Category Archives: Internet + Cybersecurity Articles + News!

Here is where you will find all our articles and news on the Internet and cybersecurity!

This includes our fact-checking of articles and social media posts on the Internet.

Be sure to keep updated on the latest on the Internet and cybersecurity by bookmarking this section!

How To Get Special Deals On Maxis Mobile + Broadband!

If you want the very best mobile + broadband deals from Maxis, there is only one way – you must first quit Maxis! Here is how it worked for me…

 

Don’t Bother Asking For Special Deals On Maxis Mobile / Broadband!

I have been a loyal Maxis customer for many years, and every time my contract comes up for renewal, I will ask for special deals to stay on. The most I will get is a free smartphone to renew my contract for another 2 years.

But finally, I had enough. I was stuck with 0-1 bar of mobile connectivity from March until September 2023, and Maxis wouldn’t even compensate me for the poor reception. So I gritted my teeth and waited out my contract.

Once my contract expired, I quickly decided that I would save over RM1,900 per year migrating to Digi. But out of (misplaced?) loyalty to Maxis, I called their customer care hotline, and even went to a Maxis Center to check if there are any deals for me to stay on.

As usual, Maxis had nothing to offer me as a loyal customer. But there was a surprise for me this year – I will not be receiving a free smartphone to continue my contract, unless I choose to upgrade to the new Maxis 5G plans… with an increase, of course!

So learn from my experience – don’t bother asking Maxis for any special deals to stay on as a loyal customer. To be fair, other telcos likely don’t offer deals to loyal customers to stay on as well. But I have only been a Maxis customer, and can only speak from my own experience.

Read more : Switching From Maxis To Digi Saves Me RM1.9K / Year!

 

How To Get Special Deals On Maxis Mobile + Broadband!

I discovered that the only way that Maxis will ever offer me any special deals to stay on, is if I actually quit their service. And even then, Maxis only did it at the very cusp of my migration process.

When Maxis was ready to hand over my five mobile numbers to Digi, a member of their retention department called me and offered these great deals to stay on.

Existing Maxis 4G Package : RM423 Per Month

First, I should point out that my existing Maxis package bundled a RM98 principal line with four supplementary lines, and 100 Mbps fibre broadband. By bundling with broadband, my principal line has unlimited data, albeit only on the 4G network. There is no 5G connectivity.

However, Maxis only allows a single Share 48 supplementary line with 30 GB of data for the RM98 principal line. So I have to pay a ridiculous RM38 for the remaining three supplementary lines, with just 1 GB of data.

The total pre-tax cost was RM399 per month, or RM4,788 per year.

Maxis 4G Plans 4G Data Cost
Postpaid 98 Unlimited RM 98
Postpaid Share 48 30 GB RM 48
Talk and Surf 1 1 GB RM 38
Talk and Surf 1 1 GB RM 38
Talk and Surf 1 1 GB RM 38
100 Mbps Fibre Unlimited RM 139
Total Before Tax RM 399

300 Mbps Broadband Offer : RM100 Per Month

First, Maxis agreed to match Digi’s offer of just RM100 per month for 300 Mbps. That’s RM39 (28%) cheaper than my current 100 Mbps plan, and RM49 (33%) off their current 300 Mbps plan.

Over two years, I will save RM1,176! But I was only getting this special offer because I was really quitting Maxis.

Bundled
Broadband
Maxis
Normal
Maxis
Special
Digi
100 Mbps RM 129 RM 90 RM 90
300 Mbps RM 149 RM 100 RM 100

Special Maxis 5G Offer #1 : RM245 Per Month

For the five mobile lines, Maxis offered me a RM245 plan, which would give every user 120 GB of 5G data per month.

There is a 2-year contract, but Maxis will throw in five free smartphones – a Vivo Y36 (8 GB + 256 GB) or equivalent per account.

Not only does that give all of us a heck of a lot of mobile data, and a new smartphone per person, it is also RM15 cheaper than my current package!

Maxis 5G Plans 5G Data Cost
Special Postpaid 49 120 GB RM 49
Special Postpaid 49 120 GB RM 49
Special Postpaid 49 120 GB RM 49
Special Postpaid 49 120 GB RM 49
Special Postpaid 49 120 GB RM 49
Total Before Tax RM 245

Special Maxis 5G Offer #2 : RM281 Per Month

Maxis also offered me a more expensive RM281 monthly plan, consisting of a principal line with 300 GB of data, and four supplementary lines with 50 GB of data.

It would come with a more expensive HONOR 90 smartphone with 12 GB RAM and 512 GB storage, with a 2-year contract.

I should point out that the supplementary lines are not only RM10 cheaper, they come with 50X more data, and 5G connectivity!!! Makes you want to tear your hair out, doesn’t it?

Maxis 5G Plans 5G Data Cost
Special Postpaid 169 300 GB RM 169
Special Postpaid 28 50 GB RM 28
Special Postpaid 28 50 GB RM 28
Special Postpaid 28 50 GB RM 28
Special Postpaid 28 50 GB RM 28
Total Before Tax RM 281

Special Maxis 4G Offer : Only RM200 Per Month!

If I prefer to stick with 4G connectivity only, Maxis offered me a 4G-only plan for just RM200 a month, without contract or free smartphone.

Basically, my supplementary lines would now get a ton of data, and I would save RM60 per month on my existing Maxis package!

Maxis 4G Plans 4G Data Cost
Special Postpaid 48 70 GB RM 48
Special Postpaid 48 70 GB RM 48
Special Postpaid 48 70 GB RM 48
Special Postpaid 28 50 GB RM 28
Special Postpaid 28 50 GB RM 28
Total Before Tax RM 200

 

Why I Declined The Special Deals On Maxis Mobile + Broadband!

While the special deals offered by the Maxis retention department were enticing – free phones! more data! more speed! – Digi still offered a substantially better deal.

My parents, for example, do not need 50 GB of data. They just needed something more reasonable than 1 GB, and I wanted to pay a more reasonable price for their lines.

On top of that, staying with Maxis would not solve my biggest problem – poor connectivity. I have been suffering from poor reception for six months (and counting), and sticking with Maxis for another 2 years was unthinkable.

Maxis may have once been known for having “better coverage” than other telcos. But if they cannot restore proper connectivity after 6 months (and counting), it’s time to move on. I also did not like the fact that they refused to compensate me for the poor connectivity all those months.

But this article is not about dissing Maxis. I wrote this article to share with you the best way to get such special deals from Maxis.

I called them, I even spent time at the Maxis Centre to talk to the staff. There was simply NO special deal or offer for an existing customer. You must literally quit Maxis – sign an agreement to port out to another telco, and be on the verge of switching, before Maxis will ever offer you these special deals.

Even if you want to stick with Maxis, you should still quit and port out to another telco at the end of your contract. This way, you will get access to these special deals. You will only lose out if you stay loyal.

As for me, I bid adieu to Maxis, and started my journey with Digi hours later. It was easy. You should give it a try!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Switching From Maxis To Digi Saves Me RM1.9K / Year!

I just saved over RM1,900 per year by simply switching from Maxis to Digi! Here is what happened!

 

Switching From Maxis To Digi Saved Me RM1.9K / Year!

My contract with Maxis just expired, and I decided to see if it was worth renewing with them, or switching to Digi. I had earlier asked my neighbours using Digi, and most of them seemed happy with their service.

So I compared the latest mobile and broadband packages from both Maxis and Digi, and I was shocked by how much cheaper Digi was, compared to Maxis. Take a look at what I found!

Existing Maxis 4G Package : RM423 Per Month

My existing Maxis package bundled a RM98 principal line with four supplementary lines, and 100 Mbps fibre broadband. By bundling with broadband, my principal line has unlimited data, albeit only on the 4G network. There is no 5G connectivity.

However, Maxis only allows a single Share 48 supplementary line with 30 GB of data for the RM98 principal line. So I have to pay a ridiculous RM38 for the remaining three supplementary lines, with just 1 GB of data.

The total cost was RM423 per month, or RM5,075.28 per year. Maxis offered to let me continue with this 4G-only package, but I would no longer get any free smartphone for a 2 year contract.

Maxis 4G Plans 4G Data Cost
Postpaid 98 Unlimited RM 98
Postpaid Share 48 30 GB RM 48
Talk and Surf 1 1 GB RM 38
Talk and Surf 1 1 GB RM 38
Talk and Surf 1 1 GB RM 38
4G Backup Unlimited RM 0
100 Mbps Fibre Unlimited RM 139
Total Before Tax RM 399
6% Service Tax RM 23.94
TOTAL PAYABLE RM 422.94

New Maxis 5G Package : RM445 Per Month

If I wanted a free smartphone with a 2 year contract, I would need to upgrade to the new Maxis 5G plans. The existing RM98 4G plan has been replaced by a new RM109 5G plan – a RM 11 per month premium for 5G connectivity.

From what I understand, tying it with Maxis fibre broadband would still get me unlimited mobile data, but only on 4G. The 5G data is limited to 150 GB, which is more than plenty especially since 5G connectivity is limited.

What I cannot understand is why Maxis continues to limit this RM109 principal line to just one RM48 Share line. If I want all four supplementary lines to have more than 1 GB of data, I would need to upgrade my principal line to their RM199 plan! Ridiculous!

The only good news is they dropped the price of their 100 Mbps broadband from RM139 to RM129. But it makes more sense to upgrade to 300 Mbps for just RM149 per month. Even so, the new Maxis package works out to an unpalatable RM572.40 per month, or RM6,868.80 per year!

Maxis 5G Plans 5G Data Cost
Postpaid 199 4G : Unlimited
5G : 300 GB
RM 199
Postpaid Share 48 30 GB RM 48
Postpaid Share 48 30 GB RM 48
Postpaid Share 48 30 GB RM 48
Postpaid Share 48 30 GB RM 48
4G Backup Unlimited RM 0
300 Mbps Fibre Unlimited RM 149
Total Before Tax RM 540
6% Service Tax RM 32.40
TOTAL PAYABLE RM 572.40

Sorry, mum and dad, you guys are just going to have to put up with just 1 GB of data if we stick with Maxis.

With their sacrifice, I can get by with just paying Maxis RM445.20 per month, or RM5,342.40 per year. That’s a small 5% increase of RM267.12 per year.

This new package would also get me one of these smartphones with a 24-month contract:

  • Samsung A14
  • vivo A78
  • HONOR 90 Lite
Maxis 5G Plans 5G Data Cost
Postpaid 109 4G : Unlimited
5G : 150 GB
RM 109
Postpaid Share 48 30 GB RM 48
Talk and Surf 1 1 GB RM 38
Talk and Surf 1 1 GB RM 38
Talk and Surf 1 1 GB RM 38
4G Backup Unlimited RM 0
300 Mbps Fibre Unlimited RM 149
Total Before Tax RM 420
6% Service Tax RM 25.20
TOTAL PAYABLE RM 445.20

Digi 5G + 4G Package : Only RM286 Per Month!

But when I checked out the Digi plans, they completely wipe out Maxis.

The Digi RM90 principal line offers free 5G connectivity, with 60 GB of data per month. Unlike Maxis, tying up with Digi Fibre Broadband does not give me unlimited mobile data, but that’s okay – 60 GB is plenty.

More importantly, Digi lets me add up to six supplementary family lines, and their cheapest RM20 family line comes with 10 GB of data per month! That goes up to 15 GB with a 1-year contract, and 25 GB with a 2-year contract!

On top of that – Digi offers 300 Mbps fibre broadband for only RM 100 per month! Granted – there is no 4G backup, but that’s RM49 cheaper than Maxis! Would you pay RM49 per month for “4G backup”? Heck, no!

The Digi package is a mix of 4G and 5G, but that’s okay, because my parents no longer have to worry about how much data they have left.

Digi Plans Data Cost
Postpaid 90 5G : 60 GB RM 90
Postpaid Family 20 4G : 25 GB RM 20
Postpaid Family 20 4G : 25 GB RM 20
Postpaid Family 20 4G : 25 GB RM 20
Postpaid Family 20 4G : 25 GB RM 20
4G Backup NA NA
300 Mbps Fibre Unlimited RM 100
Total Before Tax RM 270
6% Service Tax RM 16.20
TOTAL PAYABLE RM 286.20

And here is the cherry on the top – for a 24-month contract, Digi gives you one of these two bonuses:

  • a free smartphone worth up to RM1,099 (HONOR 9o Lite / Samsung A14), or
  • extra 60 GB of mobile data, or
  • unlimited social media data, or
  • 5 GB of international roaming data in 70 countries

Needless to say, this Digi package is a much better deal, as it only costs RM286 per month, or RM3,434.40 per year!

 

How Much I Save Over 2 Years Switching From Maxis To Digi

In the end, I switched to the Digi Postpaid 90 principal line, and gave all of my supplementary lines a decent 25 GB of mobile data.

Over a standard two-year contract, I will end up saving RM 3,281.76, and get a free smartphone worth RM 1,099. That’s a total saving of RM 4,380.76! Just think of what you can do with all that money!

If I renewed with Maxis, I would have upgraded to their new 5G plan to get that free smartphone and unlimited data. However, my parents would have to continue suffering with 1 GB of data, and I would have to pay an additional RM 3,816 over 2 years compared to Digi!

If I wanted my parents to have a decent amount of mobile data, I would have to really pay Maxis through my nose, and fork out an extra RM 6,868.80 – exactly twice of what the Digi package costs. It just doesn’t make sense to do that.

No matter how I calculate, it just doesn’t make sense (sen?) to stick with Maxis. I will save anywhere from RM1,900 to RM3,400 per year switching to Digi. It really pays to shop around!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Marshall Minor III Wireless Earphones Scam Alert!

Please watch out for the Marshall Minor III wireless earphones scam! Take a look at the scam, and find out what the facts really are!

 

Marshall Minor III Wireless Earphones Scam Alert!

Scammers are running Facebook ads that promote an awesome discount for the Marshall Minor III wireless earphones! Here is one recent example:

😣”Frustrating” 😣I had to queue for 5 hours at IOI City Mall to buy MARSHALL MINOR III wireless headphones for only RM179 (original price RM596), I was surprised because I thought they only sold directly I heard it’s open for sale online in 2 more days https://www.marshall-ash.asia/ms And also get the same discount as buying at the store. Free shipping nationwide.

But the 4 hours of queuing was worth it. As a Marshall fan, I was very excited when I heard the news that the Minor III series was coming out. And don’t waste your time waiting, the design is very beautiful, more stylish than the old version 💯 Great sound quality. Clear bus, fast Bluetooth connection, suitable for all types of devices, super battery life, 5 hours of continuous use and 25 hours with charging box, waterproof. The best thing about these headphones is the close-to-ear design. Comfortable, can play sports without worrying about falling. If you don’t buy it, you will be very disappointed.

