
● Example: The 2018 Facebook-Cambridge
Analytica scandal resulted in the harvesting of
personal data from millions of users by a
third-party app developer.
● Safeguarding: Review and adjust privacy
settings, limit sharing of personal information,
and carefully consider permissions granted to
third-party apps.
Privacy Breaches
9. Camfecting : Unauthorized access to a laptop or mobile camera
1. Malware Installation: The hacker may trick the target into unknowingly installing malware on their device. This can be
done through malicious link, download a compromised file, or open an infected email attachment.
2. Exploiting Vulnerabilities: Hackers often search for vulnerabilities that allow them to gain remote access to the
camera without the user's knowledge or consent.
3. Remote Control: They may use specific commands or tools to access the webcam, initiate recording, and potentially
transmit the video feed back to their own system.
10. Is Facebook and Instagram listening to your conversations?
● No. But Instagram and Facebook both use extensive data mining algorithms to generate an incredibly
detailed and accurate understanding of you as a person.
● These services know where you live, how much you earn, your political and sexual preferences, who your
friends are and your likes and dislikes for instance. All of these details are collected based on what you share
online and the type of content you interact with – including on other websites.
● These algorithms then try to display adverts that are most relevant to you at a specific moment in time. It is
very likely that your conversations relate to content you have seen online, and because Instagram knows
what you have read/watched recently, it displays an advert related to that subject.
How to protect yourself
● The only definite way to protect yourself against spooky, invasive ads is to avoid social media altogether –
but for most of us that’s not an option.
● So even if Instagram isn’t listening to your conversations, their ad targeting mechanism is probably a lot
more creepy than you realise.
12. Crypto & NFT (Non Fungible Token)
Blockchain technology is slowly and steadily evolving in
different fields of life. More and more people are interested
in investing in crypto-assets, and many companies are
embracing the possibility of accepting payments via
cryptocurrency.
The crypto and NFT worlds are extremely dynamic and
opportunity-rich. They’re an attractive space for investors,
gamers, developers, and people enthusiastic about the
decentralization of the digital world in Web3.
However, the blockchain environment, NFTs, and
cryptocurrencies, in particular, are extremely attractive to
hackers.
13. Risks
● Ransomware Attacks
It’s a form of malware, typically infiltrates a system by using
a malicious attachment or embedded link.
● Scams
Investment schemes, phishing attacks and rug pull scams.
● Darknet Market & Illicit Trade
These are the websites hoisted on the dark web also known
as the onion services.
● Crypto Theft
Cryptojacking is a form of cybercrime specific to
cryptocurrencies that has been used on websites to hijack
victims resources.
15. Blockchain bridges as a cybersecurity threat
One of blockchain’s biggest problems is interoperability.
Although successful on their own, separate networks don’t
have the ability to communicate with other blockchain
networks in the ecosystem. Blockchain bridges were created
as an interoperability solution, permitting transactions and
exchanges from one blockchain to another. For example, a
blockchain bridge could enable someone who owns Bitcoin
to spend Ethereum.
16. How to protect yourself against cybersecurity threats in cryptos
and NFTs?
● Research before Investing
● Recognising Malicious Behavior
● Use of hardware or air-gapped wallets
● Not replying to unknown personnel
● Refusing to share private keys & Passwords
● Beware on spammy airdrops
Last but not least, if it sounds too good to be true, it probably is a scam.
17. Finance? Cyber Security?
● Finance and Cybersecurity are two crucial domains
that intersect in the modern digital landscape.
● Finance refers to the management of money,
assets, and investments, while cybersecurity
pertains to the protection of computer systems,
networks, and data from unauthorized access,
damage, or theft.
● The integration of technology in financial processes
has revolutionized the industry, making it more
efficient and accessible.
18. Finance + Technology
● In the realm of finance, technology has enabled the development of online banking, mobile
payment systems, and digital currencies, among other innovations.
● These advancements have made financial services more convenient and inclusive, allowing users to
conduct transactions and manage their finances from anywhere at any time.
● However, this reliance on technology has also exposed financial institutions, businesses, and individuals
to cyber threats.
