technology

Telegram vs Signal: What is the best WhatsApp alternative?

The WhatsApp privacy policy has been bothering a lot of people. The date of the update and policy rolling out has passed and the lingering question still is “What is a good WhatsApp alternative?” There are multiple social messaging apps available. Apps like Google Hangouts, Google Chats, Telegram and Signal, among others have been up for consideration.

The two most popular options that a lot of people are considering are Telegram and Signal. There are a few things that users need to consider before making the switch. There has to be a lot of data transfer. Since the sole reason for the transfer is privacy, users need to choose based on the security features provided by both apps.

Telegram
Telegram started off as a messaging service in 2013 but the platform has transitioned into much more since then. The app now has a number of features and even channels. A lot of users think of it as a good alternative to torrent since torrent has its own share of problems in India. Apart from messaging, users can stream songs, movies and web series on the platform for free of cost. The app itself is free to download and use. Number of people are already making a switch to the platform from WhatsApp.

Signal
Signal is a fairly new social messaging platform that was launched in March 2021. The app has garnered a lot of attention and was considered to be a good alternative for WhatsApp. It is a simple messaging app that does nothing more. When compared to Telegram, it has a lot fewer features to offer. The interface is simple and easy to understand. New users will not have any difficulty in making a switch.

The Better Alternative
There are some differences between the apps when it comes to the treatment of data. One feature that was highly appreciated in WhatsApp was the end-to-end encryption of chats. If you are looking for an alternative that will encrypt all your chats including group chats, then Signal is the app to go for. Telegram does not encrypt all your chats. It only encrypts the secret chat. Signal even encrypts the metadata of your chats, so it does not know who you are talking to and for how long. Whereas, WhatsApp and Telegram do not encrypt your metadata and metadata encryption is important.

So if you are looking for the safest and most secure WhatsApp alternative, Signal is the way to go and not Telegram.

technology

5 easy ways to protect yourself from cyber attacks.

Use your smarts, and technology, to be cyber-secure – at home, at work, at uni or out in the world.

  1. CHECK IF YOU’VE ALREADY BEEN INVOLVED IN A DATA BREACH
    Visit haveibeenpwned.com(external link) and change those passwords for any accounts that it suggests may have been compromised.
  2. CHECK THE STRENGTH OF YOUR PASSWORDS
    Test the strength of your passwords at howsecureismypassword.net(external link) (use something similar to your original password to test its strength).

When choosing a password, remember: the longer it is, the stronger it is. A strong password is at least 12 characters long and hard to guess.

Using a sentence is a great way to create a long password that you’ll never forget.

  1. AVOID THESE PASSWORDS
    The following passwords are considered the most common and easiest to crack – so if you’ve got any of these or similar variations, you should seriously considering changing them – quickly!

123456 (or any chronologically-ordered numbers)
987654321
123123
QWERTY
111111
password
WHICH GENERATION IS MOST GUILTY OF USING INEFFECTIVE PASSWORDS?

  1. TRUST NO ONE (ON EMAILS)
    This may sound a bit extreme – but always be on the lookout for deceitful emails and compromised web pages (spam and phishing). Interacting with these puts your information at risk and can download viruses. Remember:

don’t open email from unknown email addresses
trash attachments in unexpected emails
avoid risky clicks – instead type the address into your browser.

  1. SECURE YOUR DEVICE
    If your mobile device is unsecured, lost or stolen, it could be used to access your info, your money or steal your identity and irreplaceable data like photos or messages. Secure your devices by:

installing anti-virus software
setting a password, gesture or fingerprint that must be entered to unlock
setting the device to require a password before applications are installed
leaving Bluetooth hidden when not in use and disabling automatic connection to networks
enabling remote locking and/or wiping functions, if your device supports them.

technology

Cyber Prox

Get regular updates on the go about our Facebook page and WhatsApp and recent technological and legal advances in order to keep safe.

Cyber crime consultation.

We are here to help in any way possible to keep you away from the menace of cyber crime and to help you technically or legally in case you are a victim.

technology

WhatsApp hacking.

WhatsApp hacking: the new method hackers are using.