I let my colleagues borrow it to play games because it sounded so realistic. There is no delay in movement.
Many people ask me if the store still has promotions? I just saw information that the store has a discount in the next 2 days. Order quickly. At the end of the promotion, the price will return to the original price of RM596. I leave the purchase link here for those who want to buy: https://www.marshall-ash.asia/ms

Recommended : Bantuan Rakyat Malaysia Scam Alert!

 

Marshall Minor III Offer : Why Is It A Scam?!

This is yet another example of SCAMS circulating on Facebook, and here are there reasons why…

Fact #1 : Marshall Minor III Price Absurdly Low

The first thing about scams involving electronics, is that they often promise ridiculous great deals. If it’s too good to be true, it often is just a scam.

In this particular scam, scammers are offering the Marshall Minor III wireless earphones for just RM179 (US$39). That’s absurd, as the Marshall Minor II wireless earphones has an official retail price of $159 (approximately RM699)!

Marshall is a high-end audiophile brand, and its electronics are never cheap. Even if they offer a discount, it wouldn’t be anything like 70% to 75%. That’s just ridiculous.

For your safety, here are legit purchase options online for the Marshall Minor III earbuds :

Fact #2 : Facebook Advertisement Is Fake

The Facebook advertisement appears to be created by a handsome influencer called 𝐀𝐥𝐯𝐢𝐧𝐧 𝐂𝐡𝐨𝐧𝐠 瑾.鍾.瑾. with 5.5 million followers.

But that’s what the scammers put in the intro. If you look carefully, this scam page only has 13 followers!

Recommended : Warning – PDRM Parking Fine Scam Alert!

Fact #3 : That Is “Push” Puttichai Kasetsin

The page is not owned by any influencer or digital creator called 𝐀𝐥𝐯𝐢𝐧𝐧 𝐂𝐡𝐨𝐧𝐠 瑾.鍾.瑾.

Those are actually photos of Puttichai Kasetsin – a Thai actor, model, DJ and TV host who is also known as “Push”.

Recommended : Media Prima / Nielsen Fake Job Scam Alert!

Fact #4 : IOI City Mall Does Not Have A Marshall Outlet

The claim by these scammers that Alvinn Chong queued up for 5 hours at the IOI City Mall to buy the Marshall Minor III wireless earphones is easily debunked.

If you check the IOI City Mall tenant listing, you will quickly discover that it does not have a Marshall outlet.

Fact #5 : Queue Photos Are From Vietnam

The two photos which claim to show long queues for the Marshall Minor III wireless earphones were not taken in Malaysia. They were actually taken in Vietnam.

This photo does not show people in IOI City Mall queueing up outside a Marshall outlet. It actually shows people queuing up for the opening of the 15th Pandora store at the Long Bien Aeon Mall, on 28 April 2022.

Incidentally, Pandora is a Danish jewellery brand, and does not sell Marshall audio products…

Recommended : PDRM Warning : Watch Out For MyBayar Scam!

The second queue photo is also from Vietnam, but taken many years ago on 11 November 2017. It does not show people queuing up to buy any Marshall products either.

They were actually queuing up at Royal City Shopping Center in Hanoi, for the opening ceremony of the second H&M store in Vietnam.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fact #6 : Scam Website Not Affiliated With ASH Asia

ASH Asia is an authorised distributor of Marshall products in Malaysia, Thailand and Vietnam.

However, the scam page (https://www.marshall-ash.asia/ms) has nothing to do with ASH Asia, whose official Marshall Minor III page is https://ash-asia.com/ms.

On top of that, ASH Asia does not sell the Marshall Minor III directly (like the scam page). Instead, ASH Asia sells the wireless earphones through Shopee and Lazada.

Recommended : How A University Student Lost RM22K In Online Job Scam!

In fact, if you check the main domain itself, you will get an error message, stating:

Your domain name has been successfully pointed! Please publish a Landing Page with the above domain name to use the service. Thank you!

This not only gives it away as a scam website, it also suggests that the scammers are operating out of Vietnam.

Fact #7 : Scam Website Admits Selling Fake Marshall Minor III

Ironically, the scam website itself has a disclaimer, warning potential buyers that it is not selling genuine Marshall Minor III wireless earphones, but a replica instead…

Most people won’t notice it because if you click to order, the website is designed to skip past this warning.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

Fact #8 : Package Apparently Contained “Trash”?

To assure you that this is safe, the scammers say that you only need to pay on delivery. Sounds good, doesn’t it? That guarantees that you will at least receive the item, doesn’t it?

Not quite, as one person who claimed to have purchased from this scam website explained…

I was attracted and clicked in, filling in my address and phone number. Three days later, I got a call saying that my package would arrive through DHL-COD, and asked me to make sure I was home.

I started looking forward to it, but when I thought about it, I became more suspicious. Since when does DHL provide Cash On Delivery service? I can’t believe they would dare to pay for first-class service without any payment from me. I figured it might be a scam!

What’s the scam? You may not have any doubts when you receive the package. When I open it immediately and take a look, then I realized it was full of garbage. [Unfortunately] I had already paid the delivery person, who ran away.

我被吸引点了进去,填了地址电话。跟着三天后有电话来说我的包裹会到,DHL-COD的,确定我在家等。我开始很期待。跟着想,越想越不对。DHL有COD的服务咩?我还没过账他们就这么敢与服务一流到我不敢相信。我猜可能是诈骗!骗什么?当你收到包裹时是不会怀疑,立刻打开来看的。然后才发现里面是垃圾。人跑了钱给了。。。

If true, the scam involves giving you an empty package filled with trash to receive your cash payment. After which, you have no recourse.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Mexico Did It Photo : Can It Infect Your Phone With Virus?!

Can the “Mexico Did It” photo infect your phone with a virus in just 5 seconds?!

Take a look at the viral claim, and find out what the facts really are!

Updated @ 2023-09-13 : Revised for a new wave
Originally posted @ 2022-11-07

 

Claim : “Mexico Did It” Photo Will Infect Your Phone With A Virus!

The warning about the “Mexico Did It” photo or image that will infect your phone with a virus keeps going… viral on WhatsApp and social media.

There are two versions so far – in English, and in Spanish.

FYI: They are going to publish an image that shows how Covid 19 is cured in Mexico and it is called “Mexico did it”, do not open it because it enters the phone in 5 seconds and it cannot be stopped in any way. It’s a virus. Pass it on to your friends and family. Now they also said it on CNN and BBC. DO NOT OPEN IT

Pass it on

Van a publicar una imagen que muestra como el Covid 19 se cura en Mexico y se llama “Mexico lo hizo” no lo abran porque entra al telefono en 5 segundos y no se puede frenar de ninguna forma. Es un virus. Pasenlo a sus familiares y amigos. Ahora lo dijeron tambien en CNN y BBC

Recommended : Can Morocco Earthquake Seismic Wave Card Hack Your Phone?!

 

Truth : There Is No “Mexico Did It” Photo / Virus!

This is just another example of FAKE NEWS circulating on WhatsApp and social media like Facebook and Twitter, and here are the reasons why…

Fact #1 : This Viral Message Has Been Circulating Since 2021

The viral message about the “Mexico Did It” photo or virus has been circulating on Facebook, WhatsApp and Twitter since April 2021.

Fact #2 : This Is A Modified Version Of “Argentina Is Doing It”

This viral message is actually a modified version of an earlier fake message, which claims that a video on WhatsApp called “Argentina is doing it” will hack your phone in 10 seconds.

It just replaces Argentina with Mexico, a video with a photo, and changes it from a 10-second hack into a 5-second virus attack.

Those two fake news are, in turn, probably based on the even older fake claim that hackers are using greeting photos and videos to hack your phone.

Read more : Can Greeting Photos + Videos Hack Your Phone?!

Fact #3 : There Is No “Mexico Did It” Photo / Virus

There is no such thing as a “Mexico Did It” image or photo. Neither is there a virus called “Mexico Did It“.

There is also no known virus that can infect your phone with a virus simply using a photo or image.

Fact #4 : CNN + BBC Never Reported On Such A virus

It’s been over 2.5 years since this fake story first appeared on Facebook, Twitter and WhatsApp, but neither CNN nor BBC has ever reported on a “Mexico Did It” virus.

Fact #5 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

Fact #6 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #7 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t take 5 seconds, as the hoax message claims.

Generally, malware won’t wait a few seconds before it infects your devices. Waiting will only increase the risk of detection.

Unless the malware creator designed it to only infect your phone when you are sleeping (like the early hours of the morning), it pays to execute immediately.

Now that you know the facts, please SHARE this article with your family and friends, and SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Morocco Earthquake Seismic Wave Card Hack Your Phone?!

Can the Seismic Wave Card containing photos of the recent earthquake at Morocco hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Morocco Earthquake Seismic Wave Card Can Hack Your Phone!

This warning about the Seismic Wave Card containing photos of the recent earthquake at Morocco has gone viral on WhatsApp:

They are going to upload some photos of the Moroccan earthquake on WhatsApp. The file is called Seismic Waves CARD, don’t open it and see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Share the information with your family and friends.
DO NOT OPEN IT. They also said it on TV

他们将在WhatsApp上上传一些摩洛哥地震的照片。该文件称为地震波CARD,不要打开或看到它,它会在10秒内破解您的手机,并且无法以任何方式停止。与您的家人和朋友分享信息。
不要打开它。他们还在电视上说过

Recommended : Did Fukushima Just Release Black Radioactive Water?!

 

Truth : There Is No Morocco Earthquake Seismic Wave Card!

This is yet another example of FAKE NEWS circulating on WhatsApp, and here are reasons why…

Fact #1 : There Is No Seismic Wave Card!

First, let me just point out that there is no such thing as a Seismic Wave Card.

The Seismic Wave Card is an Internet hoax that keeps getting recycled for every earthquake that comes along, like these examples show:

They are going to upload some photos of the Cariaco earthquake on Whatsapp. The file is called Waves Seismic CARD, do not open or see it, it will hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. DO NOT OPEN IT. They also said it on TV.

They are going to upload some photos of the Calvario earthquake on WhatsApp. The file is called CARD Seismic Waves. Do not open them or see them, they hack your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends. Don’t open it. They also said it on TV.

Fact #2 : Photos Are Shared Directly On WhatsApp

There is no need to open any file, or install any app, to view photos on WhatsApp. You simply click to view photos shared by other people on WhatsApp.

Of course, people may sometimes share high-resolution photos in ZIP or RAR files, because WhatsApp greatly reduces the resolution of photos shared on its platform.

Those ZIP or RAR files may be opened using apps like WinZip (Android | iOS) or RAR (Android) or Unarchiver (iOS). However, you should be wary if you are asked to download and install any app.

Unless you know what you are doing, it’s best to only view photos and videos directly inside WhatsApp, and not download any compressed files at all.

Recommended : Can Greeting Photos + Videos Hack Your Phone?!

Fact #3 : Seismic Waves Card Is Not A Browser Hijacker

Seismic Waves Card appears to be falsely labelled as a browser hijacker by at least one “cybersecurity” website:

The scam message known as Seismic Waves Card is notorious for its disruptive behavior while surfing the web. Generally, scams like this, and other like Mintnav and Lookaside fbsbx, are crafted to meddle with your browser’s settings, replacing homepages and default search engines to promote affiliated sites and generate advertising revenue.

This transgression doesn’t end here; they siphon sensitive data and create vulnerabilities in your system’s security framework, providing a gateway for more perilous threats, such as malware and phishing schemes, to invade.

The protracted presence of Seismic Waves Card in your system exponentially escalates the risk of serious compromises, emphasizing the dire necessity for its immediate removal. Recognizing the malicious potential of such unwanted apps is essential in maintaining a secure and safe digital environment. Stay vigilant and prioritize your cybersecurity.

There is no evidence that a malware or browser hijacker called Seismic Waves Card exists. The article itself does not offer any evidence to prove its existence. In fact, the article and its guide on how to “remove” the malware appears to be generic, and may possibly be AI-generated.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest… but it cannot hack your smartphone by itself.

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website. Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

This is an incredibly clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t take 10 seconds, as the hoax message claims.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bantuan Rakyat Malaysia Scam Alert!

Watch out for the Bantuan Rakyat Malaysia scam on WhatsApp, Telegram, Facebook and Twitter!

Find out how this scam works, and WARN your family and friends!

 

Bantuan Rakyat Malaysia 2023 Scam Alert!

These scam messages about Bantuan Tunai Rakyat (BTR) 2023, or Bantuan Percuma Kerajaan Malaysia 2023, is going viral on WhatsApp, Telegram, and social media platforms like Facebook and Twitter.

CARA SEMAKAN TARIKH BAGI PENERIMA BANTUAN RM600 DIKREDITKAN SETIAP BULAN

Untuk mereka yang layak, anda boleh lakukan semakan dengan mengikuti cara yang diterangkan.

Baca Cara Semakan Bantuan 👇
https://bntuanrakyatmalaysia.lynk.eu.org/

SHARE INFO ini kepada rakan-rakan dan saudara mara untuk manfaat semua

HOW TO CHECK THE DATE FOR RECIPIENTS OF ASSISTANCE RM600 CREDIT EVERY MONTH

For those who are eligible, you can check by following the described method.

Read How to Check Help 👇
https://bntuanrakyatmalaysia.lynk.eu.org/

SHARE this INFO to friends and relatives for the benefit of all

As one lady shared in the video below, she got tricked by the scammers, who took over her Telegram account to send the same scam message to all of her contacts!

While she claimed that she did not click any link, I will show you how she got scammed…

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

Bantuan Rakyat Malaysia Scam : How Does It Work?

Warning : To show you how the scammers work, I will share the links they use. I will highlight those dangerous links in red. Do NOT go to those links.

Super Long Link

To trick people into clicking on the scam links, the scammers intentionally use a misleading and very long URL, so you are less likely to notice the domain.

This is the scam link : https://bntuanrakyatmalaysia.lynk.eu.org/

Note how the scammer used a long list of descriptive keywords – “bantuan“, “rakyat“, “malaysia“, “lynk“, which helps to mislead people, and make it more difficult for them to notice that the domain is “eu.org“.

Obviously, eu.org is not a Malaysian government domain (which ends with .gov.my), and it has nothing to do with Malaysia or financial aid. This domain also has nothing to do with the European Union.

EU.org provides free subdomains, and so scammers use it to not only run their scams, but to give their scams a more “legitimate-looking domain”.

Pro Tip : Always check the domain of a link before you click on it. Avoid super-long links like this because they are often used to mask the domain name.

Recommended : Will Scanning RFID Bar Codes Hack Your Phone?!

Fake Telegram Invitation

After clicking to go to https://bntuanrakyatmalaysia.lynk.eu.org/, you will be taken to what looks like an invitation to join a Telegram group. But in reality, it is a fake Telegram invitation.

