Something Phishy’s Going On

New Phishing Attack Targeting Gmail Users – What to look for & How to avoid it.

Our Gmail accounts have become a sort of internet passport, allowing us to access numerous invaluable services from a single account, which means that nearly every other ‘account’ we have is linked to it. Our entire online identity is tied to our Google account and if anyone were to gain unrestricted, unauthorized access to it, we are all at risk of potentially irreversible damage. Scarily, this is exactly what’s happening right now. Hackers are peddling a brand new, skilfully crafted phishing attack that can dupe even advanced users. If you don’t know what phishing is, see here.

Hackers are targeting Gmail users indiscriminately, using cunningly crafted emails to obtain the user’s account login credentials. When you receive them, the phishing emails contain innocent looking attachments and may make reference to emails you have recently sent to or received from those contacts. Basically, it’ll look like someone you know is sending you something you expect to receive or are likely to receive from them.

The innocent looking attachment will open in a new browser tab, which takes you to a page that looks identical to the Google Sign-In page. Users are tricked into entering their Google account login credentials under the guise of re-logging into their accounts for security reasons or simply as a formality.

If you do enter your credentials and attempt to sign-in, the hackers will have full access to your Google account and they’ll waste no time taking control of it and your information. You’ll lose control of everything including Gmail, Drive, YouTube and all of Google’s other services and potentially allow hackers full access to your Android phone, if you use one. If that isn’t enough, your account will be used to send phishing emails to all of your contacts exposing them to the attack.

So how do you avoid it? First of all, be aware of this scam and treat anything that opens a new tab with some suspicion. Gmail will rarely require you to randomly sign-in and when it does so, it’ll usually do so in the active tab.

Here are other important things to look out for:

Check the address bar on your web browser and always look for the Green Padlock and for indication that the connection is secure and trusted.

In the case of the Gmail Phishing Scam the genuine URL should look something like this:

https://mail.google.com/mail/u/0/#inbox

The malicious URL may be very long and look like this:

data:text/html,https://accounts.google.com/ServiceLogin?

Finally, if you haven’t already enabled two-factor authentication for your Google account, you should do so immediately.

Today it’s become an oddity to find someone who doesn’t have a Gmail account. Android is, by far, the most popular mobile OS and that makes a lot of people very vulnerable. But you shouldn’t be. By simply being aware, you are ahead of everyone else. Spread the awareness and stay safe online.

Check out our previous post about online security for more information about how to stay safe online.

Have you been attacked or do you know someone who’s been attacked? Tell us in the comments.

It’s a bird, a jet… No! It’s a Three-Wheeler!

The Three Wheeler Age may be at an end.

The rise of the three-wheeler or tuk-tuk is a perfect example of the market economy at play. Not everyone can afford a private car, even fewer can afford the hassle of parking those cars and for the middle class in Sri Lanka taxis are often a tad too expensive and buses not entirely convenient. This creates a ripe demand for quick, efficient and above all, cheap transportation. It’s this ripe demand that three wheelers supply.

Despite their notoriety three-wheelers provide a crucial service in Sri Lanka with its limited road space and appalling mass transit system. Economically, they support a large portion of the population directly and indirectly as there are now over 1,000,000 tuk-tuks in Sri Lanka. With a population of a little over 20 million people, that means there’s a tuk-tuk for about every 20 of us.

But now that we have seen the glorious rise of the tuk-tuk, are we about to witness the end of the tuk-tuk era. Why? Well, essentially two reasons: increased regulation and decreased economic incentive.

The first tuk-tuks to install fare meters came up against the full force of the Three-Wheeler Mafia, the loose band of warring groups of tuk-tuk drivers that played by their own rules. Still, driven by the market, meters prevailed as travellers preferred metered tuk-tuks over the ‘open outcry’ variety. Slowly but surely most tuk-tuks installed meters but a handful still remain unmetered and ready to rip unsuspecting travellers off.

The government has recently introduced legislation (*standing ovation*) that will make meters mandatory along with basic safety precautions. This will make operating a three wheeler less than savoury for the unsavoury, non-metered tuk-tuks in the business, possibly encouraging them to leave altogether. Taxes on three wheelers have also risen in the recent past and it’s only reasonable to expect more increases in the future, aimed at curbing the number of active three-wheelers, which is now, putting it lightly, a bit problematic. 😉

Competition in the form of a limitless supply of three wheelers, ‘nano cabs’, and ride hailing apps like Uber make operating three wheelers less economically attractive than in the wild days of outright highway robbery :-P, encouraging less productive operators to close shop. The advent of these other forms of on-demand hired transportation has also made it abundantly clear that travellers have been taken for a good ride by three-wheelers because it’s now possible to get a ‘nano cab’ with air-conditioning, an enclosed cabin, seating for four people, increased comfort and better safety for the same per-km price of a roadside three-wheeler.

While we’re certain that we won’t see tuk-tuks vanish any time soon, with increased regulation, decreased economic incentive and supply now beginning to outstrip demand, it’s inevitable that we will see a period of decline for the three-wheeler at least in the near term. But what we really hope will happen, is that the pressures currently faced by the market for three-wheel hires will turn it into a diamond of sorts, launching a three-wheeler revolution, if you will, resulting in economy, safety, decency and ethics.

