Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - sadekur738

Pages: 1 [2] 3 4 ... 13
There are now over 3 billion (!!!) people logging onto social media accounts around the world, meaning that almost half of the world's population spends at least part of their day updating their status or story.

A new report compiled by Hootsuite and We Are Social and published by The Next Web found that there are 3.028 billion active social media users around the world. That's a mind-boggling number, especially when you consider that the Earth's  population is estimated to be 7.524 billion people.


ICT / Takas And The Difficulties of E-commerce
« on: August 08, 2017, 06:41:58 PM »
Connectivity in Sri Lanka has been steadily increasing over the past few years. The Central Bank records a 15.2% growth of information and communication activities in the first half of 2016, and a 21% total increase in telecommunications activities compared to a 10.9% growth during 2015.

Access to the internet is a big part of this growth, with an 11.4% increase in total internet connections recorded in June 2016. The increase in internet penetration leads to a whole host of new options for the Sri Lankan market ‒ an obvious one being the migration of businesses to online spaces, which Sri Lanka has taken to quite readily. A cursory search on Google will lead to a whole host of options.

But the explosion of e-commerce sites in Sri Lanka raises some questions: has the market become saturated, especially since the majority of them focus on Colombo? And what challenges do online retailers face when trying to do business in the Sri Lankan market?

To answer some of these questions, and get an inside look at the challenges facing the e-commerce industry, we spoke to Lahiru Pathmalal, the co-founder of Takas has been around a long time, and perhaps understands more than most, the difficulties that companies face when doing business online. We quizzed Lahiru about his company, the state of the industry now, and what the future could bring, both for Takas and the industry in general.

All About The Product

Traditional wisdom for startups, especially new e-commerce ones competing in a world that has eBay and Amazon, is to find a niche and dig in. While some online stores have stuck to this, focusing on clothes or jewellery, the biggest online malls on the island have completely ignored it. They sell anything from washing machines to laptops to bicycles. Yes, you can actually buy bicycles online at, another huge online platform run by Dialog Axiata.

Perhaps the reason that platforms like Daraz and Wow and Takas sell so many different categories of products, is to corner the market. If people can find everything they want in one place, they might not go looking elsewhere, thus keeping a customer hooked onto one site.

Takas started off selling electronics, and Lahiru tells us they still plan to keep their core business, while adding other types of products around it. According to him, it may be a bit harder not sticking to a niche, but they want to provide a complete solution for consumers in terms of online shopping. The other reason companies sell so many different types of products is that the Sri Lankan market is quite small, so for them to grow, they need to add more products.

Suppliers And Logistics

Logistics can be quite a challenge for an e-commerce platform. There are a lot of moving parts, and human factors that create complexity in the supply chain. Logistics for a B2B enterprise can be relatively straightforward, but when it comes to e-commerce, there are hundreds of suppliers whom they have to depend on when picking up products, and every delivery can be complicated when the customer is always on the move. To even out the process as much as possible, what Takas has done is to automate, making the supply chain data driven to cut through most of the human interaction that delays pick up and delivery.

It can also be hard to find suppliers, for e-commerce startups who typically don’t stock their own products. A startup has to filter between suppliers who provide only original products and those that sell knockoffs. While it’s hard to generalise, typically smaller suppliers are easier to work with since they are hungry for growth.

Scaling And Market Sentiment

According to Lahiru, one of the biggest challenges Takas, and by extension e-commerce in general, is facing, is market sentiment. Given what is happening in India, with Snapdeal and FlipKart laying off thousands of employees, sentiment is low for e-commerce, and the market appears to be on a downward spiral. But Lahiru believes this downturn is cyclical, and that they’ve seen it before in 2013. He says the most important thing to do at this time is to stay focused.

The problem that FlipKart and Snapdeal had was scaling too rapidly. They had bloated organisational structures and were losing focus on their core business. Scaling is important for an e-commerce startup, but Lahiru explained that scaling should not be the focus, whatever the cost. To scale, he said, a startup needs a solid foundation, which sometimes takes time, and large investment. In this industry, growth depends a lot on marketing, which involves significant investment. Takas does aim to scale, they say, but at a more sustainable level.

Part of that scaling may be expanding across the island. Online shopping tends to be focused in Colombo, but it is growing outside the city, too, which is interesting. Outside of the Western Province, Takas has seen the greatest traction in the Uva Province.


One of the biggest barriers to shopping online in Sri Lanka has always been payments. Sri Lanka has made some progress towards creating a better environment for buying and accepting payments online, but is still nowhere near where it should be. Takas processes large amounts of payments online, but according to them, the interfaces and features of these payment gateways are very outdated. Lahiru feels that regulations should allow PayPal to operate in the island, making for easier payment options.

But the stranglehold the Government is placing on the industry is making it hard for companies to do business.

The Future Of Takas And E-commerce

Lahiru Pathmalal, co-founder of Takas. Image courtesy

The large number of new e-commerce platforms and online retailers should have made things more difficult for Takas. But Lahiru says that the market was never very easy for Takas, with the first few years of their founding being the most difficult, as they were one of the first to launch an online store in Sri Lanka. Then, it was difficult to get people to purchase things online, but now consumers are more used to buying online, so they really welcome competition.

What Takas is focusing on, is improving what they already have, building on the foundation already laid out. Their core focus now is getting products delivered to customers quickly. They have developed their own solution that handles everything from the pick up process to the delivery and gives them a pretty big advantage in delivery times, which we found out for ourselves.

They are also investing heavily in technology that will make the customer experience ‒ including making payments ‒ easier, so that shopping becomes more of a seamless experience. They tell us that they are also working on a “new type of retail”, which we don’t have any more details on, but that sounds exciting.

A lot of the challenges Takas experiences is representative of what the industry as a whole faces. How they deal with those challenges is one way that e-commerce in Sri Lanka can adapt. The challenge with the e-commerce industry is that the market is small and cannot sustain expansion past a certain point. But it is also concentrated in the cities until internet penetration increases and other provinces get more comfortable purchasing goods online. Taking into consideration language, and a varied understanding of technology and culture, it all presents a unique challenge for e-commerce startups to work around.

Editor’s note: This article previously referred to Lahiru Pathmalal as ‘founder’ of Takas, and has now been amended to read ‘co-founder’ of Takas. We apologise for the error.