A real Telegram invitation will have a link like this – https://t.me/XXXXXXXX. But this scam page has the link – https://bntuanrakyatmalaysia.lynk.eu.org/my.php.

Also, a real Telegram invitation can detect if you are using Windows / Mac or Android / iOS, and suggest that  the right download for your device.

The invitation also has a glaring typo – the link says Massage Now, rather than Message Now. Hilarious!

In any case, a real Telegram invitation will not ask you to Message Now. Rather, it will allow you to either View In Telegram, or Preview channel in the web browser itself.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

Fake Telegram Login Page

If you click on Join Group, you will be taken to this Telegram login page. Even though it offers you a list of countries to select from, the only option is Malaysia.

WARNING – THIS IS A SCAM PAGE. This is what is known in cybersecurity as a “phishing attack”.

First of all, Telegram invitations will never ask you to log into your Telegram account. It will simply launch the Telegram app and load the group for you.

Secondly, if you look at the link, it leads to the same scam domain, specifically https://bntuanrakyatmalaysia.lynk.eu.org/my.php.

Do NOT log into your Telegram account in this page.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

If you log into your Telegram account using this phishing page, then the scammers will gain access to your Telegram account, and take it over for their own use.

They can then use your Telegram account to send the same scam message, or worse, cheat your family and friends of their money!

Recommended : Can Restaurant Menu QR Code Hack Your Phone?!

The lady in the viral video likely logged into this phishing page, thus giving the scammers control of her Telegram account. That was likely how they were able to message everyone on her contact list.

She also likely did not enable Two-Step Verification in Telegram, which would let her recover her account even after scammers have gained access.

That is why people who were hit by this scam had to call and inform their relatives and friends, or publicly post about it to warn all of their contacts.

Unfortunately, it is not always possible to warn all of their contacts, and inevitably, someone will get cheated of their hard-earned money. That’s why these scams are so popular – they really work, and scammers are making a ton of money!

Help us fight against these scammers. SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | Software | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Warning – PDRM Parking Fine Scam Alert!

Scammers are targeting motorists with the PDRM parking fine scam! Make sure you warn your family and friends!

Here is what you need to know about the PDRM parking fine scam!

 

PDRM Parking Fine Scam Email

People are getting emails warning them that they just committed a parking violation, while offering them a cheap fine if they pay quickly.

Fines Inquiry and Payment

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

The fine is set at MYR 50. Payment of the fine is required within 7 days of the date of notification, to avoid further legal consequences.

If the fine is not paid within the time limit, you may be subject to legal action, resulting in an increase in the original fine.

Payment deadline: [08/26/2023]

Methods of payment accepted:

Cordially,

Malaysian Police Department

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

PDRM Parking Fine Email Is A Scam!

These PDRM parking fine emails are scam emails. This was confirmed by PDRM itself.

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

These emails are designed to scare its victims into action. Hence, it offers a very cheap way to quickly “settle the problem”. However, if you take a breath, and analyse the email CAREFULLY, you will see many problems with it.

  • Letter is from PDRM : The Royal Malaysia Police (PDRM) will never write to you by email.
  • Letter is in English : The Royal Malaysia Police (PDRM) will never write to you in English.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

PDRM Warning : Watch Out For MyBayar Scam!

PDRM is warning motorists not to fall for the MyBayar scam! Here is what you need to know about the MyBayar PDRM scam!

 

PDRM Warning : Watch Out For MyBayar Scam

On 7 August 2023, the Cyber Crime division of the Royal Malaysia Police (PDRM) posted an alert warning motorists not to fall for the MyBayar scam.

The MyBayar PDRM scam starts with an official-looking email that warns motorists that they have been caught contravening the law, and offers a cheap RM50 fine if paid within 5 days:

Last notice of contravention before prosecution

Dear recipient,

We are writing to draw your attention to a recent traffic violation in Malaysian jurisdiction.

Our traffic enforcement staff have observed your vehicle parked in a no-parking zone. This contravenes section (no. 2016-691] of the Road Traffic Act.

As a result of this infringement, a fine of MYR 50 has been imposed. This fine must be paid within 5 days of the date of this notification to avoid further legal consequences.

Failure to pay the fine within the allotted time may result in legal proceedings being taken against you, which could lead to increased fines, penalties and the possible suspension of your driving license.

Recommended : Bantuan Tunai Rakyat Malaysia 2023 Scam Alert!

 

MyBayar PDRM Scam : How Does It Work?!

Many people who received the MyBayar PDRM email might be shocked to find out that they were caught committing a traffic violation, and then relieved that it was only RM50 if they paid quickly.

That’s how the scammers trap their victims – by offering a cheap RM50 fine, when we all know that fines for traffic offences are at least RM150, and can go all the way up to RM1,000!

Those who received this fake MyBayar PDRM email would be tempted to quickly pay the cheap RM50 fine, before it becomes a lot more expensive!

But if you take a closer look at the email, you will spot some problems with it:

  • Weird English : The email title of “Last notice of contravention before prosecution” is nonsensical.
  • Typo in the name : The fake email used My Bayar PDRM, instead of MyBayar PDRM.
  • Lack of name and personal details : The fake email refers generically to “Dear recipient“, without listing your full name and MyKad number.
  • Lack of vehicle details : The fake email doesn’t mention the vehicle make and plate number.
  • Lack of location details : The fake email does not mention where the offence occurred, or even when it occurred.
  • Fine is much too low : PDRM traffic fines are never as low as RM50. The cheapest fine is RM150 for Category 4 offences, but you can pay as low as RM70 within 15 days.
  • No such law : The fake email refers to the Road Traffic Act. There is no such act in Malaysia. The proper name is the Road Transport Act 1987 (Act 333).
  • No such section : If you look at the Malaysia Road Transport Act 1987 (PDF download), you will see that there is no such thing as Section 2016-691.

The email appears to be from My Bayar PDRM (typo in the name), but if you inspect the email address, you will see that it was sent by “in-to-no-reply@silverbackgames.xxx” or “hello@sooqr.com” or some other email address.

Obviously, this email did not originate from an official PDRM email address! This should immediately tell you that this is a fake or scam email!

Recommended : How A University Student Lost RM22K In Online Job Scam!

If you click on the Pay My Fine link in the scam email, you will be taken to a fake My Bayar PDRM website (with the same typo in the name).

You may notice that you now have 7 days to pay the RM 50 fine, instead of just 5 days in the email. Odd, isn’t it?

Also odd is the fact that the page does not mention your name, your MyKad number, your vehicle type and model, or even its plate number! The page also doesn’t mention where the offence took place, or the time you were caught committing said offence.

Do NOT proceed after this point… This is a scam website!

But if you have itchy fingers, and click on the Pay The Fine button, you will be asked to pay for the RM50 fine using your debit or credit card.

Needless to say, PLEASE DO NOT SUBMIT YOUR DEBIT / CREDIT CARD DETAILS!!!

If you provide these scammers with your debit / credit card details and TAC / OTP numbers, they will be able to charge ANY AMOUNT they want to your credit card, or withdraw ANY AMOUNT they want from your bank account!

Recommended : Wedding Invitation Scam : Don’t Install APK File!

It’s even worse if you are asked to log into your bank account to pay the fine. DO NOT DO THAT!

If you provide them with your bank login and password, as well as OTP/TAC number, these scammers will be able to transfer money out of your bank account!

Please note – this is a scam! This is a phishing attack to gain access to your credit card and/or bank account.

Regardless of how you get any notification from PDRM about any traffic offence you may have committed, you should always check the status through these official MyBayar PDRM options:

Please SHARE this warning with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Automotive | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How WithSecure Offensive Security Drives Business Resilience!

Find out how WithSecure harnesses the power of offensive security to drive business resilience and enhance protection for its clients!

 

WithSecure Drives Business Resilience Through Offensive Security!

WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the SPHERE security conference 2023, WithSecure’s Chief Product Officer, Antti Koskela, shed light on their game-changing offering called ‘attack surface management.’ This managed service offers a comprehensive view of vulnerabilities in a company’s cloud-based estate.

As a result, WithSecure’s focus on the digital perimeter empowers businesses to reduce their overall attack surface, enhancing their cybersecurity posture in the ever-evolving threat landscape.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

 

How WithSecure Offensive Security Drives Business Resilience!

WithSecure also introduced three groundbreaking services that amplify their commitment to ‘outcome-based security’ and ‘co-security’. This groundbreaking development was revealed by WithSecure Executive Vice President (Solutions) Scott Reininga, also at the SPHERE security conference 2023.

Reininga underscored WithSecure’s unparalleled expertise in offensive security, revealing that they are the home of one of the world’s most proficient offensive security teams. This team, a fusion of penetration testers (pentesters), red, blue and purple teamers, has profound knowledge of adversary tactics, tradecraft, and techniques.

Penetration testing is a cybersecurity practice that aims to discover vulnerabilities in a system by simulating controlled attacks. Their goal is not to cause damage but to pinpoint weaknesses for rectification. This proactive method, which can involve exploiting software vulnerabilities or simulating social engineering tactics, is key in any comprehensive cybersecurity strategy, offering a practical evaluation of potential risks rather than a theoretical one.

Our relentless pursuit of research and system testing allows us to uncover system vulnerabilities proactively. This crucial data is the building block of our products that are proactive, minimally disruptive, and crafted from the perspective of an attacker.

– Scott Reininga, WithSecure Executive Vice President (Solutions)

These insights were unveiled by Reininga during his recent product launch event titled ‘Co-security and co-managed services for partners’. He was joined on stage by WithSecure Vice President (Offering and Customer Experience) Niko Isotalo.

Expanding on WithSecure’s strategic approach, Isotalo said that the company’s outcome-based security framework model “connects Chief Information Security Officers (CISOs) and board members, offering clarity about the interplay between security outcomes and business objectives.”

This alignment clarifies the indispensable role of security in the core business framework to board members.

– Niko Isotalo, WithSecure Vice President (Offering and Customer Experience)

Recommended : Avanade Launches New Generative AI Services!

Reininga and Isotalo unveiled the three new offerings during their joint session. The first, termed “co-monitoring,” is a partnership model. WithSecure validates the genuineness of security incidents before alerting the duty manager, effectively curbing false alarms.

WithSecure collaborates with clients to supervise their digital ecosystems, particularly during periods when they are stretched thin on resources. This service, providing support beyond standard working hours, can also deliver round-the-clock monitoring if necessary.

Isotalo further introduced the second service, incident readiness software, recognising that many organisations lack comprehensive incident readiness plans.

Our software simplifies the creation, testing, and updating of such plans, which serve as essential shields against cyber threats.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

Focusing on the urgency of immediate incident response, Reininga introduced the third service, an incident response retainer.

Our incident response retainer provides unlimited incident response within the critical initial 72 hours of an event. We eliminate the need for negotiation about budget and resource allocation.

We engage consultants rapidly, supported by our globally lauded 24/7 incident response team and top-tier threat intelligence unit, guaranteeing our customers industry-leading service level agreements (SLAs).

By integrating offensive security acumen, co-monitoring capabilities, incident readiness software, and swift incident response, WithSecure empowers organisations to effectively safeguard their digital assets and curtail the impact of potential breaches.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Takes Offensive Security Approach To Cloud Threats!

WithSecure is harnessing the power of the offensive security approach in tackling evolving cloud threats!

 

WithSecure Takes Offensive Security Approach For Cloud Threats!

In a shifting cybersecurity landscape, WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the recent SPHERE security conference 2023 in Helsinki, Finland, WithSecure’s Chief Product Officer, Antti Koskela, shed light on this approach.

We’ve done identity assessments for many cloud-based companies, unveiling weaknesses in their cloud platforms.

Our offensive security approach is about understanding the attack surface of a cloud-based estate. We focus on the digital perimeter, which is crucial to reducing the overall attack surface.

Koskela went on to explain that WithSecure has distilled this insight into an innovative managed service offering called ‘attack surface management’. This service provides a comprehensive view of a company’s vulnerabilities, including IP addresses, port vulnerabilities, exposed APIs and web services, identity matters, patching levels and more.

With more open architecture, control over your attack surface becomes paramount. ‘Zero trust’ alone isn’t the answer as human errors happen. Our holistic approach helps mitigate this.

Recommended : Avanade + Accenture: 2023 Microsoft Global SI Partner of the Year!

WithSecure’s product suite integrates various cloud-native solutions to deliver protection based on specific client requirements. This collaborative process, termed ‘co-security’, is driven by the security and business outcomes defined by the clients. Koskela emphasised the tripartite focus of their solution:

It’s about process, people, and technology. We collaborate to secure the outcomes, letting company directors steer the course of business.

Our WithSecure Elements platform is the cornerstone of our technology, built collaboratively with our clients.

Koskela acknowledged the evolution of the IT industry, from client-server in the ‘90s to hosted services in the 2000s, cloud computing in the 2010s and cloud-native in the 2020s. He underscored the need for a new security approach to match the evolving business environments:

The cloud offers agility, speed, cost-efficiency. But with new technologies come new security considerations.

WithSecure has been proactive, creating solutions for every technological shift – be it firewalling and endpoint protection during the hosted services era, or data security and VPNs for the cloud computing era.

And now, with the rise of cloud-native tech, we’re helping clients to understand and secure their digital perimeter through our offensive security approach.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

WithSecure Chief Product Officer, Antti Koskela (left), and APAC Regional Director Yong Meng Hong (right)

 

WithSecure Elements Picking Up In APAC

Since its mid-2021 debut, WithSecure’s Elements platform has gained considerable momentum here in Malaysia and the broader Asia-Pacific region. This comprehensive cybersecurity platform has made its mark by providing organisations with a unified solution to their security needs.

Elements equips enterprises with the insight, adaptability, and technology to tackle evolving threats and changing business environments.

Offering unified endpoint protection across devices, clouds and servers, Elements consolidates everything from vulnerability management and collaboration protection to detection and response into one easy-to-navigate security console.

– WithSecure Asia-Pacific Regional Director Yong Meng Hong

Yong further emphasised that the cloud-based Elements platform provides real-time visibility across an entire IT infrastructure, simplifying how enterprises manage their cybersecurity.

Flexible licensing options, including fixed-term subscriptions and usage-based billing, ensure that organizations can tailor their cybersecurity services according to their specific needs.

Elements offers centralised management capabilities, giving IT managers a comprehensive overview of their enterprise’s IT infrastructure, enhancing their reassurance and control.

Today, WithSecure is globally recognised, trusted by a myriad of enterprises to safeguard against cyber threats, while also protecting tens of millions of consumers through over two hundred service providers and telecommunications partners.

For organisations looking to navigate the cloud’s security challenges, WithSecure’s offensive security approach could be just the safeguard they need.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Did African Migrants Just Destroy Historic Alcazar Library?!

Did African migrants just riot and destroy the historical Alcazar Library in Marseille, France?!

Take a look at the viral video, and find out what the facts really are!

