Tag: Privacy Tips

Privacy Tip #274 – COVID Vaccine Scams Rampant

Posted on by BeAware4lways

The news is full of stories about crashing vaccination scheduling websites, seniors who are unable to get their vaccine appointment, and how different states are rolling out their limited supplies of COVID vaccines.

People are becoming desperate in the scramble to get vaccinated during or even before their allotted time, and scammers know that and are banking on it.

Vaccine scams are so rampant that the Federal Trade Commission (FTC) issued an alert this week called “Help fight COVID vaccine scams: Share these tips with those you know.”   It urges us to help protect the most vulnerable, including our loved ones and friends, and those that are particularly isolated.

The tips to share to help protect those around you from COVID vaccine scams include:

  • Don’t pay to sign up for the COVID vaccine. Anyone who asks for a payment to put you on a list, make an appointment for you, or reserve a spot in line is a scammer.
  • You can’t pay to get early access to the vaccine. That’s a scam.
  • Are you on Medicare? You don’t have to pay to get the COVID-19 vaccine. Only scammers will ask you to pay.
  • Ignore sales ads for the vaccine. You can’t buy it – anywhere. It’s only available at federal- and state-approved locations.
  • No legitimate person will call, text, or email you about the vaccine or ask for your Social Security, bank account, or credit card number. That’s a scam, too.

Heed these tips and share them widely with those you know.

Privacy Tip #273 – What’s with WhatsApp’s New Privacy Policy?

Posted on by BeAware4lways

WhatsApp started notifying its 2 billion users last month about an update to its privacy policy. Most of its users probably didn’t look at the details, and simply clicked “I agree” when the notice popped up on their phones. (To use the app, one must click “I agree.”) There has been a backlash from privacy advocates, which is worth noting here in case you missed that news. WhatsApp has delayed the implementation of the terms of the new privacy policy for a few months so it can address those concerns.

If you are a WhatsApp user and you click “I agree” to that pop-up that you don’t read, here’s a synopsis (not comprehensive) of what you are agreeing to that is not protecting your privacy:

  • WhatsApp can share all data it collects about you with the entire Facebook network, (including Instagram), even if you don’t have an account with other parts of the network (e.g., Instagram).
  • If you don’t accept the new terms, you will not have full functionality of the app (which is reported to go live in May).
  • WhatsApp is monetizing the data it collects from you and asks for your consent to use your data to make money.
  • WhatsApp will be providing more information about the changes to the privacy policy through a banner in WhatsApp—this writer thinks you may wish to read the banner and the privacy policy a bit more carefully before you agree.
  • Although your conversations in WhatsApp are private and encrypted, WhatsApp has access to your usage data and your unique identifier, which may be linked to your identity. This is one of the reasons they are asking you to accept the new terms.
  • Facebook is monetizing your data and increasing its revenue by using your usage of WhatsApp to push targeted ads to you on Facebook and Instagram.

The changes to the privacy policy are not really designed to protect your privacy, but rather to get consent to sell your information so businesses can sell things to you. It’s not really a “privacy” policy, it is a “let me monetize your data” policy.

Some users are taking note that they will not agree to the new “privacy” policy and are defecting to Signal, which as a privacy pro, I prefer for messaging. WhatsApp users may wish to take a look at Signal’s privacy policy and compare it to WhatsApp’s. It can be accessed here.

Privacy Tip #272 – To Get Up to Speed on Facial Recognition Technology Read This

Posted on by BeAware4lways

It’s called This is how we lost control of our faces in the February 5, 2021 edition of MIT Technology Review, written by Karen Hao.

The article outlines a study recently published by Deborah Raji and Genevieve Fried titled About Face: A Survey of Facial Recognition Evaluation, which includes a survey of over 100 face datasets compiled “between 1976 to 2019 of 145 million images of over 17 million subjects….” It reportedly is the largest study of facial recognition technology ever conducted.

Hao posits that the study “shows just how much this enterprise has eroded our privacy. It hasn’t just fueled an increasingly powerful tool of surveillance. The latest generation of deep-learning-based facial recognition has completely disrupted our norms of consent.”

There are way too many fascinating things about Hao’s synopsis of the study and the study itself to summarize in a blog post. Both are worth reading and contemplating in determining facial recognition technology’s impact on our own privacy, as well as how we want different facets of society to respect our privacy if using facial recognition technology. The study analyzes the development and use of facial recognition technology over the past 30 years. It is relevant and insightful into how we can shape parameters around the use of facial recognition over the next 30 years and beyond.