ICT / Google reportedly fires engineer for sexist 'manifesto'
« on: August 08, 2017, 06:39:56 PM »
The Google engineer behind the infamous anti-diversity "manifesto" that took the company by storm over the weekend has reportedly been fired.

James Damore, a software engineer who allegedly penned the memo, confirmed the firing over email to Bloomberg, and Recode also reported he had been let go according to their unnamed sources. A Google spokesperson told Mashable it couldn't comment on individual employee cases.

The author's identity, revealed in the Bloomberg report, had also been noted in a Motherboard post featuring a more complete copy of his memo.

In a companywide email, first reported by Recode, CEO Sundar Pichai said parts of the lengthy document "violate our Code of Conduct and cross the line by advancing harmful gender stereotypes in our workplace."

SEE ALSO: Google recruiters are getting an earful about that sexist 'manifesto'

"To suggest a group of our colleagues have traits that make them less biologically suited to that work is offensive and not OK," Pichai wrote. "It is contrary to our basic values and our Code of Conduct, which expects “each Googler to do their utmost to create a workplace culture that is free of harassment, intimidation, bias and unlawful discrimination."

The statement is Google's most forceful condemnation yet of the document, which alleged that there are "biological causes" that prevent more women from getting jobs in tech and leadership positions. Previously, the company's VP of Diversity and an engineering VP released statements that were not as forceful as many critics would have liked.

Even so, Pichai was careful to point out that  "many points raised in the memo ...  are important topics," and reiterated that "people must feel free to express dissent" within the company.

Pichai, who had just recently returned from work trips in Europe and Africa, said he was postponing a family vacation to hold a Town Hall later this week so employees could discuss the issue.


ICT / How Big Data Can Help Rice Production
« on: August 08, 2017, 06:34:39 PM »
If you don’t know it yet, your daily rice and curry packet is about to get a whole lot lighter. Sri Lanka is running out of rice and that spells a lot of trouble for the country—especially for farmers involved in rice production and households whose income levels cannot handle the increased prices of rice. The severe drought that hit the country late 2016 and early 2017 has severely affected the 2016/2017 maha harvest, causing a massive 45 percent reduction in the production of the paddy crop. In light of the severity of the problem, the FAO and the WFP have released a special report on the crop and food security situation in Sri Lanka. The report has estimated about 900,000 people as being borderline food insecure because of the drought and reduced crop production. The 2017 aggregate paddy output is forecast in the report at 2.7 million tonnes, which is almost 40 percent less than last year’s output and 35 percent lower than the average of the previous five years.

It’s not just rice that’s affected either, but vegetable crops and cereal crops, too. To meet the demand for grain would require an import of 1.78 million tonnes of cereal, including 998,000 tonnes of wheat, 100,000 tonnes of maize, and 686,000 tonnes of rice.

It doesn’t just end there. A reduced crop for 2017 can affect the 2017/18 maha planting season from September to December. The current problem is severe enough that it may cause ripple effects far down the line. If the government doesn’t help farmers with seed for this season, there will not be sufficient crop planted for the next year. If farmers sink themselves into debt to last out this drought, it will affect paddy production years down the line.

Who’s To Blame?

The finger of blame has swung from El Niño to La Niña, but the truth might be a bit more complex. Besides, El Niño was supposed to bring us extra rainfall, which it did for a while.

El Nino was supposed to bring in extra rainfall to Sri Lanka. Image source: FAO

K. H. M. S. Premalal, Director of the Department of Meteorology, holds climate change responsible. In an interview early this year, he stated that Sri Lanka has started experiencing a variability in rainfall patterns. He says that when it rains, it rains more heavily, and when it doesn’t rain, the dry weather continues “longer and at a higher intensity.” He blames human activities for these climate changes—felling of trees around the world and on the island, filling of land, and construction, he says, are triggering factors.

And trigger they did. The 2016 drought was the worst to hit Sri Lanka in 40 years.

Not A Surprise

The severity of the drought was not something anyone could have predicted. But the fact that conditions were bad and getting worse, was not a surprise. If the government had paid attention to the data it gathers (and if it gathered more data), it could have seen trouble looming.

The Department of Statistics has a series of measurements of the average annual air temperature at observation stations across the country. They have only published data till 2013 and some of the data points are missing, but the graph shows a general increase in average temperature across the island.

Average temperature around the country has been increasing over the years. Source: Department of Census and Statistics

Even if the increments are in decimal places, global warming still has severe consequences, no matter what Trump says. This web app shows projections for countries that may suffer from heatwaves in the future, and Sri Lanka is right in the middle of it all.

The story is remarkably similar when looking at rainfall over the years. All the data points are not available, but there is a marked decrease in average annual rainfall across the country.

Average annual rainfall has decreased.

Sri Lanka has been showing anomalies in weather and rain patterns for a while. It’s safe to assume these anomalies will continue. When it rains, it will rain more than usual, and when it’s dry, it will be drier than usual.

Monthly precipitation anomalies. The variation from the Long-Term Average (LTA). Image from the FAO report

Work The Data

There is a pattern being established here, and the government needs to work the data to start optimising and predicting the effects of weather change on agriculture. If not prediction, it at least needs to understand that it can no longer depend on the status quo. Things may get worse for Sri Lanka, and there needs to be some sort of planning in place to deal with it, instead of the reactionary way things have been done over the last two years.

Governments around the world have been using big data for a while to help optimise agriculture. Colombia a few years ago had trouble with their own rice crop. Between 2007 and 2012, the country’s rice yield dropped from six to five tons per hectare, and they couldn’t figure out the cause. Scientists at the International Center for Tropical Agriculture approached Colombia’s National Federation of Rice Growers for their harvest monitoring records, used advanced algorithms to comb through the data and uncovered patterns that they compared to weather records. The results they got were very site specific, but they found certain weather factors were causing the decrease in yield of the crops. For some fields, the yield was limited by stronger solar radiation, and for others, a different variety of seed would yield better results. The project won the UN Global Pulse’s Big Data Climate Challenge in 2014.

All over the world, startups are popping up aiming to change the way agriculture works. Companies like Climate Corp and Encirca offer decision support tools for farmers, and CropIn uses analytics to provide insights to farms in India. A large percentage of food produced is generally wasted, and big data can help eliminate inefficiencies in the whole system.