 

Claim : African Migrants Just Destroyed Alcazar Library!

People are sharing a video of the historical Alcazar Library burning, after being allegedly destroyed by African migrants who were rioting in France.

Stew Peters : The Alcazar Library in Marseille is the largest library in France, containing an archive of one million historically significant documents.

African migrants just TORCHED it.

Christian Pilgrim : WATCH: Rioters have burned down the largest library in France.

The Alcazar library in Marseille included an archive of one million historically significant archives.

VVC Watch : The Alcazar Library in Marseille is the largest in France, containing an archive of one million historically significant documents. African migrants just TORCHED it. #vvcwatch

Some also claim that the video shows the National Library in Paris on fire, not the Alcazar library.

Recommended : Is This The Last Video Of Titan Sub At Titanic Wreck?!

 

Truth : African Migrants Did Not Destroy Alcazar Library!

This is yet another example of FAKE NEWS circulating on WhatsApp, and social media platforms like Twitter, and here are the reasons why…

Fact #1 : People Were Rioting Over Nahel Merzouk

First, I should quickly point out that the June 2023 riots in France had nothing to do with migrants in France, whether they are African or otherwise.

People in France were not rioting over migrant rights, but rather, the death of Nahel Merzouk – a 17 year-old French youth of Moroccan and Algerian descent, who was shot and killed by the police in Nanterre on 27 June 2023.

That morning, two Paris Police Prefecture motorcycle police officers saw Nahel Merzouk driving a Mercedes-Benz A Class AMG with a Polish licence plate at high speed in a bus lane.

They tried to flag it down, but Nahel continued to flee, committing several traffic offences in the process. But he was eventually forced to stop due to traffic congestion.

That was when the two police officers got off their motorcycles and ordered him to turn off the engine. When Nahel started to pull away again, one of the police officers fire a shot at him because he claim Nahel was about to run him over. The car continued for a distance before crashing into street furniture.

However, a 50-second video was later released, showing that neither police officers were in danger of being run over by Nahel. A passenger in Nahel’s vehicle also testified that the police officer hit Merzouk with the butt of his gun several times, and the third buttstroke made Nahel release the brake pedal, causing the car to move forward as it was an automatic car.

Those revelations caused a great public outcry and outrage, that quickly turned into protests and riots in many parts of France.

Fact #2 : Rioters Attempted To Set Alcazar Library On Fire

On the night of Thursday, June 29, 2023, rioters attempted to set the Alcazar library in Marseille on fire. They broke some of its windows, and tried to set its entrance on fire.

However, the rioters did not succeed in entering the Alcazar library, or set it on fire. Its entrance was only lightly torched. It was boarded up the next day.

There is also no evidence that the rioters who tried to set the Alcazar library on fire were migrants, or Africans.

Recommended : Is This President Macron Dancing With His Wife 30 Years Ago?!

Fact #3 : Viral Video Is Of Manila Central Post Office Fire

The video that went viral on social media does not show the Alcazar Library on fire. Rather, the video showed the Manila Central Post Office (MCPO) which caught fire on Sunday, May 21, 2023.

The fire started in its basement at 11:41 PM that night, but firefighters had trouble controlling it. It was finally controlled at 7:22 AM on May 22, and finally put out at 6:33 AM the next day, on May 23, 2023.

18 persons were wounded in the incident – 16 firefighters, a fire volunteer, and a civilian. 300 million pesos worth of assets, including national identification cards were destroyed or damaged.

Even worse was the loss of the heritage building. The Manila Central Post Office was a 97 year-old building which was a “classic example of Western architecture that existed between two world wars“.

Fact #4 : French National Library Not On Fire Either

Claims that the video shows the French National Library in Paris on fire are also false.

Elodie Vincent, a spokesperson for Bibliothèque nationale de France, confirmed in an email that the French National Library was unharmed during the Nahel protests and riots.

I should also point out that the French National Library is the largest library in France, not the Alcazar Library.

Recommended : Does Viral Video Show France Pension Riot Damage?!

Fact #5 : This Is Just Another Fake Video

This is just another example of fake videos misappropriated to create controversies. Here are some other recent examples you may have seen recently:

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | InternetTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Malaysia To Ban SMS With Personal Details!

Telcos in Malaysia will soon ban SMS messages with personal information, as part of the MCMC’s initiative to prevent scams! Here is what you need to know!

 

Malaysia To Ban SMS With Personal Details!

On Sunday, 2 July 2023, four Malaysian telcos – Maxis, Celcom, Digital and U Mobile will ban SMS messages containing personal information , as part of the MCMC’s initiative to prevent scams.

In addition to the May ban of SMS links, both local and international users will be prevented from sending any SMS message containing:

  • personal details
  • mobile or fixed line phone number
  • banking details like account number
  • MyKad number

All SMS messages containing these forbidden items will not be blocked, but their senders won’t be charged for those blocked messages.

Read more : Malaysian Telcos Ban SMS Links To Prevent Scams!

 

No Ban For SMS With Personal Details Via Short Codes

It should be noted that this ban on SMS messages with personal details do NOT apply to businesses using legitimate Enterprise short codes. They will still be allowed to issue SMS messages with URLs (links), phone numbers, and personal details.

Here are the current Enterprise short codes for Celcom and DIGI, from which you “may” continue to receive SMS messages with hyperlinks (URLs) and personal information.

Telco Enterprise Short Codes
Celcom CelcomDigi / EASYRELOAD
Celcom / CELCOM
2000 / 2901 / 20000 / 78888
28888 / 28882 / 22288 / 28282 / 22888
2001 / 22002 / 22009 / 21888 / 22022 /
22033 / 22162 / 22244 / 22262 / 22990 /
23000 / 23222 / 23777 / 25000 / 25555 /
26664 / 26668 / 26674 / 26680 / 26699 /
27100 / 27200 / 27999 / 28000 / 29888 /
29992 / 29999 / 39131 / 39140 / 39146 /
39170 / 39172 / 39230 / 39231 / 39240 /
39254 / 39258 / 39281 / 39291 / 39442 /
39466 / 39470 / 39471 / 39496 / 39504 /
39505 / 39506 / 39509 / 39513 / 39514 /
39515 / 39518 / 39881 / 39437 / 39132 /
39133 / 39144 / 39162 / 39177 / 39498 /
39502 / 39511 / 39512 / 39495
Digi CelcomDigi / Digi / DigiRewards
200 / 2901 / 2691 / 5001 / 27676
20000 / 21000 / 28879 / 28888 /
28882 / 22288 / 28282 / 22888

Maxis has 5-digit short codes like 1XXXX, 2XXXX, and 6XXXX, but has chosen to block SMS messages containing personal information from their Enterprise short codes:

In order to prevent individuals from becoming online scam scams, the Malaysia Communication and Multimedia Commission (MCMC) has issued a directive to all telcos on 14 February 2023 to block sending and receiving of short messaging service (SMS) from local, international mobile numbers and applications containing below contents:

  • URL link and any clickable link e.g. shorten URL; shorten URL;
  • Request for user’s personal information e.g name, IC number, account number and
  • Mobile and fixed line number

Blockings are being implemented in stages; started from 2 May 2023 for SMS between individuals; the next and last stage is the blocking of SMS containing the above 3 elements from mobile and applications such as Enterprise SMS service and Maxis IoT SIM from 2 July 2023.

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

 

Risky SMS Ban Helpful, But Other Platforms Still A Risk

While this measure is really helpful in reducing scams, the ban is limited to SMS messages. It does not prevent scammers from sending similar scam messages through instant messaging platforms like WhatsApp, Telegram, Facebook Messenger, WeChat, etc.

I should also point out that links are not inherently bad. Links in messages, even SMS messages, are mostly safe.

Perfectly Fine

  • Clicking on a link to read an article / terms and conditions of a promotion
  • Clicking on a link to enrol in a promotion which does not require you to log into any website
  • Clicking on a link to check in for a flight, or get a travel update

However, they can be used to send you to a phishing website which is designed to look like a genuine bank / payment website. Hence, it is critical that you should NEVER log into any website through a link.

NEVER DO THIS

  • Clicking on a link to log into a bank website
  • Clicking on a link to make a purchase or payment
  • Clicking on a link to log into any account / email

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityMobile | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Wedding Invitation Scam : Don’t Install APK File!

Please watch out for the wedding invitation scam, and find out why you should NEVER install any APK file from strangers!

Find out what’s going on, and warn your family and friends!

 

Wedding Invitation Scam Gone Viral!

A new scam has gone viral on social media in Malaysia – the wedding invitation scam. In this scam, scammers contact their victims on WhatsApp, pretending to send them an APK file as a wedding invitation!

Here is the Malay version of the scam messages, and their English translations.

Dengan rasa kesyukuran, Menjemput Tuan ZAITON OTHMAN Ke Majlis Perkawinan Anak Kami
Sila Klik instal Apk untuk dapatkan kad kahwin digital kami ⬇️⬇️
Sila klik instal nampak kad kahwin digital kami 🙏, agar nak tau Siapa 😀

With gratitude, Inviting Mr. Zaiton Othman to our Son’s Wedding
Please click install Apk to get our digital wedding card ⬇️⬇️
Please click install to see our digital wedding card 🙏, to know who this is 😀

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Wedding Invitation Scam : Don’t Install APK File!

This is yet another example of a Mobile Application Scam, and here are the reasons why…

Fact #1 : APK Is Android Installation File

First, it is important to know that APK files are not used to deliver wedding invitations, or photos and videos.

Short for Android Package Kit, an APK file is used to install software in Android devices. Think of it as the Android equivalent of an EXE installation file for Windows software.

Fact #2 : You Should Never Install APK File, Unless You’re An Expert

APK files, by definition, are merely installation files for Android devices. They can be used for legitimate purposes, as well as nefarious purposes.

However, legitimate Android apps are mostly delivered through proper mobile app platforms like Google Play Store and the HUAWEI App Gallery, where they are often scanned for malware before people are allowed to download and install.

Therefore, you should never download and install an APK file outside of legitimate mobile app platforms, unless you are an expert who needs to “sideload” an APK for a specific reason.

Now, this does not mean that only Android devices are vulnerable. Apple is slated to offer the ability to sideload apps too with iOS 17.

Fact #3 : Scammers Use APK Files To Install Malware

In most, if not all, cases where you receive an APK file from a stranger on WhatsApp, Telegram, through email or social media platforms, it is likely to contain malware.

Scammers use APK files containing malware to gain access to your phone. After you install these malware APK files, scammers can do anything – read your messages, steal your photos and videos, gain access to your TAC / OTP alerts, etc.

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #4 : APK File Scam Not Limited To Wedding Invitations

These mobile application scams are not just limited to wedding invitations, or offers to deliver illicit photos and videos. Scammers have also convinced their victims to install these APK malware files to :

  • book cheap temporary maid / cleaning services
  • book cheap air-conditioning services
  • book exclusive restaurants
  • receive special discounts
  • make investment transactions

Fact #5 : Scammers Use Social Engineering + Stolen Data

It is important to remember that scammers will use a combination of social engineering and stolen / purchased data to convince you to install their APK malware.

They may know your name, your MyKad number, your address and your telephone number. They may even know who is in your family, and even have your bank account or credit card details. All that information can be purchased from unscrupulous sources.

In some cases, scammers have taken over social media accounts and used them to trick the account holder’s family and friends into installing such APK malware files.

No matter who tells you to do it – even if they are your family member or friend, NEVER download and install an APK file.

Recommended : Scam Alert : How Fake Job Syndicates Operate!

Fact #6 : Bank Negara Malaysia Warned About Mobile App Scam

Bank Negara Malaysia has long warned consumers about such mobile application scams.

Be wary of clickable hyperlinks that redirects you to a site, or downloads an application to your phone. Banks will no longer send you any clickable hyperlinks via SMS!

Only download applications from your smartphone’s official application platforms (e.g. Google Play Store, [Apple] App Store, Huawei App Gallery).

Fact #7 : PDRM Confirmed This Is A Scam

On Monday, 19 June 2023, PDRM Commercial Crimes Investigation Department (CCID) Director Datuk Seri Ramli Mohamed Yoosuf warned the public about this wedding invitation scam:

This new tactic asks for an individual to open the link prepared to receive the wedding invitation. However, that’s the trick to steal information from the public and to make online transfer. The public are advised to avoid getting caught up in any message from questionable sources.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Jomo Kwame Sundaram Stock Advice Scam Alert!

WATCH OUT for scammers pretending to be Jomo Kwame Sundaram offering stock advice on Facebook!

Find out what’s going on, and warn your family and friends!

 

Jomo Kwame Sundaram Stock Advice Scam Alert!

Scammers are running Facebook advertisements that claim that famed Malaysian economist, Jomo Kwame Sundaram, is created a WhatsApp group offering free stock investment advice!

I am Jomo Kwame Sundaram
A prominent Malaysian economist.
On June 14th, I said in the stock exchange group:
There have been abnormal transactions in the Southeast Asian stock market in the past two days
Indonesian stock market soars on the 15th, with huge volatility
Now the local exchange has access to supervise the stock movement
Next, Malaysia’s stock market will also experience abnormal fluctuations
Please pay attention to: ADVCON, KPSCE, ICON, MBL these stocks
Related stock abnormal information, I will continue to send in the group
If you haven’t joined the stock exchange group
Please join in time, I will share the stock information I have for free
Master stock information and avoid losing money in the stock market

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Jomo Kwame Sundaram Stock Advice Scam : What You Need To Know!

These Jomo Kwame Sundaram stock investment scams are being promoted heavily on Facebook in 2023, so please alert your family and friends!

Fact #1 : Jomo Kwame Sundaram Reported These Fake Ads

These fake Jomo Kwame Sundaram stock advice advertisements have been promoted on Facebook for several months now. On April 15, 2023, Jomo himself posted about this scam:

*Warning Letter from Jomo Kwame Sundaram*

I regret to inform you that someone is impersonating me. They have established an official website in my name, with many old photographs and other material to give this impression.

I am presented as an education and investment consultant, neither of which is true. There is even a contact telephone number for my supposed assistant.

I have reported the impersonation to Facebook and MCMC with no indication of any action so far. This happened several years ago as well when there was an earlier effort of this type.

I have never given investment advice, and have no intention whatsoever of doing so. It is highly irresponsible for anyone to claim they know the future. Whatever I do on economic and other matters is free for the public, and I urge you not to pay money to anyone who claims to be advising you in my name.

As I have been giving lectures in Tsinghua University in the past week, when this problem began, I did not realize how quickly the problem was growing and failed to act more promptly.

Please warn your friends and loved ones.

Thank you for your cooperation.

jomo

Unfortunately, as many people have discovered, Meta / Facebook does not appear to care about these fake ads. You can report them till kingdom come, but they will just keep running on Facebook as long as these scammers pay for them!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #2 : Jomo Kwame Sundaram Is A Renown Economist

Jomo Kwame Sundaram is a world-renown economist, who writes extensively on economic policies. However, as he explained above, he is not an investment consultant!