The only information needed to connect to someone’s WhatsApp account is a valid phone number and a verification code.

Who would have thought that the way of logging into WhatsApp accounts could be misused to hack user data without their knowledge?
How is it done?

If you receive a message on your phone explaining that an error has been made and that you have received a message containing a code from another person allowing them to connect to WhatsApp, above all, do not disclose this code!
Here is why:

Anyone who has access to this code, along with your phone number, could enter your account, and block you in such a way that you can no longer access it.
How does it work?

The only information needed to connect to someone’s WhatsApp account is a valid phone number and a verification code that you will receive at this number by SMS, used to verify the authenticity of the person wishing to connect.
Unfortunately, some people have decided to take advantage of this ease of use against WhatsApp’s users.
All they need to know is the phone number of their potential victim.
By registering on the application with this phone number that does not belong to them, these same people cannot access the accounts without the access code which was sent to the phone of the victims. Then, the victims receive the following message:
“Hey, I accidentally sent a WhatsApp verification code to your phone. Can you send it to me?”
If a victim responds to this message with the code they received by text message, the perpetrators are in possession of the victim’s telephone number, and also of the identity verification code.
In other words, they have it all.
Nothing then bars their access to their victims’ WhatsApp accounts, from which they can block them.
A tip, as WhatsApp specifies in its terms of use: Never disclose this code to anyone.
“You should never share your WhatsApp verification code with others. If someone is trying to take over your account, they need the SMS verification code sent to your phone number to do so. Without this code, any user attempting to verify your number can’t complete the verification process and use your phone number on WhatsApp. This means you remain in control of your WhatsApp account.”

“WhatsApp doesn’t have sufficient information to identify the individual who is attempting to verify your WhatsApp account.”

So be careful – the security and the use of your WhatsApp account depends on it!

technology

Are matrimonial websites safe to use?

The use of matrimonial websites has grown over the past few years. During the lockdown, a leading Indian matrimonial platform observed a 30% increase in the number of average daily registrations. Increased usage makes such sites more prone to cyber crimes, as has been reported in the recent past. Yet, there is no definite answer to the question of whether these websites are safe for finding a life partner. This article analyses the kinds of cases that we come across regularly and suggests measures to avoid unpleasant situations.

Before getting into the kinds of cyber crimes and frauds taking place on such sites, I will be elaborating on why these crimes occur in the first place.

Reasons why people fall prey to cyber crimes on matrimonial websites
The phrase think before you talk may be extended to think before you type. Most people forget the repercussions of what they type. For example, we are generally secretive about details such as salary, financial assets, etc., but, when it comes to finding a partner online, we put all our details on display. While one may think that this increases our credibility; it also increases the chances a perpetrator missing your personal information. Most people think that money is a major factor in finding a partner, but one must be careful about putting out one’s profile on public platforms.
Love may be blind, but it need not be deaf and dumb as well. Finding love online these days means that physical verification is not possible. We tend to ignore subtle red flags in online meetings, and people turn a blind eye to things they would have otherwise found suspicious. It is important to treat people who one meets through such websites in the same way as one would have if meeting in person.
Most people who register themselves on matrimonial websites want to settle down or find a perfect match. This makes them vulnerable and easier targets for cyber crimes.
Perpetrators establish a sense of trust by investing time in the people they meet online. They may talk to the victim for even 3 to 6 months just to establish a sense of trust and make them more vulnerable. They also spend time talking to the victim’s family or friends to create an impression and gain the victim’s trust. The perpetrators also claim to belong to well-accepted professionals, such as doctors, lawyers, businessmen, etc. to establish a sense of social security and trust.
Cases involving cyber crimes through matrimonial websites

  1. A Pune-based techie loses 10 lakh rupees, instead of receiving gifts
    As per a news article published in October 2019, a woman, a resident of Bavdhan, working in an IT Sector in Pune lost 10 lakh rupees due to a matrimonial fraud. The incident occurred in the first two weeks of September 2019. The conman claimed to have sent the techie gifts from the Netherlands which were seized by customs officials at New Delhi. These gifts included a ring, perfumes, a high-end laptop, and many more such things. She then got a phone call from the customs office asking her to send money to release the above-mentioned gifts.