While Colombia’s rice farms yield about six tons per hectare on good days, Sri Lanka averages about 4417 kg (4.8 tons) a hectare. They also have a very significant variation when it comes to total production every year. The yield graph looks like the back of a geriatric stegosaurus.

Paddy yield can be unpredictable. Source: Department of Census and Statistics

Data and technology are revolutionising agriculture worldwide, and Sri Lanka needs to step up its game. No one can control the weather, but using the data, we can at least plan for what’s coming, eliminate waste, and fine tune our processes. Our reservoirs are not even at half capacity now, and with a poor planting season predicted for this year, the country needs to plan well to stay out of trouble.

Startup / Four Sure Steps To Understand And Sustain Startup Growth
« on: August 08, 2017, 06:32:14 PM »
One of the biggest challenges startups face today is differentiating between reality and the illusion of visible growth. It is crucial to set up proper measures at an early stage to demystify growth, ensuring it’s real and sustainable.

Why Is Demystifying Growth So Important?

The desire to grow and expand is what often pushes startups to perform at the rate they do. As an entrepreneur, you are motivated to take risks, some of which may even keep you up at night. However, most startups record a hockey-stick growth in their initial stages, but later hit a ceiling when they least expect to.

De-mystifying growth at an initial stage will help you:

Make strategic decisions
Gauge your company’s achievements
Conduct performance reviews
Identify pitfalls in advance
How Can I Understand And Sustain Growth?

A data driven approach helps analyse growth and derive more meaningful insights. A majority of entrepreneurs, therefore, use standard Google Analytics to capture website behaviour and a stand-alone Customer Relationship Management System (CRM) to capture customer data.

Here’s a more comprehensive approach:

1. Set up analytics and measure the right stuff (KPIs)

Your KPIs and analytics setup should come from a well thought out measurement plan. If you don’t already have one, start with these high-level business KPIs:

New customers per month – This shows the new customer acquisition patterns
Monthly retention of cohorts – Cohort charts show how related sets of customers return in future months after their initial purchase
Data for these KPIs must be maintained in your CRM or on an excel sheet, enabling you to extract accurate data and visualize growth patterns clearly.

2. Analyse and demystify growth

The sample revenue growth trajectory shown below is any entrepreneur’s dream, but how do you discern between a dream and reality?

Revenue Growth Over Time

In order to accurately demystify the truth behind the growth graph, you must carry out an in-depth analysis of the data. The easiest way is to show returning customers and new customers separately.

A sample retention curve shown below depicts the percentage of customers that return to the website after their first purchase.

Returning Customers

According to the above graph, only 70% (0.7) of customers made a purchase after their first purchase, and only 30% (0.3) made purchases the following month. Most importantly, the graph shows that customers have been retained only for six months. Six months is not necessarily a negative or a positive number because a great deal depends on individual business models.

Now let’s look at a graph showing new customer acquisitions over time:

Customer Growth

According to the graph, this business has acquired 100 new customers per month and maintained this number—a great achievement.

But let’s draw the total revenue graph using both of our previous graphs.

First month customers: 100 (New customers in month 1) = 100
Second month customers: 100 (New customers in month 2) + 100*0.7 (returning customers from month 1) = 170
Third month customers:  100 (New customers in month 3) + 100*0.3 (returning customers from month 2) + 100*0.7 (returning customers from month 1) = 200
Likewise, calculations can be made for the next few months in order to draw a more accurate graph:

Fourth Month = 220
Fifth Month = 240
Sixth Month = 260
Seventh Month = 280
Eighth Month = 280
Ninth month = 280


This is a more accurate and clearer picture of your growth. And as in most cases of startup growth, while the graph shows steady growth during the first few months, the curve reaches a level of stagnation soon after.

The first step to gauging whether you are in a growth illusion, is to set up the necessary measurement and tracking mechanisms, so you can properly understand your retention and new customer acquisition volumes each month. Once you identify your gaps, you will be able to optimise both variables. Always remember to work on retention optimisation and new customer acquisition simultaneously, as both variables contribute to your growth.

Homejoy, a home cleaning startup once raised $64 from the best investors in Silicon Valley and invested funds heavily on customer acquisition alone. However, despite having attracted an impressive number of customers through the raised funding, the lack of a retention plan in place resulted in Homejoy failing to sustain their growth. Read the full article here.

3. Act

Based on the high-level KPIs explained earlier, you could distinguish which numbers you need to focus on growing; new customers, retention of customers, or both. You can simply work on these two KPIs, taking action based on your findings to achieve sustainable growth.

New Customer Acquisition
To acquire new customers, you can target an entirely new audience, which can be easily done through major ad platforms. Create an audience with website visitors and remove them from new customer acquisition campaigns so that they do not get spammed by you, or target an entirely new persona or product line.

Retain Your Customers
You should be able to understand the retention curve or revenue per user per year (or suitable time frame for your business) before you act on it. Segment your retention curve based on personal and behavioural actions to identify best performing segments and worst performing segments of customers. By understanding best performing segments, you can work on expanding best segments while optimising or eliminating worse performing segments.

Here are some sample insights that can be derived from a typical e-commerce business:

4. Measure and optimise

Retention analysis will give us actionable insights, but we need to keep in mind that all actions are based on hypothesis and are yet to be proven. In this case, we need to launch a well-structured control experiment to perceive the real impact of our action.

Control Experiment:
Divide a sample set of your users into two groups; a control group and treatment group. Follow up by performing a specific action only on the treatment group. The earlier measure can help quantify the real impact for intended actions. If you see an improvement with your action, your retention graph should look like the one shown below:

Blue – Improved retention from users who are in the Treatment Group
Green – Users who are in the Control Group


Through properly measured optimisation, you can allocate more budget to profitable cohorts while persuading unprofitable cohorts to become more profitable.

If you are looking for low hanging fruit to optimise, start with first impressions. If the customer is happy with their first purchase, there is a high probability of them coming back again. Brainstorm and come up with ideas to test and optimise this important first impression.

Pay more attention to other approaches to engage customers. Use email marketing, SMS, remarketing, segregation of custom audiences and customer satisfaction data wisely to optimise your retention. Investment in machine learning is highly beneficial should you have the capacity to make that investment. But till then, you can still perform control experiments to discover the real value of your retention optimisation campaigns.