He has better things to do than to offer you free stock investment advice! In May 7, he just published an article called “Inflation phobia, myths and dogma exacerbate policy responses” in the Review of Keynesian Economics.

Fact #3 : One Victim Lost RM480K To Investment Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar investment scam, and lost almost RM480,000 (about US$104,000).

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Money | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Bursa Malaysia Stock Investment Scam Alert!

Warning – both Datuk Muhamad Umar Swift and Bursa Malaysia are NOT giving out free stock investment advice or books!

Find out what’s going on, and warn your family and friends!

 

Bursa Malaysia Stock Investment Scam Alert!

Scammers are running Facebook advertisements that claim that Datuk Muhamad Umar Swift and/or Bursa Malaysia are giving free investment advice, or free books on stock investing!

Hi everyone, I am Datuk Muhamad Umar Swift
The Chief Executive Officer of Bursa Malaysia Bhd.
Since 2023, the Malaysian stock market has been relatively sluggish🤕🤕🤕
This may be because many stock market investors do not understand stock market trading
I have been blindly following the investment, resulting in a lot of losses
I have also received many letters from investors recently:
Ask if I have improved my trading skills?
Here I recommend a few stock books to everyone!
This can effectively improve your trading skills 💖💖💖
I also prepared 2,000 stock books for everyone📖📖📖
Free gift to Malaysian stock market investors, yes, it’s free!
Please add my assistant’s wapp, she will mail you books for free👇👇👇

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Bursa Malaysia Investment Scam : What You Need To Know!

These Datuk Muhamad Umar Swift and/or Bursa Malaysia free book / investment group scams are being promoted heavily on Facebook in 2023, so please alert your family and friends!

Fact #1 : Bursa Malaysia Reported These Ads As Fake

Bursa Malaysia is aware of these fake advertisements on Facebook, posting this scam alert on May 17, 2023:

[SCAM ALERT] Don’t be fooled by Facebook ads or pages that offer stock advice. Scammers are known to impersonate Bursa Malaysia representatives to lure you into their fake investment schemes. If you have come across ads or pages like this, be sure to report it to Bursa2U along with a screenshot and source link at bursa2u@bursamalaysia.com or call Bursa Malaysia’s Help Centre at +603-2732 0067. Remember to check the Securities Commission Investor Alert List at http://sc.com.my/investor-alert before investing. Contact the National Scam Response Centre hotline 997 if you have been a victim of scam.

[AMARAN SCAM] Jangan terpedaya dengan iklan atau halaman Facebook yang menawarkan nasihat saham. “Scammer” seringkali menyamar sebagai wakil Bursa Malaysia untuk memujuk anda ke dalam skim pelaburan palsu mereka. Jika anda menjumpai iklan atau halaman seperti ini, pastikan anda melaporkannya kepada Bursa2U berserta tangkapan skrin dan sumber pautan ke bursa2u@bursamalaysia.com atau hubungi Pusat Khidmat Bursa Malaysia di talian +603-2732 0067 . Semak Senarai Amaran Pelabur Suruhanjaya Sekuriti di http://sc.com.my/investor-alert sebelum melabur. Hubungi talian hotline Pusat Respons Scam Kebangsaan 997 jika anda menjadi mangsa penipuan.

#StayAlert #ScamAlert #TakNakScam #JanganKenaScam

Fact #2 : Bursa Malaysia Is Not A Charity

Please do NOT be naive. Bursa Malaysia is not only the stock exchange of Malaysia, it is also a public listed company, whose focus is to make money, not a charity to give you free books or advice!

Datuk Muhamad Umar Swift is not only the CEO of Bursa Malaysia Berhad, he is also the director of its subsidiary companies. He certainly has more important (and profitable) things to do than to create a WhatsApp group to answer YOUR questions or advice YOU on what stocks to buy!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #3 : Bursa Malaysia Does Not Use WhatsApp To Communicate

Bursa Malaysia offers a multitude of contact options by snail mail, online forms on their Bursa2U portal, email or telephone.

What it does not have is a WhatsApp account. So when scammers message you to collect your “free books” using WhatsApp, or ask you to join the Bursa Malaysia WhatsApp group, be warned!

Datuk Muhamad Umar Swift (fake) : I’m sorry because too many people have privately messaged me, please click to add administrator 👇whatsapp👇, send “PM” to join our company’s free communication group! https://wa.me/6019527xxxx

The real Datuk Muhamad Umar Swift, and Bursa Malaysia, will never ask you to join a WhatsApp group for any reason, whether it’s for investment advice, stock tips, or to buy and sell stocks, etc.

Fact #4 : One Victim Lost RM480K To Investment Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Maybank ATM Card: How to disable Debit Card feature!

Find out how to disable the Debit Card feature of your Maybank ATM card, and why you should do that right away!

 

Maybank ATM Card Is Also Visa payWave Debit Card

Many Maybank customers may not know this, but your ATM card is not just an ATM card – it doubles as a Visa payWave debit card as well.

Since Maybank introduced its first combined ATM + Visa Debit card in March 2008, it has progressively migrated all existing ATM cards to the new combined card.

Today, all Maybank ATM cards are effectively Visa payWave debit cards, even though we may not have applied for the debit card or payWave functions.

Recommended : How To Pay PDRM Traffic Summons Using Maybank ATM!

 

Maybank ATM Card : Why You Should Disable Debit Card Feature!

Banks are promoting the use of debit cards, because they charge an interchange fee for every debit card transaction. That is why banks are “forcing” these combined ATM + debit card onto customers.

However, debit cards only offer minimal fraud protection (if at all), as payments are considered to be directly withdrawn from your bank account. That is why personal finance experts always recommend using a credit card, instead of a debit card.

Even worse, these debit cards often include contactless payment technologies like Visa payWave or Mastercard contactless. This allows anyone to directly withdraw money from your account without even requiring the PIN number!

Transaction
Amount
Required Action
Above RM250 Tap and use PIN to approve
RM250 and below Just tap. No PIN required.

Now, to be clear, the debit card and payWave feature will only be enabled after you perform at least one (1) successful PIN transaction at any point-of-sales terminal. But once that is done – both debit card and payWave features will remain activated.

This is one of the many reasons why money-savvy people do not use debit cards at all. It’s not only much safer to use credit cards, they also help build your credit rating and some benefits like cash back rebates, points, etc. There literally isn’t any benefit to using debit cards.

Unfortunately, many banks aren’t giving you the option of opting out. You may not want one, but you may not have a choice. The Maybank ATM card, for example, is a Visa payWave debit card which you cannot opt-out of. You cannot ask for a pure ATM card, and neither will Maybank disable the debit card or payWave features. I know. I asked.

Recommended : Facebook Ads Scam Hits Many Maybank Customers!

 

Maybank ATM Card : How To Disable Debit Card + payWave!

To be clear – there is no way to actually disable the debit card or payWave functionality of your Maybank ATM card. But you can effectively disable both features by setting the debit card purchase limit to zero.

In this guide, I will show you how to do that using your Maybank2U online account, or at the Maybank ATM.

Maybank2U Online Account

Step 1 : Log into your Maybank2U account

Step 2 : On the right corner of the Maybank2U screen, click on the Settings option.

Step 3 : Click on the Cards tab, and it should show you the Manage Debit Cards section by default.

As you can see, by default, the Maybank ATM-debit card has a purchase limit of RM1,000 per transaction.

Step 4 : Click on the Edit icon, and you will be able to change the Purchase Limit, from RM0 all the way to RM10,000.

Step 5 : Select RM0.00 from the drop-down list, and the click the SAVE button.

Step 6 : Look for this yellow banner at the bottom of the screen, and click the REQUEST button to request the 6-digit SMS TAC on your registered mobile number.

Step 7 : Once you receive the 6-digit SMS TAC, key it into the box, and click on the CONFIRM button.

If you keyed in the correct SMS TAC, you should see this notice telling you that your new purchase limit has been set.

Now that you have successfully reduced your Purchase Limit to RM0.00, it doesn’t matter that Maybank refuses to disable the debit card or payWave function. They both just won’t be able to transfer any money from your account!

Maybank2U Online Account

Step 1 : Insert your ATM card and key in your PIN number.

Step 2 : Select Other Transaction in the main menu.

Step 3 : Select the  Change Limit / Language / Maybank One option.

Step 4 : Select the Purchase Limit option.

Step 5 : Select No Purchase to prevent the card from being used to make any purchases.

Alternatively, you can select Preferred Limit. Then you need to key in RM 0.00, and then select Yes to confirm that decision.

After you set No Purchase or a Preferred Limit of RM0.00, the debit card and payWave functionality of your Maybank ATM card is effectively disabled.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Sunway + Jeffrey Cheah Free Books Scam Alert!

Please note – Jeffrey Cheah and the Sunway Group are not giving away free books on stock investing, to help new investors!

Find out what’s going on, and warn your family and friends!

 

Sunway + Jeffrey Cheah Free Books Scam Alert!

Scammers are running Facebook advertisements that claim that Tan Sri Dr Jeffrey Cheah and/or the Sunway Group are giving away free books on stock investing, to help new investors!

Hello everyone, I am Jeffrey Cheah, Chairman and Founder of Sunway Group
Since 2023, the Malaysian stock market has been relatively sluggish🤕🤕🤕
This may be because many stock market investors do not understand stock market trading
I have been blindly following the investment, resulting in a lot of losses
I have also received many letters from investors recently:
Ask if I have improved my trading skills?
Here I recommend a few stock books to everyone!
This can effectively improve your trading skills 💖💖💖
I also prepared 2,000 stock books for everyone📖📖📖
Free gift to Malaysian stock market investors, yes, it’s free!
Please add my assistant’s wapp, she will mail you books for free👇👇👇

Recommended : TNG RFID Bar Code Scanning Scam Debunked!

 

Sunway / Jeffrey Cheah Free Books Scam : What You Need To Know!

This Sunway / Jeffrey Cheah free book scam is being promoted heavily on Facebook in May and June 2023, so please alert your family and friend!

Fact #1 : Sunway Group Reported These Pages / Ads As Fake

The Sunway Group is aware of these fake advertisements being run by scam Facebook pages, posting this scam alert:

SCAM ALERT

Please be alert of several scams using fake Facebook accounts, bearing the names “Sunway Investment” and “Sunway Global Investment”, claiming to be affiliated with Sunway entities.

These Facebook accounts have NO association with Sunway Group nor that of our chairman.

We urge all to be cautious and to not fall victim to these scams, and report these fake accounts to Facebook immediately.

Fact #2 : Sunway Group Is A Business, Not A Charity

Please do NOT be naive. The Sunway Group (Sunway Berhad) is a public listed company, whose focus is to make money, not a charity to give you free books!

Fact #3 : Giveaways Were Not Posted In Official Website / FB Page

If the Sunway Group was really giving away free books, it would have posted the offer on:

These scams are being run off fake Facebook pages that are brand new, and have nothing to do with Tan Sri Dr. Jeffrey Cheah, or the real Sunway Group.

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #4 : Sunway Group Does Not Use WhatsApp To Communicate

The Sunway Group offers a multitude of contact options by online forms, email or telephone number. What it does not have is a WhatsApp account. So when scammers message you to collect your “free books” by messaging a WhatsApp number, be warned!

Please add my WhatsApp message, send me your mailing information, and I will mail you stock books for you for free! My WhatsApp: https://xxxx.xx/60113906928

The Sunway Group will also not ask you to join a WhatsApp group for any reason, whether it’s for investment advice, stock tips, or to buy and sell stocks, etc.

Fact #5 : Scammers Will Try To Scare You

Scammers will try to scare you into contacting them, by telling you that stock is running out. Just ignore them!

There are only 3 free places left, which have been reserved for you, please add and leave a message as soon as possible Whatsapp : https://xxxx.xx/60113906928

There are many friends who have claimed it, please tell us whether you have added it successfully! If you do not add or reply, it means that you will give up the quota by default and automatically transfer it to the next friend. Thank you for your understanding!

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #6 : One Victim Lost RM480K To A Free Book Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : How Fake Job Syndicates Operate!

Find out how fake job syndicates operate, and how they reel you into their scams, and cheat YOU of your hard-earned money!

Make sure you SHARE this article, to warn your family and friends to avoid the fake job scams!

 

Fake Job Scams : What Are They?

Fake job scams have been around for a long, long time. But fake job syndicates have become more active recently, probably because more people are getting laid off, and inflation is eating into our money.

Fake job scams come in a variety of ways, but most commonly, you get unsolicited messages through WhatsApp or iMessage, offering you the opportunity to make a lot of money through part-time work, in the comfort of your own home.

Good day YouTubers!! This is Alexa from Youtube Entertainment. We invite you to participate in our event by liking and subscribing to our channel and we will give you XXX. Please reply “YES” if you are interested. Thank you.

Hi, I’m the recruitment manager of XYZ company. XYZ invites you to do regular work at home.

You can easily earn [large amounts of money] with your mobile phone every day, and your salary will be settled on the same day.

Please add my WhatsApp to sign up. The number of places is limited, only for today.

Hey! You have been selected for a job. Daily salary XXXX to YYYYY. WhatsApp [number removed]. Reply YES to apply.

Recommended : How To Block Facebook Ads + Pay Scammers!

 

Scam Alert : How Fake Job Syndicates Operate!

I personally have received many of such fake job offers, and have always ignored them. But when I saw a sudden surge of fake job offers, I decided to look into it. I also wanted to find out how they worked.

So I took a dive into two different fake job scams last week, and here was what I found…

How They Reel Their Victims In

It all starts with scammers tasked with “fishing” for victims. They will try to contact you by email, Facebook Messenger, SMS, WhatsApp, Telegram, or iMessage. Regardless of the method, the hook is simple – we are offering you an EASY way to make A LOT of money!

Once you are suitably impressed, these “fishing” scammers will offer you a simple task to show you just how easy it is to make a lot of money. To entice me, the two scammers offered me a pretty good sum of money for a very simple task:

Syndicate A : Subscribe to this YouTube channel, and send me the screenshot to receive XXXX.

Syndicate B : Like this YouTube video, and send me the screenshot to receive YYYY.

Recommended : Watch Out For Telegram Phishing Attack!

The Fishing Scammer Hands You Over To The Syndicate

After you complete that task, the fishing scammer then hands you off to the actual fake job syndicate, ostensibly for payment. You are asked to contact the company secretary / account manager on Telegram, with a “payment code”.

From what I surmise, the “payment code” is actually the fishing scammer’s referral code – they get paid for every victim they send the syndicate.

This will be your last contact with these fishing scammers. They are off to reel in more victims!