As Raji and Fried say, “Facial recognition technologies pose complex ethical and technical challenges. Neglecting to unpack this complexity-to measure it, analyze it and then articulate it to others-is a disservice to those, including ourselves, who are most impacted by its careless deployment.”

Privacy Tip #271 – Getting In on the Cryptocurrency Frenzy? Assess Risk of Theft First

Posted on by BeAware4lways

Oh, if I had just bought that Bitcoin when I first thought about it a decade ago…I might risk a flight to Fiji right now, which is on my bucket list, even in the midst of the pandemic. Alas, I didn’t, because I assessed the risk first and made my own decision. Yes, I lost out on tremendous profits, but hey, I love my job and Fiji will be there for me, and it was the right decision for me.

The urge to purchase cryptocurrency is strong right now as the value has skyrocketed. Nonetheless, before purchasing any type of cryptocurrency, there are a couple of things you may wish to consider.

My mantra these days is “Yes, you, me, and all of us collectively are being targeted by state sponsored hackers”–mostly from Russia, China and North Korea. Their methods are similar and sinister, and their goals the same—profit, power and domination.

North Korea is stealing cryptocurrency at an alarming rate, the goal of which is to fund its nuclear and ballistic missile programs in the face of tough international sanctions. It is estimated by the United Nations (U.N.) that North Korean state-sponsored hackers stole approximately $316.4M in virtual assets from digital currency exchanges between 2019 and November of 2020. U.N. monitors report that North Korea has generated approximately $2 billion to steal funds from banks and cryptocurrency exchanges using sophisticated cyberattacks.

One of the largest thefts that North Korea is believed to be behind was against cryptocurrency exchange KuCoin, which reported the theft of $281 million in bitcoin and other crypto tokens in September of 2020. (This has not been confirmed by KuCoin, but KuCoin has publicly stated that it is working with law enforcement to confirm who was behind the incident). It is reported that KuCoin was able to recover 80 percent of the stolen funds through cooperation with other exchanges that froze the funds that the hackers were attempting to launder.

Some things to consider before jumping into the cryptocurrency frenzy:

  • Cryptocurrency exchanges are not regulated like other financial institutions.
  • The United States Federal Reserve does not back any loss of funds in cryptocurrency exchanges.
  • If you pass away and have assets in cryptocurrency, or lose your password to your crypto wallet, those funds could be lost; treat the account like any other and protect it should you pass away, just as you would with any other account—planning is really important here.
  • Just because you have invested in digital assets, they are still considered assets by the IRS, so be aware of tax laws applicable to cryptocurrency.
  • Cryptocurrency exchanges have gone out of business with no recourse for investors, so researching them like any other investment, including their, is prudent.
  • Be aware that state-sponsored attackers, particularly North Korea, are fervently and successfully targeting cryptocurrency exchanges to fund their nuclear capabilities against adverse nations, including the United States, which affects our national security.

Following the recent report by U.N. monitors in relation to the current hype of Bitcoin, these are just a few considerations before investing in cryptocurrency.  Enter that market slowly and research risk while contemplating reward.

Privacy Tip #270 – What To Do if You Received a Form 1099 for a Fraudulent Unemployment Claim

Posted on by BeAware4lways

My phone was ringing this week with inquiries from clients, friends and acquaintances who received a Form 1099 in the mail for an unemployment claim that they did not file, asking what should they do.

The statistics on the successful filing of fraudulent unemployment claims throughout the country in 2020 are staggering. The pandemic created higher unemployment than the country has seen in years, and fraudsters took advantage of federal and state legislation making the filing of an unemployment claim as easy as possible in order to get funds to those in need.

Unfortunately, no good deed goes unpunished, and states were hammered with fraudulent unemployment claims. The State of Washington alone estimates that it lost up to $600 million in fraudulent unemployment claims in 2020.

Some individuals received notice at the time of the filing of a fraudulent unemployment claim made in their name and were able to stop it. If you didn’t receive notice at the time of the filing, and the perpetrator was actually successful in using your personal information to obtain unemployment benefits in your name, you will find out when you get a Form 1099 in the mail for your taxes. What a nightmare.

If this happened to you, here are some ideas and resources that may help.

  • Contact the state agency that issued the 1099 and report the fraud. Usually there is a toll-free number or website at the bottom of the 1099 that you can contact.
  • Keep records of all telephone calls, emails or any other conversations you have with the State agency when reporting the fraud so you can document your report of fraud in the event you need it later.
  • If you are asked by the State agency to provide a copy of the 1099 to them to evidence the fraud, redact your Social Security number and write “fraudulent claim” on it when you send it back to them.
  • Give all documentation that you have of the fraud and your report of the fraud to your tax preparer.
  • For more information, here are two resources that may be helpful to you.