The official also mentioned that this amount was refundable, and the woman was made to send money to eight different bank accounts. After transferring the money she realised that she had been duped as the conman who claimed to be an NRI stopped responding to her calls and messages. She even found out that there was no seizure of goods at the New Delhi customs office, and the call that she got from the customs officer was fake. She lodged a complaint at the Hadapsar police station on December 28, 2019.

A similar case occurred recently in July 2020 in Goa, where a woman was duped on a matrimonial site and the imposter duped her of 35 lakh rupees on the pretext of custom clearance.

  1. A Hyderabad-based software engineer loses 1 crore rupees
    In another case reported by the Times of India in June 2020, a 33-year-old Software Engineer in Hyderabad was allegedly duped of Rs 1 crore by a woman he met online through a matrimonial website in 2018. The fraudster introduced herself as a doctor of Indian origin who was residing in Baltimore. The software professional was so smitten by the woman and the chats they had on Telegram and WhatsApp that he was ready to pay any amount of money that she asked for. The victim’s monthly salary was about Rs 80,000 and he utilised savings along with borrowing to send her the money. The KPHB police station registered a case under Sections 420 and 406 of the Indian Penal Code, 1860, and Section 66 of the Information Technology Act, 2000.

Earlier in March 2020, the Hyderabad police arrested a gang of four individuals comprising of a Nigerian and three Nepalese nationals. These scammers tricked a doctor into transferring seven lakh rupees in their bank accounts. This was under the pretext for GST and custom clearance payments for gifts and jewellery.

  1. Sexual harassment and extortion
    In April 2020, one victim got in touch with us for seeking assistance in a case involving sexual harassment and extortion. According to her, she signed up on a popular matrimonial website and started exploring the platform. One individual, claimed to be a Navratna PSU employee and posted to a European country, contacted her. Over time, he shared many fake pieces of information to gain her trust. These included employee ID cards, GPS locations, and salary receipts. A couple of months, he asked her to send her nude photos. While she initially sent the pictures, she came to know that he was also screen-recording their calls. When she informed him that her parents had fixed her engagement, he started blackmailing her using those pictures and screen-recorded videos.

Since then to the time of publication of this article, we have received 17 cases with similar modus operandi.

Relevant laws

  1. Identity Theft

According to Section 66C of the Information Technology Act, 2000, it is an incident of identity theft when someone fraudulently or dishonestly uses your electronic signature, password, or any other unique identification feature. Other provisions that may be applicable vary from case to case. Relevant provisions from the Indian Penal Code, 1860:

Section 464: Forgery
Section 465: False documents
Section 468: Forgery for the purpose of cheating
Section 469: Forgery for harming reputation
Section 471: Using a forged document or electronic record as genuine
Section 474: Possession of a forged document with an intention to use as genuine

  1. Financial Frauds
    Financial frauds on matrimonial websites are punishable by law. They may involve the application of Sections 66C and 66D of the Information Technology Act, 2000. However, relevant provisions from the Indian Penal Code, 1860 are applicable such as Sections 406 and 420.
  2. Sexual harassment and extortion
    While the exact provisions will vary from one case to another, the following provisions from the Information Technology Act, 2000 are relevant.

Section 66E: Violation of privacy
Section 67: Publication and transmission of obscene content
Section 67A: Publication and transmission of sexually explicit content
While on the other hand, Sections 354C (voyeurism), 354D (stalking), and 384 to 387 (extortion) from the Indian Penal Code, 1860 are applicable.

Best Practices
Every platform out there will have its pros and cons and the same goes for matrimonial websites. It becomes your responsibility to ensure that you perform due diligence for any individual that you meet online.

As a thumb rule, you should not trust any person you meet online. If you do trust, ALWAYS verify.

We recommend our readers to follow these best practices to minimise the chances of falling prey to cyber crimes:

Do an extensive background check on the other person before revealing your personal information.
Do not believe everything that the other person says.
Take your time and make an informed decision.
Talk to your friend or family members as they will have a fresh pair of eyes.
Do not share your financial information, or make any payments for any reason whatsoever.

technology

Online Dating in 2021: Cyber Safety Precautions for Women.