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Syndicate Baits You With Payment

The syndicate secretary / account manager will ask you to register your details with them, but they are not too particular with any details, except for your phone number. If you give them the fake number, they will know because they will check with the fishing scammer using their referral code. But feel free to give them other fake details – they won’t care.

The fake job syndicate will then send you the payment for that “test” job, using a mule account. If you ask them why they are sending you the money through a different company account or even a random person’s account, they will tell you that they have many bank accounts because of daily transaction limits.

Syndicate Baits You With Simple Tasks

The syndicate will then add you to their Telegram channel offering multiple tasks per day. Instead of YouTube channels or videos, you are tasked to very simple tasks like:

  • open a link to a product page on an online shopping platform
  • take a screenshot of that product page
  • post that screenshot to the Telegram group
  • share that screenshot with your syndicate agent

You will breeze through the first three tasks easily, and the fake job syndicate will pay you promptly.

Fantastic, isn’t it? What could go wrong? After all, there are hundreds of other people participating in the same tasks, and getting paid!

Recommended : Can SIM Swap empty bank accounts without warning?!

Syndicate Tempts You With Pay To Earn Scam

At this point, you have done some calculations, and realise that you can easily make good money every day doing these simple tasks.

That’s when the fake job syndicate offers you the opportunity to make some serious cash. But there’s one catch – you need to PAY them to get access to jobs with serious money.

For every dollar you prepay, the fake job syndicate promises that you will get that back PLUS 10% to 30%, within minutes. Just in case you are worried about losing your money, hey, they are offering a refund. Honest!

And how can they offer you so much money for so little work? The syndicate throws in the magic word – cryptocurrency! Of course! That’s the only way anyone can make tons of money easily, with both eyes closed!

Recommended : BitiCodes Scam Alert : Fake Celebrity Endorsements!

Syndicate Pressurises You With Bots

To convince you that they are legit, you will see many people posting screenshots of their payments to the Telegram group. They will also publicly announce how much they are investing. In some cases, they also post excitedly about how much money they already made, and how much they plan to make today.

This is just a charade to make you believe that people are really making money through this scheme. Most of these “participants” appear to be bot accounts, with a few sock puppet accounts. If you monitor these accounts over time, you will see them change names. I even spotted one of these fake participants (mercado livre in the screenshot above) become the Telegram group admin!

The genuine victims are those asking questions in the group like “We have to prepay?” But oddly enough, no one else in the group (except the Telegram group admin) will respond. That’s not how real people behave.

And if you check their receipts, you will notice some discrepancies in their receipts, which suggest that they were edited:

  • transfers within the same bank were labelled as transfers “to other banks”.
  • account numbers are too short / long for that particular bank

The others are possibly genuine receipts (by people who were scammed earlier), with their dates and times changed.

Recommended : 2023 Turkey Earthquake : Fake Photos + Scam Alert!

Once You Pay, It’s Game Over

I managed to get in touch with two victims of this scam, who claimed that once they deposited the prepaid amount, they were ghosted and removed from the Telegram group.

So that appears to be the scam – they bait you with a bit of money, until you are convinced that they are real. Then once you prepay them for the “big job”, they dump you right away.

Your assigned syndicate agent will block you, and you will get kicked off the Telegram group, which often disappears after scamming a few victims. Often, you will find your Telegram conversations with them mysteriously deleted. By then, it’s much too late – you have already lost your money.

To ensure they don’t lose money, they will price the introductory offer low enough to entice victims, but high enough to cover their costs and then some. But they will inevitably score some big fish, which is why the fake job scam persists.

Now that you know how the fake job scam works, please DO NOT get trapped into it! NEVER pay to get a job. It is just a scam!

Please SHARE this article out, and WARN your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Gigabyte motherboards shipped with firmware backdoor!

Millions of Gigabyte motherboards and laptops shipped with a built-in backdoor in its UEFI firmware!

Here is what you need to know about this cybersecurity danger, and what you can do about it!

 

Gigabyte Motherboards Shipped With Firmware Backdoor!

On 31 May 2023, researchers at the cybersecurity firm Eclypsium revealed that 271 Gigabyte motherboard models have been compromised with UEFI firmware with a built-in backdoor!

Eclypsium’s heuristic detection methods recently began flagging suspicious backdoor-like behaviour in Gigabyte motherboards. When its researchers looked into it, they found that Gigabyte motherboard firmware was executing a Windows native executable during the system start up process. This executable then insecurely downloads and executes additional payloads.

From their analysis, the executable appears to be a legitimate Gigabyte module called WpbtDxe.efi:

  • it checks to see if the “APP Center Download & Install” feature is enabled
  • it downloads executable payloads from Gigabyte servers
  • it has a Gigabyte cryptographic signature

They also found that the downloaded payloads have Gigabyte cryptographic signatures too, which suggest that this firmware backdoor was implemented by Gigabyte itself.

However, Eclypsium researchers discovered that the Gigabyte implementation had a number of problems, which would make it easy for threat actors to abuse the firmware backdoor:

  • one of its payload download locations lacks SSL (using plain HTTP, instead of the more secure HTTPS), allowing for Machine-in-the-middle (MITM) attacks
  • remote server certificate validation was not implemented correctly even when the other two HTTPS download locations were used, which allows for MITM attacks
  • one of its payload download locations is a local network-attacked storage device (NAS), which could allow a threat actor to spoof the location of the NAS to install their own malware
  • the Gigabyte firmware itself does not verify any cryptographic signatures, or validates the downloaded executables.

In short – millions of Gigabyte motherboards have a cybersecurity vulnerability, due to their firmware which includes an insecure / vulnerable OEM backdoor. As John Loucaides from Eclypsium put it:

If you have one of these machines, you have to worry about the fact that it’s basically grabbing something from the Internet and running it without you being involved, and hasn’t done any of this securely.

The concept of going underneath the end user and taking over their machine doesn’t sit well with most people.

Note : This vulnerability affects all computers using Gigabyte motherboards, including laptops.

 

Gigabyte Rolls Out New Firmware To Mitigate Backdoor!

After the news blew up inconveniently during Computex 2023, Gigabyte quickly rolled out new beta firmware upgrades for its AMD and Intel motherboards.

According to Gigabyte, the new beta firmware upgrades have “improved security mechanisms” that will “detect and prevent malicious activities during the boot process“. It also appeared to have implemented other changes:

  • enhanced the signature verification process for fils downloaded from its remote servers
  • conduct more thorough checks of file integrity to prevent the introduction of malicious code
  • enabled standard cryptographic verification of remote server certificates

The new firmware has just been released for AMD 600-series motherboards, as well as Intel 500- and 400-series motherboards, but will eventually be introduced for older motherboards. The new firmware will have the description, “Addresses Download Assistant Vulnerabilities Reported by Eclypsium Research“.

As Gigabyte does not intend to remove the backdoor feature, you might want to consider Eclypsium’s advice on how best to reduce the risk of malicious actors taking advantage:

  1. Scan and monitor systems and firmware updates in order to detect affected Gigabyte systems and the backdoor-like tools embedded in firmware. Update systems to the latest validated firmware and software in order to address security issues like this one.
  2. Inspect and disable the “APP Center Download & Install” feature in UEFI/BIOS Setup on Gigabyte systems and set a BIOS password to deter malicious changes.
  3. Administrators can also block the following URLs:
    – http://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
    – https://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
    – https://software-nas/Swhttp/LiveUpdate4

For starters, you should definitely download and update your Gigabyte motherboard or laptop with the improved firmware. Then disable APP Center Download & Install in the BIOS.

Let’s hope Gigabyte will be able to quickly issue new and improved firmware to mitigate, if not remove, the backdoor vulnerability for the affected 271 motherboard models, and its future motherboards and laptops. Even so, many users might not be aware of this vulnerability or these updates.

It seems likely that threat actors will have access to this backdoor vulnerability in many Gigabyte motherboards and laptops for years to come. Even Eclypsium’s Loucaides believes so:

I still think this will end up being a fairly pervasive problem on Gigabyte boards for years to come.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Computer | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Watch Out For Kenanga Free Books Scam!

Is the Kenanga Investment Bank giving away free books on stock investing, to celebrate its 50th anniversary?!

Find out what’s going on, and warn your family and friends!

 

Watch Out For Kenanga Free Books Scam!

Scammers are running Facebook advertisements that claim Kenanga Investment Bank is giving away free books on stock investing, to celebrate its 50th anniversary!

good news 🎉 good news 🎉 good news 🎉
Kenanga Investment Bank Berhad,
Now it is the largest independent investment bank in Malaysia Established in 1973, it is about to celebrate its 50th anniversary 🎉🎉🎉
Kenanga Group will give away 2,000 stock books for free If you are interested in the stock book, you can get it for free Please click on the messenger to get the book for free 📖📖📖
The number of books is limited, and the activity will stop after the gift is completed 👇👇👇

Hi everyone, this is Kenanga Investment Bank Berhad
Now it is the largest independent investment bank in Malaysia
Established in 1973, it is about to celebrate its 50th anniversary 🎉🎉🎉
During these 50 years, we have helped countless stock investors make profits in the stock market
In order to thank investors for their support all the way, 💝💝💝🎊🎊🎊
We will give out the first gift for stock market investors 🎁🎁🎁
Kenang Group has prepared 5000 stock books (1000 sets) 📚📖📖
Free gift to investors who support Kenang Group all the way
Please click on the session, add the assistant’s wapp, and register the mailing address
We will mail the book to your registered address for free
The number of stock books is limited, while supplies last 💝💝💝

Recommended : TNG RFID Bar Code Scanning Scam Debunked!

 

Kenanga Free Books Scam : What You Need To Know!

This Kenanga free book scam is being promoted heavily on Facebook in May 2023, so please alert your family and friends!

Fact #1 : Kenanga Reported These Pages / Ads As Fake

Kenanga is aware of these fake advertisements being run by scam Facebook pages, posting this scam alert on May 12, 2023:

Once again we would like to remind our clients and the public to be careful of scammers impersonating our brand to provide fraudulent product and services.

We are not offering any free books/e-books or make anyone join a WhatsApp group.

If you received any of this communication recently, stop responding and report the page/numbers immediately.

If you have been scammed, contact the National Scam Response Centre hotline 997.

Fact #2 : Kenanga Is A Business, Not A Charity

Please do NOT be naive. Kenanga is an investment bank – a business, not a charity. Just because it is celebrating its 50th anniversary in 2023, does not mean it’s giving anything away.

Even if it wanted to celebrate its anniversary by giving away books, it would be giving them to clients, not to the public!

Kenanga is a public-listed company, whose focus is to make money, not a charity to give you free books!

Recommended : Can SIM Swap empty bank accounts without warning?!

Fact #3 : Giveaways Were Not Posted In Official Website / FB Page

If Kenanga was really giving away free books, it would have posted the offer on:

These scams are being run off fake Facebook pages that are brand new, and have nothing to do with the real Kenanga.

Fact #4 : Kenanga Does Not Use WhatsApp To Communicate

Kenanga offers a multitude of contact options by online forms, email or telephone number. What it does not have is a WhatsApp account. So when scammers message you to collect your “free books” by messaging a WhatsApp number, be warned!

Please add my WhatsApp message, send me your mailing information, and I will mail you stock books for you for free! My WhatsApp: https://xxxx.xx/60113906928

Fact #5 : Kenanga Will Not Ask You To Join WhatsApp Groups

Just to be clear, Kenanga states that it will never ask anyone to join a WhatsApp group for any reason, whether it’s for investment advice, stock tips, or to buy and sell stocks, etc.

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #6 : Scammers Will Try To Scare You

Scammers will try to scare you into contacting them, by telling you that stock is running out. Just ignore them!

There are only 3 free places left, which have been reserved for you, please add and leave a message as soon as possible Whatsapp : https://xxxx.xx/60113906928

There are many friends who have claimed it, please tell us whether you have added it successfully! If you do not add or reply, it means that you will give up the quota by default and automatically transfer it to the next friend. Thank you for your understanding!

Fact #7 : One Victim Lost RM480K To A Free Book Scam!

In November 2022, a 60 year-old housewife from Port Dickson fell for a similar “free book” scam, and lost almost RM480,000.

After being offered the free book on Facebook, she was asked to join a WhatsApp group called Family Discussion, where she was asked to convinced to “invest”.

The WhatsApp group administrator instructed her to download an application called Forza, and open a savings account. She was then asked to deposit money into certain bank accounts, and upload the slips using that Forza app as proof.

The lady withdrew her savings and borrowed from her children and friends to invest RM476,100. However, when she wanted to withdraw the interest paid by the company, her account was blocked. The group administrator told her that she would need to deposit an additional RM427,200 to withdraw the interest.

That was when the lady realised she had been scammed, and lodged a police report.

Please help us FIGHT SCAMMERS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | Cybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Restaurant Menu QR Code Hack Your Phone?!

Did the FBI just warn people to avoid using the restaurant menu QR code, because it can hack your phone?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : FBI Says Restaurant QR Code Can Hack Your Phone!

People are sharing a Daily Mail article, or screenshots of it, which claims that the FBI just warned people not to use any restaurant menu QR code because it can allow hackers to steal your data!

Here is an excerpt from the Daily Mail article. Feel free to skip to the next section for the facts!

Why you should ALWAYS ask for a physical menu: FBI warns hackers are planting fake QR CODES in restaurants that steal your data when you click the link

  •  Scammers are making fake QR codes to place on top of real ones 
  • This is letting them access smartphones and steal personal data

QR codes have become the new default for accessing restaurant menus across the US post-Covid — but scammers are seizing upon the new practice.

The FBI warns thieves are creating fake QR codes and planting them at eateries, retail shops and even parking meters.

Instead of taking you to an online menu or checkout, the links instantly download malware onto your device, stealing your location and personal information

The FBI has urged consumers to look out for typos or misplaced letters in URLs accessed through QR codes and ask restaurants for a physical menu.

Recommended : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Truth : FBI Did Not Say Restaurant QR Code Can Hack Your Phone!

This appears to be a “misunderstanding” of an actual FBI warning about QR codes. Here is what you need to know about the risks of scanning a QR code for a restaurant menu.

Fact #1 : FBI Issued QR Code Warning In January 2022

I could find no reference to a recent QR code warning by the FBI, and oddly enough, The Daily Mail did not provide a source or link to the FBI warning its article was referring to.

The FBI only released one public service announcement (PSA) about QR codes, and that was Alert Number 1-011822-PSA which was released on January 18, 2022.

If that was the source for the Daily Mail article, then it’s more than a year old, and not recent as the article appears to suggest.

Fact #2 : FBI Warned About General QR Code Risk

The FBI advisory was a general warning about the risks of tampered QR codes. Specifically, it warned about cybercriminals tampering with both digital and physical QR codes.