Privacy Tip #269 – COVID-19 Vaccine Scams are Rampant

Posted on by BeAware4lways
Binary Check Ad Blocker Security News

Those of us who are not health care workers, essential workers or the highest-priority cohort in our state to receive the COVID-19 vaccine are patiently awaiting our turn. We are anxious to receive the vaccine for our personal safety and health, while monitoring complaints about vaccine rollouts in different states.

As we have reported before, criminals and fraudsters prey on unsuspecting victims who have been anxious (understandably so) about many different issues that have arisen since the beginning of the pandemic, including their jobs, the infection rate of COVID-19, the prevalence of COVID-19 in their community, obtaining relief through funds from the state or federal government, and unemployment payments.

The pandemic has been used by fraudsters and scammers to attempt to obtain personal information or money from victims. These scams have included phishing schemes, telephone schemes and the introduction of malware and ransomware into networks and systems to obtain personal information or money under false pretenses.

With the development and rollout of COVID-19 vaccines, the fraudsters and scammers continue to prey on the uncertainty and anxiety of individuals in figuring out how and when they will be vaccinated. Each state has its own rollout plan, and these plans frequently change depending on the number of allocated vaccines and how they will be distributed and administered. Unfortunately, whenever there is confusion in communication, fraudsters and scammers are at their best.

It has been widely reported that there has been an increase in attempted fraud by criminals around COVID-19 vaccinations. These schemes include emails and telephone calls to individuals providing them with information about how they can get vaccinated in advance of their scheduled time. Fake websites are set up for appointments where the criminals request individuals to input their personal information, including their name, date of birth, address and Social Security number, in order to secure a vaccination time slot.

In addition, there are some reports about a black market springing up around COVID-19 vaccinations and that scammers are luring victims to pay for vaccinations with the promise that, if they pay, they can jump the line to receive it. Unfortunately, it is very tempting, and many people are falling for it.

It has become such a problem that the Federal Trade Commission (FTC) has provided a warning and guidance to consumers about these widespread scams and how to protect oneself from them. The most basic tip is not to provide your personal, financial or health information to anyone who texts, calls or emails you regarding a COVID-19 vaccination. The FTC confirms in its warning that no legitimate healthcare site, provider or other entity that is distributing and administering vaccines will ask for this information in order for you to sign up for a vaccination when it is your turn.

As we have reported before, be very vigilant about requests to click on any links or attachments or to provide any personal information in the context of COVID-19, including around the vaccine or getting vaccinated. For more information, visit the FTC’s guidance here.

Privacy Tip #268 – Changing Your Router Password

Posted on by BeAware4lways
Binary Check Ad Blocker Security News

Following Ubiquiti’s security incident and its subsequent recommendation to change your router password and enable multi-factor authentication, and the fact that it is widely reported that using default passwords on routers while working from home is a security risk, we thought it would be helpful to remind you to change your router password sooner rather than later.

Security experts have warned us for years that our wireless routers are an easy gateway for hackers to get into our systems, and that the manufacturer’s default passwords on routers are freely accessible on the Internet. Therefore, it is important to change your router’s password to a unique security password from the default password when you set up your router.

To assist, Lifewire has a tutorial that is easy to follow and can be accessed here.

Please note Lifewire’s caution of not using the same password for your router as you do for your WiFi. They should be separate and distinct from each other. Limiting access to your WiFi is also important for data security.

While it looks like the work from-home model will continue, implementing these security measures is important for the protection of our data on both personal and professional levels.

Privacy Tip #267 – Fertility Tracking App Settles with FTC

Posted on by BeAware4lways

Flo Health, Inc., (Flo) which offers a fertility-tracking app (Flo Period & Ovulation Tracker) used by more than 100 million customers, has agreed to settle with the Federal Trade Commission (FTC) to dismiss the FTC’s claims that Flo shared the health information of its users with data analytics firms despite promising users that it would keep the information private.

According to the FTC’s press release, the FTC alleged that “Flo promised to keep users’ health data private and only use it to provide the app’s services to users. In fact,…Flo disclosed health data from millions of users…to third parties that provided marketing and analytics services to the app, including…Factbook,…Google…and Flurry.”

The Complaint further alleged that Flo disclosed the user’s sensitive information, such as pregnancy, to third parties and did not limit how third parties could use the data.

The settlement requires Flo to review its privacy practices, obtain consent from its users before sharing their health information, prohibits it from misrepresenting the purposes for which it collects, uses and discloses user data, notify users of the unauthorized disclosure of the information, and have any third parties who received the information destroy it.