Online dating has become a common phenomenon, with many apps and their ever-increasing user base. This new trend may turn out to be unsafe for various users. The solution is not to completely stop using them, but to ensure that you use them safely. It is not a hidden fact that men and women experience cyber crime differently. More so, women are more likely to face cyber stalking and online harassment than men. This article suggests a list of cyber safety practices for women that you must follow.

From what we have seen in the cases we receive, the reasons for women being the primary victims can be:

Lack of awareness of using dating platforms.
Negligible interest in knowing about security measures.
Perpetrators may find it easy to blackmail a victim for being present on online dating sites due to cultural stigma.
Lack of familiarity with technological advancements.
After taking a detailed look at the available cases, I have prepared the following guide. You can adopt the following security and safety measures while using online dating platforms.

Suggested Cyber Safety Practices
You should not use a profile picture that reveals your city or locality. If a dating application shows individuals living nearby, it may be possible for them to determine your location easily.
Avoid uploading so-many of your photos on your dating account. A perpetrator can perform a reverse search on your pictures to gather plenty of information about you.
You should not publicly share information about your political interest. I have seen cases where a victim’s political interest was a trigger for anger or vengeful behaviour.
Minimise sharing personal information that is very specific to you – for example, your height, weight, and other physical characteristics. A perpetrator can use these pieces of information with your photos to make a fake profile and give it credibility.
Perpetrators often share too much personal information about themselves to build trust. In most of the cases, it is fake. So, you should not fall right into this trap and avoid sharing sensitive information just because the other person is doing so. Perpetrators use this as a tactic to extract information from you.
I have seen cases where perpetrators invest around 3 to 6 months. They aim to give a false sense of safety to the victim. You should not trust someone merely because you know them for 5 months.
You should avoid meeting in person without conducting a comprehensive background check.
If you decide to meet the person you met online, share the meeting specifics with someone you trust.
Endnotes
Online dating platforms can be actually useful when it comes to finding new friends or a partner. However, one must not oversee the possible dangers that may come your way. In such a situation, it becomes imperative for you to be conscious about your online safety. While the tips given above can help you greatly, always think twice before sharing your personal information on online dating platforms. And if you are stuck in a problem, you can always reach out to us!

technology

WhatsApp hacking: the new method hackers are using.

The only information needed to connect to someone’s WhatsApp account is a valid phone number and a verification code.

Who would have thought that the way of logging into WhatsApp accounts could be misused to hack user data without their knowledge?
How is it done?

If you receive a message on your phone explaining that an error has been made and that you have received a message containing a code from another person allowing them to connect to WhatsApp, above all, do not disclose this code!
Here is why:

Anyone who has access to this code, along with your phone number, could enter your account, and block you in such a way that you can no longer access it.
How does it work?

The only information needed to connect to someone’s WhatsApp account is a valid phone number and a verification code that you will receive at this number by SMS, used to verify the authenticity of the person wishing to connect.
Unfortunately, some people have decided to take advantage of this ease of use against WhatsApp’s users.
All they need to know is the phone number of their potential victim.
By registering on the application with this phone number that does not belong to them, these same people cannot access the accounts without the access code which was sent to the phone of the victims. Then, the victims receive the following message:
“Hey, I accidentally sent a WhatsApp verification code to your phone. Can you send it to me?”
If a victim responds to this message with the code they received by text message, the perpetrators are in possession of the victim’s telephone number, and also of the identity verification code.
In other words, they have it all.
Nothing then bars their access to their victims’ WhatsApp accounts, from which they can block them.
A tip, as WhatsApp specifies in its terms of use: Never disclose this code to anyone.
“You should never share your WhatsApp verification code with others. If someone is trying to take over your account, they need the SMS verification code sent to your phone number to do so. Without this code, any user attempting to verify your number can’t complete the verification process and use your phone number on WhatsApp. This means you remain in control of your WhatsApp account.”