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

Cybercriminals tamper with both digital and physical QR codes to replace legitimate codes with malicious codes. A victim scans what they think to be a legitimate code but the tampered code directs victims to a malicious site…

Fact #3 : FBI Advisory Did Not Mention Restaurant / Menu

Interestingly, the entire FBI advisory did not once mention restaurants or menus, and that makes a lot of sense.

It is odd to focus on the risk of using QR codes for online menus in restaurants, when they are used in so many other ways today – from making mobile payments, as mobile tickets, login tokens, etc.

Any security risk involving restaurant menu QR codes would also apply to QR codes used for other purposes. So it really doesn’t make sense for the FBI to “pick on” restaurant menu QR codes.

Recommended : Can Approve New Participant block WhatsApp hackers?!

Fact #4 : QR Code Is Not Malicious In Nature

QR code (which is short for Quick Response code) is not nefarious or malicious in nature. The FB advisory specifically pointed that out – “QR codes are not malicious in nature“.

The QR code is merely a type of two dimensional barcode that was invented in 1994 by the Japanese company, Denso Wave, to track automotive parts. It has since been adopted for other purposes because it is more efficient and can support more than just numbers. For example, Version 40 QR code can contain up to 7,089 numbers or 4,296 characters.

Ultimately, a QR code is nothing more than a series of numbers or characters – data which can be used for a variety of purposes, including providing a link to an online restaurant menu.

Fact #5 : QR Code Can Be Tampered With

It is true that QR codes can be tampered with. In fact, the FBI advisory was issued after Texas police departments discovered fraudulent QR code stickers on parking meters in San Antonio and Austin. Drivers who scanned those fake QR codes were taken to a scam website. instead of the real payment website.

Hence, the FBI issued that warning to remind people to check the URL link to make sure that it is the intended website, and not a phishing page with a similar link. For example, the fake website may use www.quikpay.com when the real website is www.quickpay.com.

To completely avoid this risk, avoid using QR code to access a payment website. Always go directly to the payment website on your smartphone’s web browser by keying in the link yourself. Genuine payment labels with a QR code will often include a direct URL link for you to use as a safer alternative.

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #6 : Restaurant Menu QR Code Is Low Risk

While scammers can place fraudulent QR codes over genuine ones at restaurants, bars, and other eateries, this is a very unlikely attack vector.

That’s because restaurants often use QR codes to redirect you to an online system to order food and drinks for your table. Imagine if you scan a fraudulent QR code and are asked to key in your credit card details. That would be absurd, and you would surely complain to the waiter since you haven’t even ordered your food!

In most cases, you are not expected to pay at the table using QR code. You either pay using cash / credit card / mobile payment using QR code at the payment counter. Even if that QR code is compromised, the cashier would notice it immediately as any payment made using that QR code would not reflect in the restaurant’s point-of-sale (POS) system.

And payment only occurs after dining – a fraudulent QR code that leads you to a fake website won’t allow you to actually order anything, since it’s not connected to the real restaurant and its ordering system. That’s why this attack vector is highly improbable.

In any case, many restaurants now generate temporary QR codes on disposable paper stubs to avoid this risk. The QR code is only valid for your dining session. The next person to dine at the same table will receive a different QR code.

Fact #7 : QR Code Can Potentially Inject Malware

It is possible for QR code to inject malware into the smartphone that you are using to scan. In fact, there are apps like QRGen that allow scammers / hackers to easily generate malicious QR codes. However, it isn’t quite as simple as the article makes it out to be.

For one thing – malware and exploits are limited to specific operating systems or phone models. For example, an Android exploit / malware won’t work on iPhones. Or an exploit / malware that makes use of an Android 11 vulnerability won’t work on newer / updated Android smartphones since they would have patched the exploit.

Second – any malware will require considerable amounts of code to load. The scammer / hacker will have to use an enormous QR code like the version 40 example below, or it will need to convince you to download and install the malware package itself.

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Genuine restaurant menu QR codes are simple – like the version 1 / version 10 examples above, because they only serve a link to their online menu / ordering system. If you see a large and complex QR code like the version 40 example, avoid scanning it, and ask the restaurant staff to verify its authenticity.

Restaurant menu QR codes would also never ask you to download or install anything. They only serve to load a link to an online menu / ordering system, so if you are asked to download or install anything, do NOT proceed, and notify the restaurant.

These tips also apply to other businesses that use QR codes to show you a menu, discounts, offers, information, etc.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MoneyTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Former exec: China has backdoor access to TikTok data!

A former top ByteDance executive is alleging that the China has backdoor access to all TikTok data!

 

Former Exec : China Has Backdoor Access To TikTok Data!

A former top executive at ByteDance – TikTok’s parent company, has just claimed that it built a “backdoor channel” in its code to allow the Chinese Communist Party (CCP) supreme access to user data in TikTok.

This revelation came as part of the lawsuit that Roger Yu Yintao, filed against ByteDance for wrongful termination from his job as head of engineering in the United States. He says he worked there from August 2017 till November 2018.

In his lawsuit filed on May 12 at the San Francisco Superior Court, Roger Yu alleges that he was fired from his job for his “observation and reporting of illegal conduct” at ByteDance to his supervisors.

He said he observed ByteDance being “responsive to the CCP’s requests” to share, elevate, or even remove content”, describing the company as “a useful propaganda tool for the Chinese Communist Party”, and is engaged in a “culture of lawlessness”.

More shockingly, he claimed that the CCP has a special office in ByteDance, sometimes referred to as the “Committee”. Its task was allegedly to monitor ByteDance, and advise it on how to advance “core Communist values”.

He also claimed that the CCP “Committee” can demote content it viewed as unfavourable to China’s interests, and even has a “death switch” to turn off Chinese versions of its apps.

Roger Yu also claimed that he “saw the backdoor channel in the code”. If true, such a backdoor would give China and the CCP government unfettered access to all data in TikTok, no matter where the data is located.

The Committee maintained supreme access to all the company data, even data stored in the United States.

Recommended : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

Roger Yu Yintao (left) and ByteDance founder, Zhang Yiming, at ByteDance, 2015

Allegedly, ByteDance was “aware that if the Chinese government’s backdoor was removed from the international / US version of the app, the Chinese government would, it feared, ban the company’s valuable Chinese-version apps”.

Roger Yu also accused ByteDance of scraping data from its competitors – mainly Instagram and Snapchat, without users’ permission. He claimed that ByteDance used software to “systematically” collect videos from its competitors, and repost them to its own platform using fake accounts, without their creators’ permission.

 

ByteDance Denies Allegations Of Backdoor Access For China

A ByteDance spokesperson has denied the allegations laid out in Roger Yu Jintao’s lawsuit, claiming that he only worked for a short time on an unrelated app called Flipagram, which was discontinued for business reasons.

We plan to vigorously oppose what we believe are baseless claims and allegations in this complaint.

Mr. Yu worked for ByteDance Inc. for less than a year and his employment ended in July 2018.

According to earlier reporting of Roger Yu Yintao’s lawsuit, he realised that ByteDance had been engaged for years in a “worldwide scheme” to steal and profit from content created on other platforms soon after he began his job.

In response to those allegations, the ByteDance spokesperson said that the company is “committed to respecting the intellectual property of other companies, and we acquire data in accordance with industry practices and our global policy.”

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | BusinessTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Malaysian Telcos Ban SMS Links To Prevent Scams!

Malaysian telcos have started banning SMS links, as part of the MCMC’s initiative to prevent scams! Here is what you need to know!

 

Malaysian Telcos Ban SMS Links To Prevent Scams!

On Tuesday, 2 May 2023, four Malaysian telcos – Maxis, Celcom, Digital and U Mobile started banning SMS links, as part of the MCMC’s initiative to prevent scams.

From this day onwards, users will be blocked from sending or receiving SMS with a link. MCMC had earlier issued the directive to all telcos on February 14, 2023, but the ban on SMS links is only now being implemented.

The ban on SMS links is currently not mandatory for all telcos, and is being implemented in phases. Currently, the ban is limited to SMS between individuals.

Businesses using short codes like 6XXXX, 2XXXX and 1XXXX will eventually be banned from including a URL link in their SMS messages. They will be given time to switch to other methods to send promotional messages with links to their customers.

The MCMC has issued a directive to all telcos to block sending and receiving of SMS with URL link. The objective is to prevent users from becoming victims of online scams

MCMC issued the directive to all service providers on Feb 14 and is currently assessing the progress. For now, the block is still not mandatory.

The blocking of person-to-person SMS with URL links will take effect from 2 May 2023. For SMS sent by business via short codes such as 6XXXX, 2XXXX and 1XXXX, this will be done later and specific notification to business users will be sent.

Malaysia Deputy Communications and Digital Minister Teo Nie Ching said in February 2023 that blocking such SMS links will ensure that people won’t click on them and possibly end up as a scam victim.

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

 

Only SMS Links Banned, Links Via Other Platforms Still A Risk

While this measure is really helpful in reducing scams, the ban is limited to SMS links. Scammers can still send links through instant messaging platforms like WhatsApp, Telegram, Facebook Messenger, WeChat, etc.

That does not mean that links are inherently bad. Links in messages, even SMS messages, are mostly safe.

Perfectly Fine

  • Clicking on a link to read an article / terms and conditions of a promotion
  • Clicking on a link to enrol in a promotion which does not require you to log into any website
  • Clicking on a link to check in for a flight, or get a travel update

However, they can be used to send you to a phishing website which is designed to look like a genuine bank / payment website. Hence, it is critical that you should NEVER log into any website through a link.

NEVER DO THIS

  • Clicking on a link to log into a bank website
  • Clicking on a link to make a purchase or payment
  • Clicking on a link to log into any account / email

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityMobile | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Microsoft : No More Windows 10 Updates, EOL In 2025!

Microsoft will no longer issue major Windows 10 updates, and will end support for the operating system in October 2025!

 

Microsoft : No More Windows 10 Updates, EOL In 2025!

On Thursday, 27 April 2023, Microsoft announced that it will no longer issue any further major Windows 10 update. The current 22H2 version that was released in October 2022, and entered broad deployment on November 18, 2022, would be the final version of Windows 10.

In addition, Microsoft announced that all editions of Windows 10 will reach the end of support on October 14, 2025.

  • Windows 10 Home
  • Windows 10 Pro
  • Windows 10 Enterprise
  • Windows 10 Education
  • Windows 10 Pro Education
  • Windows 10 Pro for Workstations
  • Windows 10 IoT Enterprise

However, Microsoft will continue to issue monthly security update releases (including Windows Defender updates) until that EOL date.

Windows 10 will reach end of support on October 14, 2025. The current version, 22H2, will be the final version of Windows 10, and all editions will remain in support with monthly security update releases through that date. Existing LTSC releases will continue to receive updates beyond that date based on their specific lifecycles.

The only exception will be existing LTSC (Long Term Servicing Channel) releases – they will continue to receive updates beyond that EOL date, based on their specific lifecycles.

  • Windows 10 Enterprise LTSC 2019 : Jan. 9, 2029
  • Windows 10 IoT LTSC 2019 Core : Jan. 9, 2029
  • Windows 10 IoT Core LTSC : Jan. 9, 2029
  • Windows 10 Enterprise LTSC 2021 : Jan. 12, 2027
  • Windows 10 IoT Enterprise LTSC 2019 : Jan. 9, 2029
  • Windows 10 IoT Enterprise LTSC 2021 : Jan. 13, 2032

Microsoft also took the opportunity to announce that two Windows 11 LTSC releases will be available in the second half of 2024:

  • Windows 11 Enterprise LTSC
  • Windows 11 IoT Enterprise LTSC

Enterprise users who want to plan and test applications and hardware while waiting for a Windows 11 LTSC release, should start doing so with the current Windows 11 22H2 edition.

 

Microsoft : Please Upgrade Before Windows 10 EOL!

Microsoft is therefore encouraging users to transition to Windows 11, because it will no longer release any feature upgrades.

Despite Windows 11 being introduced over 1.5 years ago, many Windows 10 users still refuse to upgrade / migrate to Windows 11.

According to the both Steam Store’s March 2023 and StatCounter’s survey, more than 73% of Windows-based PCs are still running on Windows 10!

On its part, Microsoft stopped selling Windows 120 downloads in January 2023, but until Microsoft starts cutting off security updates in October 2025, there will be little impetus for Windows 10 users to migrate to Windows 11.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can hackers use Good Morning greetings to hack you?!

Can hackers use Good Morning videos, pictures and messages to hack your devices, and steal your data?!

Find out what is happening, and what the FACTS really are!

Updated @ 2023-04-21 : Updated with a new 2023 version of the hoax
Originally posted @ 2022-11-01

 

Claim : Hackers Are Using Good Morning Messages To Hack You!

This post about Chinese hackers using Good Morning videos, pictures and messages to hack your devices, keeps going viral on social media and WhatsApp.

It’s a long message, so just skip to the next section for the facts!

Dear friends, please delete all welcome photos and videos in Good Morning format and the like. Read below the article to the end, which will be clear why I ask about it. From now on I will only send personally prepared greetings.

Read all! Please send this message urgently to as many friends as possible to prevent illegal intrusion.
Warning from Olga Nikolaevnas lawyer:

Recommended : Can Approve New Participant block WhatsApp hackers?!

 

Truth : Good Morning Greetings Not Being Used To Hack You!

Many of us get spammed with Good Morning or Good Night messages every day from family and friends.

While they often clog up Facebook, Telegram and WhatsApp groups, they really do NOT allow hackers to hack your devices.

Here are the reasons why Good Morning messages are very irritating, but harmless…

Fact #1 : Shanghai China International News Does Not Exist

The news organisation that was claimed to be the source of this warning – Shanghai China International News –  does not exist!

Fact #2 : Good Morning Greetings Not Created By Hackers

Hackers (from China or anywhere else) have better things to do than to create these Good Morning pictures and videos.

They are mostly created by websites and social media influencers for people to share and attract new followers.

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

Fact #3 : No Fraud Involving Good Morning Messages

There has been no known fraud involving Good Morning or even Good Night messages, videos or pictures.

Certainly, half a million victims of such a scam would have made front page news. Yet there is not a single report on even one case…. because it never happened.

Fact #4 : Image-Based Malware Is Possible, But…

Digital steganography is a method by which secret messages and other data can be hidden in digital files, like a photo or a video, or even a music file.

It is also possible to embed malicious code within a Good Morning photo, but it won’t be a full-fledged malware that can execute by itself.

At most, it can be used to hide the malware payload from antivirus scanners, which is pretty clever to be honest…

Recommended : How To Block Facebook Ads + Pay Scammers!

Fact #5 : Image-Based Malware Requires User Action

In January 2019, cybercriminals created an online advertisement with a script that appears innocuous and would pass any malware check.

However, the image itself has an “almost white” rectangle that is recognised by the script, triggering it to redirect the user to the cybercriminals’ website.

Once there, the victim is tricked into installing a Trojan disguised as an Adobe Flash Player update.