Bain & Co shows that a 5% increase in customer retention can increase a company’s profitability by 75%.


Even though achieving growth is important, make sure accurate measures are in place to ensure you’re not falling for a growth trap. Remember, a rising top line does not necessarily translate to consistent growth. Put the necessary measures in place to identify your growth rate and analyse your data, so that you can address your challenges and tap into your company’s full growth potential.

Internet Risk / Internet Banking Security Threats
« on: August 07, 2017, 08:22:38 PM »
We want to help our customers to better protect themselves against potential Internet threats. By familiarizing yourself with current threats and past trends, you can increase of your chances of effectively combating the evolving tactics of fraudsters.
The most recent banking security threats are listed below:
•   Phishing
•   Spyware and Adware
•   Viruses
•   Trojans
•   Keyloggers

•   Phishing is a scam where fraudsters ‘fish’ for your personal details by using hoax emails claiming to be from financial institutions. This method continues to be favored by online thieves.
•   Hoax emails claiming to be from banks are often generated overseas, and are sent in bulk asking recipient to provide sensitive information such as their username, password, Customer Registration Number or Debit Cards / Credit Cards numbers and PINs by providing a link leading to a fake website, enabling thieves to gather the details for later fraudulent use.

You can minimise your chances of being a victim of Phishing scams by:
•   Typing ‘’ into your Internet browser to log on to Internet Banking.
•   Treating all emails requesting personal log on information such as username, password or PIN with extreme caution.
Authentic BankMuscat emails will not request personal details or log on information.
•   Immediately deleting emails of unknown origins, no matter how innocent or provocative the subject headings sound.
•   Changing your Internet Banking password on a regular basis.
•   If you receive an email requesting you to register or enter sensitive details, do not respond and click on any hyperlink. Immediately forward the email to You can also report the same by contacting our Call Center on (+968) 2479 5555, available on 24 X 7 basis.
Spyware and Adware
•   Spyware is a type of software that secretively collects user information while on the Internet.
•   Adware is a type of spyware used by marketers to track Internet user’s habits and interests for the purpose of customizing future advertising material. The information is then used to customize future advertisements directed to the user, or can be sold to a third party for the same purpose.
•   You can minimize your chances of unintentionally downloading spyware onto your computer by: » Being wary of banners, ads and pop-ups while surfing the Internet. Do not click on them no matter how enticing they may appear. » Reviewing terms and conditions when you install free programs or subscribe to services from the Internet. » Using up-to-date anti-spyware program to regularly scan your computer.

A computer virus is software that affixes itself to another program like a spreadsheet or word document. While active, the virus attempts to reproduce and attach itself to other programs. This can tie up resources such as disk space and memory, causing problems on any home computer. An email virus is the latest type of computer virus that is transported through email messages and usually replicates by automatically distributing itself out to all contacts on the victims email address book.
You can increase your chances of ensuring your computer is free from viruses by:
•   Installing anti-virus software, and keeping it updated with the latest virus definitions.
•   Downloading and installing security patches for your operating system as soon as they become available.
•   Not accepting attachments from emails of unknown sources.
•   Installing software from trusted sources only.

•   A Trojan is a destructive program that poses as a harmless application. Unlike viruses, Trojans do no replicate themselves and do not need a host program to attach to.
•   Some Trojans will claim to rid the computer of viruses or other harmful applications, but instead introduce viruses and leave it vulnerable to attacks by hackers and intruders.
•   You can minimize your chances of unintentionally downloading Trojans by: » Not opening emails or accepting attachments from unknown sources. » Installing software from trusted sources only. » Not clicking on links contained within emails of unknown sources. » Regularly scanning your computer for Trojans and other malicious programs with up-to-date anti-virus software. » Using a firewall to monitor traffic to and from your computer while connected to the Internet. » Downloading and installing security patches for your operating system as soon as it is available.

If fraudster installs a software called "keylogger" on the computer or the device on which the customer is accessing Online Banking, the software copies to a file , every keystroke typed on that pc. This sensitive information gets captured that the fraudster can later use for fraudulent purposes and illegitimate access to your account.
There are ways to prevent this from happening.
•   You should not use computers to access accounts which are not trusted (like don't use cybercafe, or other people's computers for accessing Online Banking).
•   Keep antivirus software updated every day to protect your system and ensure that your system is virus free.
•   Secure Online Banking Tips - Protect Yourself
•   Tips and hints for secure Online Banking
•   Report a suspicious e-mail
•   Internet security measures employed by BankMuscat


Internet Risk / 4 Dangers of the Internet
« on: August 07, 2017, 08:16:22 PM »
Internet Danger #1: Cyberbullying
On the Internet, cyberbullying takes various forms, says, an online resource that educates parents about Internet safety. Cyberbullying includes sending hateful messages or even death threats to children, spreading lies about them online, making nasty comments on their social networking profiles, or creating a website to bash their looks or reputation.
Cyberbullying differs from schoolyard bullying, Handy says. Teachers can't intervene on the Internet. "When it happens online, there's no one to filter it," she says. And cyberbullies don't witness their victims' reactions, the way they might if they insulted others to their faces. "They don't see you crying," Handy says, which may make it easier for them to continue.
Some cyberbullies pose as their victims and send out harassing messages to others. Recently, cyberbullies have also begun posting humiliating videos of other kids they dislike, says Parry Aftab, a cyberspace security and privacy lawyer who also serves as executive director of, one of the largest Internet safety education groups in the world.
In the age of YouTube, a website that hosts videos shot by users, "Kids are looking for their 15 megabytes of fame," Aftab says. "They do it to show that they're big enough, popular enough, cool enough to get away with it."
Often, kids don't tell parents they're being cyberbullied; they're afraid their parents will overreact or yank Internet privileges, Aftab adds. Her advice? If your son or daughter tells you, stay calm. If it's a one-time thing, try to ignore the bully and block future contact, she says. But if the cyberbullying involves any physical threat, you may need to call the police.
Internet Safety Tips
Some tips from for responding to cyberbullying:
•   To keep others from using their email and Internet accounts, kids should never share Internet passwords with anyone other than parents, experts say.
•   If children are harassed or bullied through instant messaging, help them use the "block" or "ban" feature to prevent the bully from contacting them.
•   If a child keeps getting harassing emails, delete that email account and set up a new one. Remind your child to give the new email address only to family and a few trusted friends.
•   Tell your child not to respond to rude or harassing emails, messages and postings. If the cyberbullying continues, call the police. Keep a record of the emails as proof.