Whether the age of the three-wheeler is entering its twilight years or not may be up for debate but what isn’t up for debate is that their cowboy, wild-west days are at an end, as far as fares are concerned at least.

What do you think? Are three-wheelers on the way out or just out of control? Let us know in the comments. ☺

Going Pro With Cyber Security

Sri Lanka’s First Cyber Security Degree Programme Launches

It’s very reasonable to suggest that you’re more likely to get hacked than smacked these days. In 2016 we saw massive increases in cyber security breaches affecting everyone from major governments, companies and the ordinary fellow on the street. In this heightened environment of ‘Cyber Tension’ the CICRA Campus, Sri Lanka’s pioneering information security training and consultancy provider, has taken the very prudent step to introduce, for the first time in Sri Lanka, a Bachelor’s Degree Programme in Cyber Security. The Degree programme is offered and conducted by CICRA in partnership with Deakin University in Australia.

Cyber Security as a profession is growing rapidly in Sri Lanka and around the world. A report published by Cisco indicates that there are currently more than 1 million job opportunities for Cyber Security Specialists and Forbes magazine has projected that by 2019 there will be more than 6 million openings for qualified experts in the field.

The Bachelor’s Degree in Cyber Security offered by CICRA, in partnership with Deakin University, will focus on this critical area and provide extensive, in-depth knowledge and training. CICRA says that the program will provide students with a solid foundation in Cyber Security Literacy and all of the technical skills required of a Cyber Security Professional by the industry, allowing graduates to stand out in the job market. To complete the programme a minimum of 100 hours in an internship position is mandatory, which only adds to the student’s experience and employability.

What we really like about the programme is that it’s flexible. CICRA has obtained a special license to offer the complete three-year degree programme right here in Colombo, allowing students to affordably complete their studies without leaving the country. The programme is also ideal for students interested in studying abroad or even migrating, allowing for the first year of study to be completed in Colombo and the remaining two years to be completed at Deakin University in Australia where, according to the Centre for Strategic and International Studies (a US Think Tank), there is plenty of opportunity, with Australia leading the world in the shortage of Cyber Security Experts.

Cyber Security has been an issue ever since the advent of the internet. Still, it has largely remained a niche area of interest until events like the Snowden Revelations showed us the extent to which technology can be misused and abused. That and the advent of high profile Hackings and groups of Hackers like Anonymous have firmly thrust Cyber Security into the spotlight. Given that the world is only becoming more connected and therefore more vulnerable, we feel that choosing a career in Cyber Security is an admirable way to serve one’s country and society at large. In this age of ‘Cyber Psychos’, kudos to CICRA for taking the initiative to provide Sri Lankans with the means to fight the battle right here at home.

 

If you are interested, check out the Degree Programme in detail here.

Coding Our Future

ICTA Launches the ‘All Children Coding Initiative’

Little is being done in Sri Lanka aimed at equipping students to take advantage of the opportunities available within the IT Industry, here and abroad. In this environment, it’s refreshing to hear about the ‘All Children Coding Initiative’ announced by the Information and Communication Technology Agency of Sri Lanka (ICTA), advocating the inclusion of Coding in the school curriculum.

Little known to most people, Sri Lanka has a vibrant, innovative software development, engineering and servicing industry. Sri Lankan IT companies have even developed the software that runs some of the world’s largest stock exchanges. Foreign earnings from Sri Lanka’s IT sector were expected to surpass USD 1 Billion last year, making it hugely profitable and creating abundant opportunities for computer programmers.

The ‘All Children Coding Initiative’ will begin with the development of a comprehensive Coding Curriculum, covering both primary and secondary schools. The initiative will start with a relatively small group of schools, teachers and students, with the goal of training 200 teachers and reaching at least 7,000 students within the first year. The project also hopes to reduce the gender gap that currently exists within Sri Lanka’s IT Sector, with women comprising less than 30% of the workforce. According to the ICTA, engaging and exposing children to coding at a young age is expected to result in more equitable gender participation rates within the sector, in the future.

Learning to code will serve you well, whether you’re a kid in school or somewhere further along in life. The modern world that we live in is driven by computers and computers are driven by code. So, if we want to change the world, we must be able to change what drives it. Think of Facebook, Google or Uber; they’ve all changed the world for the better.

Coding can be used to build anything, so it encourages creativity and makes us better at solving problems. It’s essentially what coding is, taking a problem, creatively solving it and mapping out the process of solving the problem in a logical, methodical way. Being able to solve your own problems or having the ability to help others solve their problems gives you a great sense of confidence and confidence makes you better and better at everything you do.

The ‘All Children Coding Initiative’ will surely have an uphill battle to fight, going against the (can we say, ‘archaic’?) Education System in Sri Lanka, but we feel that this is a great and essential step on the road to a knowledge-based economy and an increasingly digital world. We hope that the ‘All Children Coding Initiative’ will be a resounding success.

This YouTube Video provides an inspiring take on why coding is so important. Do check it out.

Tell us what you think about the ‘All Children Coding Initiative’ and if and how coding has impacted your life. Share your thoughts in the comments below.