Such a clever way to bypass malware checks, but even so, this image-based malware requires user action.

You cannot get infected by the Trojan if you practice good “Internet hygiene” by not downloading or installing anything from unknown websites.

Fact #6 : Malicious Code Executes Immediately

If you accidentally download and trigger malware, it will execute immediately. It won’t wait, as the hoax message claims.

Deleting Good Morning or Good Night photos or videos will free up storage space in your phone, but it won’t prevent any malware from executing.

There is really no reason for malware to wait before it infects your devices. Waiting will only increase the risk of detection.

Whether the malware serves to take over your device, steal your information or encrypt it for ransom, it pays to do it at the first opportunity.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MSI Users At Risk Of Rogue BIOS / Firmware Updates!

MSI users are at risk of rogue BIOS / firmware updates, after hackers got hold of its source codes, private keys and BIOS firmware!

 

MSI Hit By Ransomware Attack + Data Theft!

On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.

In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.

After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.

MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.

In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.

Read more : MSI Hit By $4 Million Ransomware Attack + Data Theft!

 

Stolen Data Exposes MSI Users To Rogue BIOS / Firmware Updates!

The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang, which has threatened to release the 1.5 terabytes of critical data that it exfiltrated from MSI servers.

While MSI has apparently restored files encrypted by the ransomware, exposure of the private keys and source codes, will likely allow Money Message or other threat actors to develop rogue BIOS or firmware updates.

Installing rogue BIOS / firmware updates will give the malware the access level of a super-low-level rootkit, giving it full control over your computer, with the ability to spy on almost everything you do. Such malware will also be extremely difficult to detect and remove. After all, it boots up before the operating system!

These days, rogue BIOS or firmware updates are much less of a problem because they are usually digitally-signed by the vendor, MSI in this case. Even if threat actors distribute Trojanised downloads for MSI users, they cannot create the right digital signatures for those files.

However, now that MSI’s private keys have been stolen, they can be used to create rogue BIOS or firmware updates with authentic digital signatures! MSI users downloading and installing those updates will never know the difference.

Recommended : Can Approve New Participant block WhatsApp hackers?!

The biggest risk right now is with PC hardware enthusiasts who enjoy installing unofficial firmware updates to gain access to special settings. That is precisely why MSI is urging its users to only download files from its official website.

Of course, this assumes that the MSI download servers are secure, and have not been compromised. If the threat actors have access to the MSI download servers, they can insert Trojanised downloads with proper signatures, and MSI system administrators may be none the wiser!

Let’s hope that this incident forces MSI to take a much closer look at its cybersecurity measures, and run penetration tests to ensure that its download servers are secure. Otherwise, some threat actors will likely hit pay dirt with MSI users!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | ComputerTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MSI Hit By $4 Million Ransomware Attack + Data Theft!

MSI just got hit by a massive ransomware attack, but even worse – it lost a ton of critical data to the hackers!

 

MSI Hit By Ransomware Attack + Data Theft!

On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.

In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.

After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.

MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.

In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.

Read more : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Hackers Demand $4 Million From MSI To Not Release Stolen Data

The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang.

While MSI has apparently restored files encrypted by Money Message’s ransomware, the gang now has access to about 1.5 terabytes of critical MSI data.

According to BleepingComputer, chats between Money Message and an MSI representative show the gang demanding a ransom payment of $4 million. Otherwise, Money Message will release the stolen files.

To show that they did indeed steal those MSI files, Money Message posted screenshots of what they describe was MSI’s Enterprise Resource Planning (ERP) databases and files containing software source code, private keys, and BIOS firmware.

Recommended : Can Approve New Participant block WhatsApp hackers?!

If Money Message releases MSI confidential data, it may not just be embarrassing for the Taiwanese company, it could allow other threat actors to use the source code and private keys to create malware targeting their customers.

In light of that, MSI users should only download and install software or BIOS firmware from the official MSI website.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Can Approve New Participant block WhatsApp hackers?!

Can the new Approve New Participant feature in WhatsApp block hackers?!

Take a look at the viral claim, and find out what the facts really are!

 

Claim : Turn On WhatsApp Approve New Participant To Block Hackers!

WhatsApp started introducing a new feature called Approve New Participant, on 11 March 2023.

This new feature was only available to WhatsApp Group administrators, and went pretty much unnoticed by most WhatsApp users, until this claim went viral on WhatsApp and social media platforms:

CYBER SECURITY ALERT
Announcement

Let’s look sharp all admins*
WhatsApp has added a new security feature to prevent hackers from joining Groups.
I Hope Admins will take advantage of this feature.

*Admins* should go to group settings and
‘TURN ON’ Approve New Participant.

This will prevent unauthorized access for hackers.

WHATSAPP ADMINS ALERT!!!

That WhatsApp cybersecurity alert was unsigned, so we have no idea who created it. But once it went viral, WhatsApp users started asking their group administrator to turn it on to block hackers.

But does the new Approve New Participant feature really block hackers from attacking WhatsApp groups?

Recommended : Scam Alert : Watch Out For Telegram Phishing Attack!

 

Truth : WhatsApp Approve New Participant Does Not Block Hackers!

This is yet another example of FAKE NEWS circulating on WhatsApp, and social media platforms like Facebook and Twitter, and here are the reasons why…

Fact #1 : Approve New Participant Is Not A Cybersecurity Feature

First, let me just point out that Approve New Participant is not a cybersecurity feature. WhatsApp introduced the this feature to help group administrators “grow, moderate, and protect their groups“.

The Approve New Participants setting empowers admins to help grow, moderate, and protect their groups. Turning on the setting in Group Settings requires the admin to review every request to join the group before a participant is allowed to join. This feature enhances privacy and security for all participants in the group.

This feature is designed to protect private groups by preventing people from simply joining them using an invite link.

This is a major security concern for private groups, as it exposes the group chats to people who may not be authorised to view them. However, this is not a concern for open groups, as they are open to one and all.

Fact #2 : Approve New Participant Cannot Block Hackers

When a group turns on Approve New Participant, admin approval is required to join a group. People who attempt to join the group will see a Request to join button, with the message “An admin must approve your request”.

After clicking on Request to join, those who wish to join the group are allowed to share their Reason for the request, or Cancel Request.

Once the group administrators get the request, they can either approve or reject the request. Group administrators can also start a chat with the person to request more information.

All that is great for vetting people who want to join an exclusive WhatsApp group, but this new feature does not block hackers, as the group administrator will not know who is, or is not a hacker. It’s not like those WhatsApp accounts have a “hacker” or “not a hacker” label!

Hackers can use social engineering techniques to trick the group administrators into approving their requests, or they can simply use phishing attacks to take over the WhatsApp accounts of existing group participants!

Recommended : Must You Disable Facebook Auto-Fill To Block Scams?!

Fact #3 : Approve New Participant Is Disabled By Default

Cybersecurity features that are designed to block hackers will always be enabled by default – why would they be optional?

Yet, the new Approve New Participant feature is OPTIONAL in WhatsApp, and is DISABLED by default. That is because this is not a cybersecurity feature designed to block hackers.

Many WhatsApp groups are open for anyone to join, and turning on Approve New Participant would be pointless as group administrators would not know the identity of the people joining their groups.

This is why it is up to the WhatsApp group administrators to determine if it is suitable for them to use the new Approve New Participant feature, or not.

Private groups will want to turn this on, to vet people who request to join. But open groups will want this feature disabled, or their administrators will be overwhelmed with joining requests.

Fact #4 : Group Participants Can Always Be Removed

Here’s another reason why blocking new participants joining automatically does not block hackers – group participants can always be removed.

Let’s say a hacker, or an unauthorised person, gains access to your WhatsApp group. It doesn’t mean he/she can stay in your group forever. Any group administrator can remove that person.

This new feature only helps group administrators pre-vet people who want to join their group, instead of kicking them out after they have already joined.

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Scam Alert : Watch Out For Telegram Phishing Attack!

Watch out for the phishing attack that will allow scammers to take over your Telegram account!

 

Scam Alert : Watch Out For Telegram Phishing Attack!

Scammers are now targeting Telegram users with a phishing attack that is designed to trick them into giving up their accounts! The Telegram phishing attack works like this:

Step 1 : The scammer gains control of your friend’s Telegram account, and sends this message to you:

Dear Telegram users. The system detects that this account is abnormal and has potential security risks.

To ensure that you can log in to your account normally, you need to invite friends for auxiliary verification  

The risk control account has not been verified. The system will cancel the account after 24 hours! 

Personal Information Authentication:[link removed]

Step 2 : The scammer, masquerading as your friend, asks you to help him/her verify his/her Telegram account by clicking on the link.

There are security risks in my account, and I need friends to help me verify it. Please click on the official link to help me verify it and follow the prompts. thank you

Step 3 : If you click on the [removed] link to help your friend, you will be taken to a website that looks like an official Telegram website. DO NOT DO THIS.

Step 4 : You will be asked to log into your Telegram account on the fake website. DO NOT DO THIS.

Step 5 : The fake Telegram website will ask you to key in your Login code, or take and upload a screenshot of your Telegram. DO NOT DO THIS.

Step 6 : If you continue, the scammer will be able to take over your Telegram account, and use it to scam your friends by asking them for money, etc.

The scammer will also have access to your Telegram chats, and all associated media including photos and videos, which could potentially be leaked or used to extort you or other people.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

How To Protect Against Telegram Phishing Attack

A phishing (pronounced as fishing) attack is a social engineering attack, that uses your trust for an institution (like a bank), authority (Telegram), or someone you know, to give up your login details.

Here are some ways you can protect yourself against any phishing attack on Telegram, or other platforms.

Verify Identity Before Trusting

Many people fall for phishing attacks because it is human nature to trust your friends and to help them. However, on instant messaging apps, you don’t actually know if it’s really your friend on the other end!

So if a friend messages you on Telegram, WhatsApp, Facebook, Twitter, Instagram, etc to ask for help, ALWAYS verify their identity before proceeding.

If possible, call or message your friend on the phone, or via a different platform (use WhatsApp if the request came on Telegram, for example).

But if you are unable to call your friend, try asking the other person something that only your real friend would know:

  • Do NOT ask questions like “Are you really Sarah??
  • Do NOT ask questions that can be answered by reading previous chat messages.
  • Ask something that only you and your friend would know, like “Hey Sarah, what was that restaurant we went to last week?
  • Ask a fake question that your friend would readily know is not true, like “Hey Sarah, are you coming over tonight?

If the other person cannot answer or gives you the wrong answer, he/she is not your friend, and that account has likely been taken over by a scammer.

Recommended : How To Block Facebook Ads + Pay Scammers!

Look At The Link

Whenever you see a link being shared, always check if it leads to a legitimate website, or attempts to masquerade as a real website, by substituting characters in the link.

This Telegram phishing attack, for example, uses a link to telegram.0rg.ee. The real Telegram domain name is telegram.org. This is called domain spoofing.

If you see an attempt to impersonate a legitimate website by using a similar-looking domain name, do NOT click on it.

Never Login Via A Link

It is common for people to share links on Telegram, and in Telegram groups. Heck, we share links to our article in the Tech ARP Telegram group!

Clicking on links in Telegram, WhatsApp, emails, etc. is not dangerous, because most lead to legitimate websites that do NOT require you to log in.

What is dangerous is logging into any website through a link. I cannot hammer this enough – NEVER LOG INTO ANY WEBSITE through a link!

Phishing attacks work by tricking you into going into a fake website that looks like the real website. But you still have to log into the fake website to give the scammers your login details.

If you click on a link, and you are asked to login – this is likely a phishing attack. But don’t worry – as long as you refuse to log into any website after clicking on a link, the phishing attack fails.

Turn On Two-Step Verification

All banking platforms, and many mobile apps now offer two-step verification to prevent scammers from taking over user accounts. However, this is often an optional feature that you must manually enable.

Telegram has a two-step verification feature, which prevents scammers and hackers from hijacking your account by requiring a secret password that only you will know.

Please follow our guide on how to turn on Two-Step Verification in Telegram.

Just make sure you do NOT give that password out to anyone, or key it into any website!

Read more : How To Turn On Two-Step Verification In Telegram!

Warn Your Family + Friends!

It is important to publicise phishing attacks, whenever they happen. If people are alerted, they are less likely to fall for such attacks.

However, scammers and hackers can quickly change the way their phishing attack works, so it is important that people understand how phishing attacks work in general.

You can help prevent phishing attacks by sharing this articles, and other cybersecurity warnings, with your family and friends.

Please help us FIGHT SCAMMERS by sharing this cybersecurity article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Australia To Ban TikTok On Official Devices!

Australia just announced that it would join other Western countries in banning TikTok on official devices!

 

Australia To Ban TikTok On Official Devices!

On 4 April 2023, Attorney-General Mark Dreyfus announced that Australia will ban TikTok on official devices, “as soon as practicable“.

Dreyfus said that the decision was taken “after receiving advice from intelligence and security agencies“.

The direction will come into effect as soon as practicable. Exemptions will only be granted on a case-by-case basis and with appropriate security mitigations in place.

Australia also made changes to its Protective Security Police Framework (PSPF), noting that TikTok poses a security threat due to its data collection practices.

The TikTok application poses significant security and privacy risks to non-corporate Commonwealth entities arising from an extensive collection of user data and exposure to extrajudicial directions from a foreign government that conflicts with Australian law.

The Australian government, however, said that it will allow the use of TikTok for “a legitimate business reason”,. and on a separate”standalone device”. This move came after a security review of social media apps, including TikTok, was submitted to the Australian government last month.

Before this announcement, over half of all Australian federal government agencies had already banned TikTok on official devices. With this decision, the ban is applied consistently across the Australian government and brings Australia in line with New Zealand, and other Five Eyes member countries like the United States, the United Kingdom, and Canada, in banning TikTok on official devices. Norway, the European Parliament and NATO also banned TikTok on official devices.

Recommended : Was TikTok CEO Denied Recess In US Hearing?!

 

TikTok Calls Decision Driven By Politics, Not Fact

Before the ban of TikTok on government devices was announced, TikTok Australia and New Zealand Lee Hunter said that the decision was “driven by politics, not fact”.

There is no evidence to suggest that TikTok is in any way a security risk to Australians and should not be treated differently to other social media platforms.

Our millions of Australian users deserve a government which makes decisions based upon facts and who treats all businesses fairly, regardless of country of origin.

TikTok maintains that there is no evidence to suggest that its app posed a security risk.

In June 2022, TikTok was accused of allowing its engineers in Beijing repeatedly access private user data outside of China! Two years earlier – in June 2020, TikTok was even caught spying on what its users typed in other apps, and accused of being malware.

However, there has been no concrete evidence that TikTok contained the kind of sophisticated malware that was recently discovered in the popular Chinese app, Pinduoduo.

Recommended : Pinduoduo App Contains Persistent Spy Malware! 

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!