In addition, the FTC issued guidance on health apps, including tips on how to select and use health apps and reduce privacy risks. The guidance can be accessed here.

Privacy Tip #266 – Getting Lots of Ads After Online Holiday Shopping? Some Tips for Browsing History

Posted on by BeAware4lways

We all probably did a lot more online shopping this year during the pandemic than ever before. After online shopping, you will notice that pop-up ads are constant, and continue to pop up even if you continue to “x” them out. Or you might check the weather, and find that the site you access knows exactly which town and state you are in.

That’s because of cookies and your browser. Here are some tips to minimize the use of your browsing history by third parties.

First, when you use a computer and Wi-Fi in a public place, your browsing history can be accessed and stored. Even if you are browsing using your own Wi-Fi, you can do it privately. All you have to do is go to the far right side of the browsing toolbar, click on the three little dots and select private or incognito.

Next, you can delete your browsing history by going to those same little three dots and clicking on “More Tools;” when the menu comes down, click on “clear browsing data.”

When visiting websites, be wary of any pop-up that asks you to click on “I agree.” Usually it is asking you to agree to allow cookies. If it gives you an option to say “no,” say “no.” If a pop-up asks you if you want to delete cookies or “do-not-track,” say “yes.”

To restrict browsers from sending your location-based data, refuse to provide consent if asked when you visit a site.  Depending on the browser you use, you can go into “preference” in settings and choose the option of disallowing or asking for the request of location when you visit a site.

Use other browsers that have advanced privacy settings, such as DuckDuckGo.

To restrict Google from creating an ad profile on you, you may wish to consider downloading Google Analytic Browser Add-on so your tracking activity is restricted.

Social media sites like Facebook, Twitter and LinkedIn also track our online activities. To limit these platforms from tracking, go to “Settings” in each site, and click on the choices that allow you to limit targeted ads, tailor ads, or managing advertising preferences.

All websites track users. Controlling cookies and browsing history to limit this tracking will reduce the number of pop-up ads you receive, and the sharing of information about your browsing without your knowledge.

Privacy Tip #265 – COVID-19 Phone Scams Continue to Victimize

Posted on by BeAware4lways

Working from home has shed a new light on robocalls. It is unbelievable how many robocalls I get at home even though I am on the Do Not Call List. It is very easy to monitor these calls. If I recognize the number, I may pick up. If I don’t, I let it ring until it goes to the answering service. If the caller doesn’t leave a message, it is clear that it is a scam. These days, even scammers leave a message. One day last week, a scammer left three separate messages asking me to call back or I would get arrested. This is obvious to me, but to many individuals, these calls sound real and are scary.

The same is true for my mobile telephone. The number of unknown callers to my cell phone has definitely increased during the pandemic, and I use the same technique with calls to my cell phone as I do for a residential line. It is very easy to have someone leave a message and then call them back if they are legitimate. Screening your calls should be automatic for your safety.

A new study by First Orion shows that phone scams using COVID-19 as the subject matter have been highly successful this year.

According to the 2020 Annual Scam Call Report, “[P]hone scammers are getting better at tricking you into giving up your personal information…The survey shows that scammers improved their efficiency in 2020, mainly using the COVID-19 pandemic to steal personal information from millions of victims. The data paints a clear picture of why people are becoming more reluctant to answer their phones if the call is from an unknown number.”

The survey shows that scammers are getting better at scamming people even though the scammers were calling people at the same rate as last year. The survey showed that “[I]n 2020, scammers succeeded in getting people to give up their personal information 270 percent more often than in 2019. More than one in four people reported a loss of personal information or financial loss due to a phone scam in 2020. What’s more, scams targeting Social Security numbers were 550 percent percent more effective in 2020.”

This result is shocking and disappointing. What’s more, the survey showed that because more people were at home to answer the phone, “[O]ut of all the scam calls that succeeded in getting personal information, 17 percent used the COVID-19 pandemic to get in the door. The next most frequent cover story was fake banks at 12 percent, followed by family threats (10 percent), offering a prize or money (9 percent), and student loan scams (9 percent). The pandemic also showed up in charity fraud. When scammers used fake charities as bait to scam people, 44 percent of them said they were collecting money for pandemic relief.”

Other typical phone scams included auto warranty calls which were the most common scam and actually doubled from 2019. Fake bank or credit card calls were the second most common, and false IRS/tax and insurance calls tied for the third most common.

The moral of this story is to refrain from answering calls from numbers you do not recognize, don’t fall for any of these common scams and don’t give anyone your personal information or money over the phone.