“Cybersecurity is instrumental in maintaining the stability, trust, and integrity of the finance sector. By
implementing robust cybersecurity practices, financial institutions can mitigate risks, protect valuable
assets and data, comply with regulatory requirements, and ensure the ongoing delivery of secure
financial services.”
19. Finance - Cyber Security = Problems
● Financial online fraud refers to
fraudulent activities conducted through
digital channels with the intent to
deceive and unlawfully obtain financial
assets or sensitive information.
● These frauds exploit vulnerabilities in
online platforms, payment systems, and
digital communications to carry out
illegal activities.
● Here are some common types of
financial online fraud:
20. Phishing
● Phishing involves the use of deceptive emails,
messages, or websites that appear legitimate to
trick individuals into divulging sensitive
information such as login credentials, credit
card numbers, or social security numbers.
● Phishing attacks often mimic trusted
organizations or financial institutions, aiming to
steal personal or financial data.
22. Ransomware
● Ransomware is a type of malware that encrypts
files on a victim's computer or network,
rendering them inaccessible until a ransom is
paid.
● In the context of financial fraud, ransomware
attacks may target financial institutions, holding
critical data or systems hostage until a ransom is
paid, disrupting operations and potentially
compromising sensitive customer information.
https://www.cpomagazine.com/cyber-security/ransomware-att
ack-hits-fintech-company-finastra/
23. Investment Scams
● Investment scams are fraudulent schemes that
lure individuals into making investments in
fictitious or non-existent opportunities.
● These scams can be conducted through online
platforms, social media, or unsolicited
communications, promising high returns and
using deceptive tactics to defraud victims of
their money.
24. Card Skimming
● Card skimming involves the installation of
devices on ATMs, payment terminals, or gas
pumps to capture credit or debit card
information.
● Skimmers can be physical devices placed over
card slots or malicious software installed on
compromised machines.
● The stolen card data is then used to create
counterfeit cards or conduct unauthorized
transactions.
https://www.investopedia.com/articles/pf/08/avoid-atm-scams-atm-fraud.asp#:
~:text=ATM%20scams%20can%20involve%20stealing,the%20front%20of%20the
%20machine.
25. Cash on Delivery
● Frauds and scammers tend to keep a check on
customers who receive delivery packages very
often and disguise themselves as delivery agents
at the doorsteps of the customers to ask for the
OTP.
● Furthermore, they ask for the order amount
stating that it is a cash on delivery. In case the
customers refuse to receive the delivery package,
they pretend as if they are cancelling the delivery.
● To finalise the cancellation of the order, scammers
trick the customers and ask for OTP.
26. Tackling Scams
● Education and Awareness: Educating individuals and employees about different
types of online fraud, common red flags, and best practices for secure online behavior
is crucial. Training programs and awareness campaigns can help individuals recognize
and avoid fraudulent schemes, phishing attempts, and suspicious activities.
● Strong Authentication: Implementing strong authentication methods adds an extra
layer of security. Two-factor authentication (2FA) or multi-factor authentication (MFA)
should be used whenever possible, requiring users to provide additional verification
beyond passwords, such as a unique code sent to their mobile devices.
● Regular Software Updates: Keep all software, including operating systems, web
browsers, and security software, up to date with the latest patches and updates.
Software updates often include security enhancements and bug fixes that protect
against known vulnerabilities.
● Anti-Malware and Firewalls: Install reputable anti-malware software and firewalls on
devices to detect and prevent malicious software from compromising systems.
Regularly scan devices for malware and ensure firewalls are properly configured to
block unauthorized access.
27. Tackling Scams
● Secure Website Connections: Verify that websites are secure before entering
sensitive information by looking for the padlock symbol and "https://" in the URL.
Avoid entering personal or financial details on unsecured websites or suspicious links
received via email or other channels.
● Fraud Monitoring and Detection: Financial institutions and businesses should
implement robust fraud monitoring systems to detect suspicious activities, such as
unusual account access, transaction patterns, or changes in customer behavior.
Automated systems can flag potentially fraudulent transactions for manual review.
● Collaboration and Information Sharing: Engage in collaborative efforts with industry
peers, law enforcement agencies, and cybersecurity organizations to share
information on emerging fraud trends, threat intelligence, and best practices. This
collective approach helps to identify and prevent fraudulent activities more effectively