Internet Danger #2: Sexual Predators
The online world opens the door for trusting young people to interact with virtual strangers - even people they'd normally cross the street to avoid in real life. About 1 in 7 kids have been sexually solicited online, says John Shehan, CyberTipline program manager for the National Center for Missing and Exploited Children in Alexandria, Virginia. The CyberTipline helps prevent sexual exploitation of children by reporting cases of kids enticed online to do sexual acts.
While sexual predators have targeted children in chat rooms, they migrate to wherever young people go online, Shehan says. More predators are now scouring social networking sites, such as MySpace and Xanga, because these sites have centralized so much information, Shehan says. A child's profile typically includes photos, personal interests and blogs.
"In terms of predators, that's obviously a hot spot where they can go to research victims," Shehan says. "They need to meet these kids, groom these children and become friends."
Predators may take on fake identities and feign interest in a child's favorite bands, TV shows, video games or hobbies. "They come across to the children as their new best friend. They're going to have the same likes and dislikes," Shehan says. "It's quite crafty what these child predators will go through."
Internet Safety Tips
•   Ask your children if they use a social networking site. Look at the site together or search for it yourself online. Social networking sites often have age limits. MySpace prohibits kids under 14 - but doesn't verify kids' ages, so anyone can use it. If you want to delete a site, work with your child to cancel the account, or contact the social networking site directly.
•   Tell your kids not to post a full name, address, phone number, school name and other personal information that could help a stranger to find them. Remind them that photos - like your child in a team sweatshirt - can give away clues to where they live. Ask them not to send photos to people they meet online.
•   Learn about privacy settings that allow kids to choose who can view their profiles. Explain that strangers who approach them online aren't always who they say they are - and that it's dangerous to meet them in real life. Tell them to "instant message" only with family or friends they already know off-line.
•   When it comes to Internet safety, there's no substitute for parental supervision. Put your computer in a common area of your home, not a child's bedroom, so you can keep an eye on online activities. Go to websites that explain the short-hand kids use in instant messaging, like "POS" ("parent over shoulder") or "LMIRL" ("let's meet in real life"), so you know what's going on.
•   Ask your kids to report any online sexual solicitation to you or another trusted adult right away. Shehan asks adults to report the event to the CyberTipline (800-843-5678), where staff will contact law enforcement agencies to investigate. He also advises parents to call their local police and save all offensive emails as evidence.

Internet Danger #3: Pornography
One of the worst dangers of the Internet, for many parents, is the idea that pornography could pop up and surprise their children. But parents may not realize that some kids are going online to seek out web porn, too.
You can view the Internet browser history to see which websites your child is visiting, Shehan says. But since kids can delete this history, you may want to install Internet filtering software to block porn sites in the first place.
Software filters aren't a perfect solution; some nasty sites can slip through, while educational or family-rated sites may be blocked. So while some parents may wonder whether monitoring means they're spying on their kids, the safety factor often wins out. "If you get the monitoring software, put it on the computer and forget that it's there," Aftab says. That way, if someone's viewing porn, you'll have the records to deal with it.
Internet Safety Tips
•   Install Internet filtering software to block porn sites from any computer your child has access to.
•   Consider using filtering software that monitors and records instant messaging and chat room conversations, as well as websites visited.
•   Consider using a monitoring program that filters pornography keywords in several languages. Why? Because some teens have figured out how to get around filters by typing in porn-related search terms in other languages.

Internet Danger #4: Damaged Reputations
Camera phones, digital cameras and web cams are everywhere these days, and kids can be victims of their own inexperience with new technology. Many post pictures, videos or notes online that they later regret. "Think before you post, because once you do, it's going to be up there forever," Shehan says.
A child's online reputation is a growing concern, Aftab says, with the rise of online social networking and profiles. She cites reports of schools and employers rejecting young people for high school programs, internships, college admissions and jobs after checking out what applicants have posted online.
Many teenage girls put up provocative photos of themselves, Shehan says. Why? Handy - a teenager herself - believes it's a game of one-upmanship. "Kids are trying to look cool. They're doing it because everyone else is doing it. A girl will see a picture and say, 'Oh, I can top that.' And before you know it, she's half-naked on the Internet for everybody to see."
Internet Safety Tips
•   Explain that even if your kids delete their posted photos, others may have already copied them into public forums and websites.
•   Tell your kids not to let anyone, even friends, take pictures or videos of them that could cause embarrassment online - such as if a relative or teacher saw them.
•   Talk to your kids about possible consequences, the experts say. A 17-year-old might think it's hilarious to post a MySpace photo of himself looking drunk, with empty beer bottles strewn around him. But will a college admissions officer be impressed? Probably not.


Internet Risk / Email Scams
« on: August 07, 2017, 08:09:26 PM »
Many email scams are "tried and true". They've been around for a long time and continue to produce the results cyber criminals are looking for. They're becoming savvier, too – using spoofing to make the email look as legitimate as possible – and confusing recipients into opening them.

Here are a few current email phishing scams:

Recruitment Scams. The fraudster sends you an email with an enticing job offer, but asks for money and personal information up front. These scams are sophisticated and targeted. The email, content and associated websites look legitimate, and may relate to your line of work but they are fake and just an attempt to steal your money and/or your personal information.
Fake business opportunities. If you receive an email with an opportunity to make lots of money with very little effort, or there are very few details about the actual business, there's a good chance it's a scam. The objective is to get you to purchase an information kit to find out more about the job. Or to involve your friends and create a pyramid scheme in which "everyone wins".
Lottery wins and prizing or "Jackpot" scams. If you're asked to provide credit card information to claim your prize or pay for shipping, be wary of the source. Also, if you haven't entered that contest, you likely haven't won anything.
Health and diet scams. The promise of a "magic" diet pill or quick weight loss can be tempting enough for some people to click on a link and see what it's about. If you see the words "quick" and "discount" in the same email, it's likely too good to be true.
Discount software. Any type of software download that's offered at a reduced price by an unknown source is generally not legitimate. The software is likely pirated and comes with a Trojan horse or you may never even receive it.
419 Advanced Fee Fraud. These schemes offer an enormous sum of cash should you get involved. They are quite elaborate, providing false documents to give the appearance of a legitimate business proposal and even inviting you to meetings in their country. At some point you'll be asked for money to pay for fees or other expenditures – and then all communication will be cut off.
'Pump 'n' dump' stock scams. These are spam emails from an "investor" with inside information, claiming that a certain stock is about to become very profitable. This will then drive up the price of the stock, at which point the individuals behind the scheme sell – and the price plummets.