“WhatsApp doesn’t have sufficient information to identify the individual who is attempting to verify your WhatsApp account.”

So be careful – the security and the use of your WhatsApp account depends on it!

technology

How to Secure Your iPhone from Hackers.

Can iPhones get hacked? What do you do if they are? And how can you secure them, once and for all?

If these are questions that continually blow your mind – you’ve come to the right place to find the answers.

I will guide you through some truly advanced iPhone security tips, from turning on 2FA to switching off auto-fill. No time to explain more – let’s get down to business!

Regularly install updates.

Keep your iPhone updated. This simple action is necessary to get fixes for random bugs and access exciting new features. Apple takes the security of its clients very seriously, meaning many of their updates come with security patches. Keep installing them regularly and don’t give hackers a chance to target you or your personal information.

If you’re not sure if your iPhone has all updates installed, then go to Settings > General > Software Update. If there is an update available, download and install it following the system prompts.

Enable Find My and Self-Destruct to protect your phone data.

Here’s what you can do to keep your private data safe if someone steals your iPhone:

Enable Find My on your iPhone as soon as you get the chance. The app allows you to track your phone using any device that has the app installed. Alternatively, you can remotely wipe your iPhone clean to protect personal data. To enable Find My, go to Settings > Apple ID > Find My, then switch on the Find My iPhone feature.
An even more radical decision is to go nuclear. All it takes is ten failed attempts to log into your phone, and it will automatically erase all the data. Be careful: this feature might backfire, so make sure you back-up your device regularly. If you still believe the risk is worth taking, go to Settings > Touch ID & Passcode and move the toggle Erase Data.

Use password tricks.

Everyone knows you need to set strong passwords to stay safe online, but that’s not the only strategy to protect your iPhone. You can also use iCloud Keychain to generate and store passwords. Don’t worry about forgetting them, though, as the service remembers passwords for you. To enable this feature, go to Settings and tap on your name. Then, choose iCloud > Keychain and switch the toggle on.

Activate two-factor authentication.

This means hackers will have no chance of logging into your Apple services without you knowing. To enable this feature, go to Settings > Apple ID > Password & Security > Two-Factor Authentication.

Stay away from third-party apps and jailbreaking.

Jailbreaking means allowing your iPhone to install apps and files from sources other than the Apple Store. Our advice: don’t do it. Once you decide to jailbreak your phone, leaking your personal data becomes so much easier. Any third-party app installed may breach your security. And if that’s not enough, jailbreaking your iPhone means your warranty becomes redundant.

Revoke location tracking permissions.

Allowing apps to track your location might not seem like a high price to pay for the full set of features. But it actually means these apps have access to valuable information about yourself that you don’t want to leak. The apps with access to your location know the routes you prefer and the places you frequent.

To change that, tap Settings > Privacy > Location Services. This is where you can review permissions for every installed app. Select those you consider untrustworthy and remove their permissions to track your location.

Say goodbye to Siri.

Can your iPhone be hacked through Siri? Unfortunately, some instances of this happening confirm this. Personal assistants allowing hands-free use of edge devices are great. However, a skilled hacker can get Siri to give them access to your iPhone. If you want to avoid the risk and are willing to sacrifice the convenience of a voice-activated assistant, then go to Settings > Touch ID & Passcode and switch Siri’s toggle off. It’s sad, but it has to be done.

Disable password auto-fill.

An even more wretched thing is turning off password auto-fill. It’s nearly impossible to remember passwords to every online account. Plus, your payment card information is stored in Safari’s auto-fill feature. Still, it’s a question of safety versus convenience. If you decide the former is more important, head to Settings > Safari > AutoFill. You can choose if you want to switch off auto-fill for your contact information, credit cards, or both.

Use VPN, avoid public Wi-Fi, and mind your safety online
Can an iPhone be hacked? Yes, but that doesn’t mean you have to be constantly afraid of this happening.

Practicing reasonable precautions will take you a long way. It goes without saying that using a VPN when you’re accessing an open Wi-Fi hotspot is a good idea. You should also avoid public charging stations since they’ve proven to be a hotbed for hacking. And maybe don’t fall for the old trick of lending your phone to a stranger on the street to make a quick call.

technology

How to protect your privacy and stay secure on Instagram.

