September 2023 Edition
EXECUTIVE SUMMARY: The weather is getting cooler and it is not Turkey day yet but Maureen the Clean would like to discuss stuffing - not the edible kind. It is not Halloween yet, but Jake the Pedantic is stirring old memories by trying to show off that he knows what we all did last Sunday. Turns out he can find all this out from his Mom's basement. Very scary! It is not the holiday season yet but Samuel the Harangued has found out scammers have been gifting themselves billions of dollars including some of Aunt Mabry's money.
Follow Us On Social Media For Weekly Cyber Safety Tips
Know Your Cyber Threats
Maureen The Clean
Credential Stuffing Attacks
Hacker finds or buys compromised user names and passwords a.k.a credentials, on the Dark Web. Hacker then attempts to login to common or popular websites and online services using those same credentials. Oh yeah, there are already software tools available to automate this for hackers so that they can try millions of accounts on thousands of sites. And voila, just like that, we have a credential stuffing attack! Why does this work? Because millions of people reuse their passwords on multiple sites! Norton Lifelock, Paypal, Chick-fil-A, United Healthcare and most recently clothing company Hot Topic have all experienced this attack in 2023.
Change the default password on all devices, apps and websites you use and make them strong passwords i.e. complex 13 characters or more.
Do NOT reuse passwords!
Wherever possible, enable 2 factor authentication or one time passwords for your accounts. That way, even if they guess the password, they will still need to enter the second factor code.
'I know what you did last Sunday'
Jake The Pedantic
There are thousands of data brokers on the internet and the list includes some very well known large tech companies. Many are foreign companies including companies out of Russia and China. Data brokers collect, trade and sell information about each and every one of us. They collect information about us from tracking technologies such as cookies, beacons, pixels and more that lurk on websites, apps and devices (yes, that smart TV you bought, that has trackers in it too!) that we use as well as from companies that we do business with such as banks, credit card companies, etc. They will sell the information to anyone who asks - including hackers! Yes, that is correct - your online safety is linked to your online privacy!
How big is this problem? Here are some numbers:
91% of the top 1 million websites, by traffic volume, use tracking technologies
77% of sites an average user visits will contain trackers.
99.98% of Americans can be re-identified using just 15 demographic attributes.
It will take an average of 76 days to read the privacy policies of all the apps, websites and online services that we each sign up for in a single year
The data collected such as our browsing history, search history and more may be used to determine our credit worthiness, prices we pay for products and also whether certain services and discounts will be made available to us. So, yes, the data collected hits our wallet!
How can you protect yourself and your family's privacy better? Remember, this is a game of risk reduction and there is no one single cure. You can use 'Incognito Mode' on your browser in combination with privacy preserving search engines. But this still leaves you exposed on apps, devices such as your smart TV, smart speakers, smart thermostats, gaming systems and other connected devices and online services. Also remember, apps are not just on phones, they are on smart TVs, smart speakers and gaming systems too. You also need whole home online privacy and security solutions likethat protect you from cyber threats but also automatically identify and block privacy threats.
Aaargghh! with Samuel the Harangued
Senior scams with an extra dose of creativity
Advance fee scams, romance scams, Medicare scams, grandparent scams, tech support scams, government imposter scams - the list keeps growing! Seniors are increasingly targets of online and real life scams. Seniors lost an average of $35,101 in 2022 for a total of over $3.1 billion! Staggering numbers and they only keep increasing. Awareness and alertness are indeed the most effective tools to prevent seniors from falling prey. Local and federal governments have woken up to the scourge and issue alerts on new and emerging scams. If you are a victim of a scam, help is available at both state and federal levels.
Social media platform X, formerly known as Twitter, has been flooded with crypto giveaway scams impersonating Elon Musk, SpaceX or Tesla's accounts utilizing a deepfake video of Elon Musk. Yikes - trust no face, trust no account!
The Clorox Company, the makers of the pseudonymous bleach product, was hit by a cyber breach last month and is still struggling to get their operations back online resulting in shortages for multiple of their products.
NodeStealer malware is targeting Facebook business accounts to steal user credentials and browser data. It is distributed a malicious file attachment sent through Facebook Messenger using pictures of defective products as bait!