Yesterday (12 Jul) I attended a presentation by Detective Inspector Bruce van der Graaf, head of the NSW Police Fraud & Cybercrime Squad, about the current criminal threat landscape. The most important part: If your phone stops working (cannot connect to the network, not if you drop it or forget to charge it), first change all your internet banking passwords (savings bank, re-draw mortgage provider and your superannuation fund), and then contact your phone company. Most banks now provide two-factor authentication: to authorize a netbank transfer, they send you an SMS code. To get around that, criminals (impersonating the victim) get the phone company to transfer the mobile number to their own phones. Obviously, for this attack they need the internet banking password in the first place. To protect it: - do not fall victim to "phishing" attacks: emails apparently from your bank, about new security message or similar, tricking you into "logging in" to a fake website - do not allow malware (viruses, keystroke loggers, malicious browser plugins) to install on your computer. --- The police cybercrime unit is over-stretched under-staffed, they do not want to know about every spam or scam. There is one scam that they would like to be reported: when you receive an email from a friend saying they are overseas, been robbed or similar, and need you to send them money urgently to pay hotel bills or airfares. Then, if you are willing to "turn over" your email account to police, please report it urgently: so the police can engage the criminal and maybe catch him in the act. --- Cheers, Paul