Internet Risk / Common Threats to be aware of
« on: August 07, 2017, 08:08:34 PM »
Common threats to be aware of
Learn about the latest online scams and what you should know to ensure safe Internet browsing.
If you've never heard of a botnet, it's likely because they go largely undetected.
What they are:
A collection of software robots, or 'bots', that creates an army of infected computers (known as ‘zombies') that are remotely controlled by the originator. Yours may be one of them and you may not even know it.
What they can do:
•   Send spam emails with viruses attached.
•   Spread all types of malware.
•   Can use your computer as part of a denial of service attack against other systems.
Distributed denial-of-service (DDoS) attack
What it is:
A distributed denial-of-service (DDoS) attack — or DDoS attack — is when a malicious user gets a network of zombie computers to sabotage a specific website or server. The attack happens when the malicious user tells all the zombie computers to contact a specific website or server over and over again. That increase in the volume of traffic overloads the website or server causing it to be slow for legitimate users, sometimes to the point that the website or server shuts down completely.
It could be possible for malicious users to use your computer in one of these attacks. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attacks are "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attacks.
What it can do:
The most common and obvious type of DDoS attack occurs when an attacker “floods” a network with useless information. When you type a URL into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once. If an attacker overloads the server with requests, it can't process yours. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying access to legitimate users.
What you can do:
There are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers:
•   Install and maintain anti-virus software.
•   Install a firewall, and configure it to restrict traffic coming into and leaving your computer.
•   Follow good security practices when it comes to maintaining your contact or email lists. Applying email filters may help you manage unwanted emails, by automatically processing incoming messages based on certain criteria that you set.
•   Be cautious if you notice that your Internet connection is unusually slow or you can't access certain sites (and that your Internet connection is not down).
•   Avoid opening email attachments, especially if they are from people you don't know.
If you believe you are a victim of a DDoS attack, contact your Internet Service Provider, as they will be able to help mitigate.
Hacking is a term used to describe actions taken by someone to gain unauthorized access to a computer. The availability of information online on the tools, techniques, and malware makes it easier for even non-technical people to undertake malicious activities.
What it is:
The process by which cyber criminals gain access to your computer.
What it can do:
•   Find weaknesses (or pre-existing bugs) in your security settings and exploit them in order to access your information.
•   Install a Trojan horse, providing a back door for hackers to enter and search for your information.
Malware is one of the more common ways to infiltrate or damage your computer.
What it is:
Malicious software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.
What it can do:
•   Intimidate you with scareware, which is usually a pop-up message that tells you your computer has a security problem or other false information.
•   Reformat the hard drive of your computer causing you to lose all your information.
•   Alter or delete files.
•   Steal sensitive information.
•   Send emails on your behalf.
•   Take control of your computer and all the software running on it.
Pharming is a common type of online fraud.
What it is:
A means to point you to a malicious and illegitimate website by redirecting the legitimate URL. Even if the URL is entered correctly, it can still be redirected to a fake website.
What it can do:
•   Convince you that the site is real and legitimate by spoofing or looking almost identical to the actual site down to the smallest details. You may enter your personal information and unknowingly give it to someone with malicious intent.
Phishing is used most often by cyber criminals because it's easy to execute and can produce the results they're looking for with very little effort.
What it is:
Fake emails, text messages and websites created to look like they're from authentic companies. They're sent by criminals to steal personal and financial information from you. This is also known as “spoofing”.
What it does:
•   Trick you into giving them information by asking you to update, validate or confirm your account. It is often presented in a manner than seems official and intimidating, to encourage you to take action.
•   Provides cyber criminals with your username and passwords so that they can access your accounts (your online bank account, shopping accounts, etc.) and steal your credit card numbers.
What it is:
Ransomware is a type of malware that restricts access to your computer or your files and displays a message that demands payment in order for the restriction to be removed. The two most common means of infection appear to be phishing emails that contain malicious attachments and website pop-up advertisements.
What it can do:
There are two common types of ransomware:
•   Lockscreen ransomware: displays an image that prevents you from accessing your computer
•   Encryption ransomware: encrypts files on your system's hard drive and sometimes on shared network drives, USB drives, external hard drives, and even some cloud storage drives, preventing you from opening them
Ransomware will display a notification stating that your computer or data have been locked and demanding a payment be made for you to regain access.  Sometimes the notification states that authorities have detected illegal activity on your computer, and that the payment is a fine to avoid prosecution.
What you can do:
Do not pay the ransom. These threats are meant to scare and intimidate you, and they do not come from a law enforcement agency. Even if you submit payment, there is no guarantee that you will regain access to your system.
If your computer has been infected (i.e. you are unable to access your computer or your files have been encrypted), contact a reputable computer technician or specialist to find out whether your computer can be repaired and your data retrieved.
In order to lessen the impact of a ransomware infection, be sure to regularly back-up your data with a removable external storage drive. It's possible that your files might be irretrievable; having an up-to-date backup could be invaluable.
Spam is one of the more common methods of both sending information out and collecting it from unsuspecting people.
What it is:
•   The mass distribution of unsolicited messages, advertising or pornography to addresses which can be easily found on the Internet through things like social networking sites, company websites and personal blogs.
•   Canada's anti-spam legislation applies to all commercial electronic messages. A commercial electronic message is any electronic message that encourages participation in a commercial activity, regardless of whether there is an expectation of profit.
What it can do:
•   Annoy you with unwanted junk mail.
•   Create a burden for communications service providers and businesses to filter electronic messages.
•   Phish for your information by tricking you into following links or entering details with too-good-to-be-true offers and promotions.
•   Provide a vehicle for malware, scams, fraud and threats to your privacy.
This technique is often used in conjunction with phishing in an attempt to steal your information.
What it is:
A website or email address that is created to look like it comes from a legitimate source. An email address may even include your own name, or the name of someone you know, making it difficult to discern whether or not the sender is real.
What it does:
•   Spends spam using your email address, or a variation of your email address, to your contact list.
•   Recreates websites that closely resemble the authentic site. This could be a financial institution or other site that requires login or other personal information.

