Cybersecurity Awareness: Guarding Your Wealth and Data in the Digital Era
While most of us are familiar with the necessity of Antivirus software, designed to identify malware (malicious software) on a computer, cyber threats are growing increasingly sophisticated.
“Cybersecurity” is the practice of protecting computers, mobile devices, electronic systems, networks, programmes and data from malicious attacks.
“Malware” (short for “malicious software”) is software that is specifically designed to disrupt, damage or gain unauthorised access to a computer system. It’s usually a file or code, typically delivered over a network, that infects, explores, steals or conducts virtually any behaviour an attacker wants.
“Ransomware” is a type of malicious software (malware) designed to deny a user or organisation access to their files or computer system until a sum of money is paid.
Traditional, email signature-based detection is no longer effective at identifying modern malware due to its rapid evolution, enabling the use of unique malware to manufacture cyberattack campaigns. Additionally, malware developers are using various techniques, like fileless malware, to evade detection by antivirus solutions.
Mackersy Property uses Endpoint Detection and Response (EDR), a security solution that continuously monitors end-user’s devices to detect and respond to cyber threats like ransomware and malware.
Detection of modern threats to endpoint security requires more information and context than is available to antivirus systems. EDR integrates a range of security functions, enabling it to detect trends and other indicators of a successful incursion. Additionally, the response capabilities provided by EDR enable security analysts to act more quickly to address potential security incidents, limiting the impact of an attack.
How to protect yourself from a cybersecurity attackIt is important for everyone to be informed while online. Cyberattacks are usually aimed at accessing, changing, or destroying sensitive information, extorting money from users through ransomware or interrupting normal business processes.
Most commonly, cybersecurity breaches can be minimised by users being vigilant:
- Check the email address that an email is coming from for really simple errors (eg. Spelling mistakes such as email@example.com)
- Use common sense (for example. A NZ business is asking you to make payments into a non-NZ bank account or a different account than what is normally paid into).
Here are five simple tips to keep yourself safe onlineBe stringent with password safety
When setting up passwords, never use the same one twice and always follow good password guidelines: use a mix of upper and lower case letters, numbers, symbols and random words with no personal link to yourself
Check everything you download
Whether you want to download a video sent from a friend or a funny joke, it’s always important to verify the source. Mackersy Property wouldn’t ask you to download a document most of our communication will be sent by email with links to relevant documentation.
Use security software
Security software such as anti-virus programs can help to protect your electronic devices from scams. Norton is one of New Zealand’s most popular antivirus programs, offering a password manager, antivirus detection, and other features in one package.
Remember that even when you want to download antivirus software like this, you must verify the site is legitimate first.
Update your privacy settings
More and more Kiwis are using various social media platforms such as Facebook and Instagram. While they’re a great way to keep in touch with friends and loved ones, it’s best to stay wary. Don’t accept friend requests from anyone you don’t know, don’t respond to messages from strangers, and be sure to update your privacy settings so strangers can’t view your photos or updates.
Be wary of emails and learn how to spot scams
Spam emails are mostly just annoying, but some savvy cyber criminals can dress them up and make them look like a real email from a company you trust.
For example, scammers will copy the exact layout and wording of an official company then ask you to click a link. By clicking this link, the cybercriminal will be able to gain access to your computer or sensitive data.
It is good practice when someone is requesting you update a bank account, to phone your contact and check the email is legitimate.
Example: A genuine email from Mackersy Property will come from [name]@mackersyproperty.co.nz. Our Investor Relations team will be the only one who will ask you to make a payment into our bank account and will always include a link or attachment of our bank deposit slip for proof. We would never email you to inform you of a change in bank account details.
See below an example of an email our Investor Relations team would send you to make a payment, and then see the imposter email. Note how scarily similar an attacker's email address can be to the one sent genuinely by Mackersy Property. Can you spot the errors?
Mackersy Property's email:
The answer is: The email address from the “Mackersy Property” property manager was misspelt. It came from an address spelt ‘mackersypropertys’ – there is no ‘s’ on the end of @mackersyproperty in our legitimate email addresses.
The most important alarm bells this email should have set off, is the fact the sender is asking for the recipient to make a payment to a new Australian bank account. Mackersy Property would NEVER do this. If you ever receive an email like this, please report the email to your provider and reach out to Mackersy Property to inform us of the malicious email.
Another indication this was a scam, is that the CC’d “Accounts” email was sent from a Hotmail address. Mackersy Property only uses @mackersyproperty.co.nz as our email address.
The final errors to be spotted, are the spelling mistakes. In the subject line, “Mackersy” is spelt wrong, and in the signature at the bottom of the email, it says Jane Smith is from “Macker”.
Check out https://www.ownyouronline.govt.nz/personal/get-protected/guides/ for more information.
What Mackersy Property is doing to protect your dataMackersy Property is taking vital steps to protect investors from cybersecurity attacks and scams.
- Mackersy Property will never ask for your bank details by email without a phone call first. If someone contacts us to change your financial details, we will always phone you to check it was you.
- Mackersy Property will never ‘update our bank account’ with you by email. If this changes, we will advise formally.
- Mackersy Property has regular cyber security training for all team members. This ensures our team remain vigilant with sensitive data and report any suspicious activity.
- The data storage platforms Mackersy Property uses conform to New Zealand and international data security standards.
Please phone Mackersy Property if you are ever in doubt over something to do with your Mackersy investments. We are always happy to help and answer any questions you may have regarding your data protection.
Cybersecurity monitoring 24/7
Mackersy Property has implemented a new cyber security platform, Huntress.
We have chosen the Huntress Platform as our managed EDR security partner of choice.
Founded by former NSA Cyber Operators, and backed by a team of 24/7 threat hunters, leveraging Microsoft’s inbuilt ‘Defender Antivirus’, the Huntress managed security platform defends businesses from persistent footholds, ransomware, and other attacks.
A 24/7 security team monitors Mackersy Property’s hardware, escalating and automatically isolating compromised devices as required.
The same team also actively monitors Mackersy Property’s Microsoft 365 environment, logins, configuration, and email rules, searching for indicators that accounts have been compromised, and instantly locking down any suspicious activity.
If you’d like to upskill and learn about cybersecurity in more depth, check out the NZ Government’s official CertNZ website here: https://www.cert.govt.nz/individuals/
If you have any questions or would like further information, please email firstname.lastname@example.org or phone 03 450 9540 to speak to the Investor Relations Team.