Instagram is a great way to share photos with friends, family, and the rest of the world, but it could also open you up to privacy and security risks. It doesn’t have to be that way, though. It’s easy to protect yourself and still get the most out of what Instagram has to offer.

Here are five ways to keep your account safe. There are separate instructions for the web and for mobile apps and notations where the iOS and Android apps differ.

Make your account private
Take a simple privacy step by turning your public account into a private one. This will let you share your photos with a select group of people while keeping them hidden from everyone else. That way, only people you really care about will be aware of your activities.

On mobile
Go to your profile by tapping the “person” icon on the lower-right corner of the screen. Swipe to the left and tap the Settings gear icon that appears.
Select “Privacy and Security” then “Account Privacy.”
Toggle “Private Account” on.

On the web
Click on the “person” icon in the upper-right corner, and then look for the gear icon next to your name.
Select “Privacy and Security” then “Account Privacy.”
Click on the checkbox for Private Account.
From now on, only your existing followers will be able to see your posts. Anyone else will have to send a follow request to you first.

Block specific followers
If one of your followers becomes annoying (or worse), you can also block specific followers from seeing your posts. (Don’t worry: followers aren’t notified that you’ve blocked them.)

On mobile
Tap “Followers” at the top of the main mobile menu.
Search for the follower you want to block.
If you’re using iOS, tap the three horizontal dots next to their name. If you’re using Android, tap the three vertical dots. Select “Remove.”
On the web
Click on the person icon and then on “Followers.”
Search for the follower you want to block.
Click on that person’s icon, then look for the three horizontal dots to the right of their name. Select “Block this user.”

Turn on two-factor authentication
Worried that someone will log in to your Instagram account and pose as you? Turn on two-factor authentication, which will send you a text message with an authentication code every time you log in to Instagram on a new device. You’ll then have to type in the code to complete logging in.

On mobile
Go to “Settings” > “Privacy and Security” > “Two-Factor Authentication” > “Get Started.”
Toggle on “Text Message.”
If you’d prefer to instead use an authentication app like Google Authenticator, toggle on “Authentication App” instead. The app will see if you already have one installed. If you don’t, it will suggest one.
On the web
Go to the person icon, then click on the gear icon.
Click on “Privacy and Security” > “Edit Two-Factor Authentication Setting”
Check “Text Message.” If you have an authentication app available, you will also be able to check “Use Authentication App.” Otherwise, it will be grayed out.

Prevent third-party apps from getting your data.

There are tons of third-party apps that ask you to get access to your Instagram data, like an app that schedules Instagram posts for you. So before agreeing to let one access your data, factor in that the more companies that have private information about you, the more likely it is that the information can be misused or stolen. Even more important: make sure that you only grant Instagram access to apps that truly have a need for it.

To revoke access to apps that already have it, you have to use the web interface; you can’t do this through the mobile app.

Log in to Instagram on a browser on a phone or computer, and click or tap the person icon on the upper-right corner of the screen.
Click or tap on the gear icon.
Click on “Authorized Apps.” (Look for it on the left-hand menu.) You’ll see a list of apps that have been authorized to access Instagram.
Click on the “Revoke Access” button for any app that you want to unauthorize, and then select “Yes.”

Check if someone has hacked your account
Worried that someone has hacked your Instagram account? You can check by viewing your past account activity, including logins, logouts, changing a password, and more.

Using the mobile app, go to “Settings” > “Privacy and Security” > “Access Data.” On the web, tap the “person” icon in the upper-right of the screen. Click the gear icon, and select “Privacy and Security” > “View Account Data.”
You’ll come to an info page that has a great deal of data on how your account has been used. You can click any category to get more information, such as “Account privacy changes,” “Logins,” “Logouts,” “Hashtags you follow,” and so on.
Pay special attention to “Account privacy changes,” “Password changes,” “Logins,” “Logouts,” and “Stories Activity.” If you see anything that’s unfamiliar, it may mean that someone else is using your account. Immediately change your password to lock them out.