Spyware & Adware
Spyware and adware are often used by third parties to infiltrate your computer.
What it is:
Software that collects personal information about you without you knowing. They often come in the form of a ‘free' download and are installed automatically with or without your consent. These are difficult to remove and can infect your computer with viruses.
What it can do:
•   Collect information about you without you knowing about it and give it to third parties.
•   Send your usernames, passwords, surfing habits, list of applications you've downloaded, settings, and even the version of your operating system to third parties.
•   Change the way your computer runs without your knowledge.
•   Take you to unwanted sites or inundate you with uncontrollable pop-up ads.
Trojan Horses
A Trojan horse may not be a term you're familiar with, but there's a good chance you or someone you know has been affected by one.
What it is:
A malicious program that is disguised as, or embedded within, legitimate software. It is an executable file that will install itself and run automatically once it's downloaded.
What it can do:
•   Delete your files.
•   Use your computer to hack other computers.
•   Watch you through your web cam.
•   Log your keystrokes (such as a credit card number you entered in an online purchase).
•   Record usernames, passwords and other personal information.
Most people have heard of computer viruses, but not many know exactly what they are or what they do.
What they are:
Malicious computer programs that are often sent as an email attachment or a download with the intent of infecting your computer, as well as the computers of everyone in your contact list. Just visiting a site can start an automatic download of a virus.
What they can do:
•   Send spam.
•   Provide criminals with access to your computer and contact lists.
•   Scan and find personal information like passwords on your computer.
•   Hijack your web browser.
•   Disable your security settings.
•   Display unwanted ads.
When a program is running, the virus attached to it could infiltrate your hard drive and also spread to USB keys and external hard drives. Any attachment you create using this program and send to someone else could also infect them with the virus.
How will you know if your computer is infected?
Here are a few things to check for:
•   It takes longer than usual for your computer to start up, it restarts on its own or doesn't start up at all.
•   It takes a long time to launch a program.
•   Files and data have disappeared.
•   Your system and programs crash constantly.
•   The homepage you set on your web browser is different (note that this could be caused by Adware that has been installed on your computer).
•   Web pages are slow to load.
•   Your computer screen looks distorted.
•   Programs are running without your control.
If you suspect a problem, make sure your security software is up to date and run it to check for infection. If nothing is found, or if you are unsure of what to do, seek technical help.
Wi-Fi Eavesdropping
WiFi eavesdropping is another method used by cyber criminals to capture personal information.
What it is:
Virtual “listening in” on information that's shared over an unsecure (not encrypted) WiFi network.
What it can do:
•   Potentially access your computer with the right equipment.
•   Steal your personal information including logins and passwords.________________________________________
Worms are a common threat to computers and the Internet as a whole.
What they are:
A worm, unlike a virus, goes to work on its own without attaching itself to files or programs. It lives in your computer memory, doesn't damage or alter the hard drive and propagates by sending itself to other computers in a network – whether within a company or the Internet itself.
What they can do:
•   Spread to everyone in your contact list.
•   Cause a tremendous amount of damage by shutting down parts of the Internet, wreaking havoc on an internal network and costing companies enormous amounts of lost revenue.


In the last year, we’ve seen the use of Internet of Things (IoT) devices within the home and the workplace surge significantly.

On a typical day most devices we interact with, from our smart watches, to the office photocopier and printer, and even children’s toys, are connected to the Internet in some shape or form.

This access to connected devices has undoubtedly improved the way consumers interact with these every day items, but it has also exposed them to a number of unprecedented vulnerabilities.

While these types of IoT attacks can lead to significant reputational and financial damages for businesses, equally as importantly, they can also result in loss of customer trust and confidence. As can be seen from these high profile cyber-attacks, businesses must now take appropriate security measures, not just to protect their commercial operations, but also in order to protect their customers.

This increase in the use of connected devices has also led to a range of cyber security risks for enterprises themselves. As the lines between personal and work related use of these devices continue to blur, we’re seeing more cybercriminals target the personal connected devices of employees, as well as office devices, in attempts to infect entire organisations.

One of the most used types of IoT cyber security incidents is known as Distributed Denial of Service (DDoS) attacks. These are attempts to make an online service unavailable by overwhelming it with traffic from multiple comprised devices. DDoS attacks are becoming increasingly common globally. According to our latest annual Telstra Cyber Security Report, 59 per cent of Australian businesses and 43 per cent of Asian businesses have experienced a DDoS attack on at least a yearly basis.

In 2016, the website of cyber security writer and blogger, Brian Krebs, was on the receiving end of a DDoS attack that used IoT devices, including CCTV cameras, Digital Video Recorders (DVRs) and routers designed to take the site offline. We’ve also seen similar cyber attacks using devices like children’s toys and household appliances to create IoT botnets capable of inflicting significant damage.

What we’ve learnt from these high-profile DDoS attacks is that part of the reason they are so popular with cybercriminals is they’re very low cost to launch. They are also easy to access, which means that anyone from experienced cybercriminals to disgruntled customers and employees can attack any business at great ease.

The good news is that everyone can take precautions to prevent their IoT devices from being hijacked by malware and used in DDoS attacks. By purchasing these devices from reputable manufacturers that provide regular security updates, you will help your business will help protect itself against cyber security attacks. Here are some other useful ways that you can avoid DDoS attacks:

1. Update administrator usernames and passwords to become strong and unique.
2. Disable remote access to your devices and block/close unauthorised access using the following protocol ports but not limited to: SSH (22), Telnet (23) and HTTP/HTTPS (80/443).
3. Perform updates/patching and review changes in features and settings on a regular basis for IoT as per any other computer on your network.
4. Ensure staff responsible for Electronic Security and Physical Security are educated on the precautions required when purchasing and deploying security devices such as IP-enabled surveillance cameras.

Telstra Cyber Security Report 2017


Internet Risk / Protecting Data
« on: August 07, 2017, 07:54:31 PM »
Protecting sensitive data is the end goal of almost all IT security measures. Two strong arguments for protecting sensitive data are to avoid identity theft and to protect privacy.

The improper disclosure of sensitive data can also cause harm and embarrassment to students, faculty, and staff, and potentially harm the reputation of the Institute. Therefore, it is to everyone's advantage to ensure that sensitive data is protected.

1. Data security is fundamental.
Data security is crucial to all academic, medical, and business operations at MIT. All new and existing business and data processes should include a data security review. This ensures MIT data is safe from loss and secured against unauthorized access.

2. Plan ahead.
Create a plan to review your data security status and policies and create routine processes to access, handle, and store the data safely. Archive unneeded data. Make sure you and your colleagues know how to respond if you have a data loss or data breach incident.

3. Know your data.
The first step to secure computing is knowing what data you have and what levels of protection are required to keep the data both confidential and safe from loss.

4. Scale down.
Keep only the data you need for routine current business, safely archive or destroy older data, and remove it from all computers and other devices (smart phones, laptops, flash drives, external hard disks).

5. Lock up!
Physical security is the key to safe and confidential computing. All the passwords in the world won't get your laptop back if the computer itself is stolen. Back up the data to a safe place in the event of loss.


Internet Risk / Top Ten Safe Computing Tips
« on: August 07, 2017, 07:53:02 PM »
Follow these tips to keep your computer's security tight. If this is your first visit, use these tips as a security checklist.

1. Patch, Patch, PATCH![/b]
Set up your computer for automatic software and operating system updates. An unpatched machine is more likely to have software vulnerabilities that can be exploited.
2. Install protective software.
Sophos is available as a free download for Windows, Mac, and Linux from IS&T's software grid. When installed, the software should be set to scan your files and update your virus definitions on a regular basis.
3. Choose strong passwords.
Strong passwords use a combination of letters, numbers, and special characters to create a mental image or an acronym that is easy for you to remember. Create a different password for each important account, and change passwords regularly. LastPass can manage all of your passwords for you -- and it's free!
4. BACK UP on a regular basis!
Regular, scheduled backups can protect you from the unexpected. Keep a few months' worth of backups and make sure the files can be retrieved if needed. Download and install CrashPlan and learn how to back up your system.
5. Control access to your machine.
Don't leave your computer in an unsecured area, or unattended and logged on, especially in public places. This includes Athena clusters and Quickstations. The physical security of your machine is just as important as its technical security.
6. Use email and the internet safely.
Ignore unsolicited emails, and be wary of attachments, links, and forms in emails that come from people you don't know, or which seem "phishy." Avoid untrustworthy (often free) downloads from freeware or shareware sites. Learn more about spam filtering.
7. Use secure connections.
When connected to the internet, your data can be vulnerable while in transit. Use remote connectivity and secure file transfer options when off campus.
8. Protect sensitive data.
Reduce the risk of identity theft. Securely remove sensitive data files from your hard drive, which is also recommended when recycling or repurposing your computer. Use the encryption tools built into your operating system to protect sensitive files.
9. Use desktop firewalls.
Mac and Windows computers have basic desktop firewalls as part of their operating systems. When set up properly, these firewalls protect your computer files from being scanned.
10. Most importantly, stay informed.
Stay current with the latest developments for your operating systems. Subscribe to the IS&T Security-FYI electronic newsletter.


Internet Risk / Social Engineering
« on: August 07, 2017, 07:50:30 PM »
Social engineering is the term used to describe any trick used to take advantage of inattentive or trusting people. It is essentially the art of manipulating people to perform actions or divulge confidential information. When it relates to IT, social engineering uses the additional cloak of "invisibility" through the Internet.

There are many examples of scams, and here are a few:

Scams that used to be delivered by phone or mail are now being done online. Auctions posting non-existent or falsely represented merchandise, Nigerian money offers promising large sums of cash, financial scams targeting consumers with poor credit in hopes of receiving credit cards or loans, phony sweepstakes offers asking for payment for a prize that doesn't exist: all can snag the unwary or vulnerable visitor.

Predators and fake friends
Remain as anonymous as possible, which means keep all private information private; do not give out your real full name, age, home address, phone number, Social Security Number (SSN), passwords, names of family members, or credit cards unless required for a legitimate business transaction. And learn how the information is going to be used - and how it will be protected - before you share it.


Security Organizations / Internet Risk Recommendations
« on: August 07, 2017, 02:54:29 PM »
As the internet becomes a more popular way of purchasing items for the holiday season it is also important for consumers to know the dangers of fraud and how it can be avoided.

Secure home computers and mobile devices: Members should ensure their home computers are secured with a firewall and antivirus software before performing any online transactions. Operating system patches should be downloaded when made available by software vendors. Members should also protect mobile devices (mobile phones, tablets, etc.) used to conduct online transactions by installing antivirus software.
Phishing scams: Members should not respond to emails, text messages, and phone calls that advertise the sale of gift cards, holiday gifts, promotions, contests and jobs.
Be wary of holiday offers for free items: Members should avoid tempting holiday offers, such as free downloadable applications for smartphones, antivirus software, screen savers, ringtones and electronic greeting cards, which may be infected with viruses and/or malware.
Be wary of shopping online at Craigslist and public auction sites: Members might purchase merchandise that is never delivered. Members should follow the best practices published by Craigslist and other public auction websites to avoid scams.
Be wary of social media scams: Fraudsters often place bogus advertisements for free prizes on social media sites. Members should be instructed to not respond to these advertisements.
Bogus charity scams: Members should confirm the legitimacy of the charity through the Better Business Bureau.
Monitor accounts: Members should periodically monitor their deposit and credit card accounts to identify any unauthorized transactions. Members should be instructed to immediately report unauthorized transactions to the credit union.


We all want to know the one secret to becoming smarter, don’t we?

If you search for “ways to become smarter” on the internet, you will get a lot of crazy suggestions. Maybe some more than others. After all, do you really think that a pill will make you more intelligent? Rather use these search results as a test for your preexisting intellect. Looking closely at what you find is the first step to understanding that it is BS.(over-generalizing)

The secret to becoming more intelligent is nothing special, yet it has been overlooked in the past times.

The absolute secret to being smarter is READING.

“Wow, you’ll say. Thanks for sharing this novel information. Where do I exit this article?”


Pages: 1 [2] 3 4 ... 13