Music scam aimed at iPhone users, a possible Canadian photo security solution and a reminder that routers aren’t safe forever
Welcome to Cyber Security Today. It’s Wednesday Oct. 24th. To hear the podcast click on the arrow below:
A new scam targeted at iPhone users has been spotted. The con tries to steal Apple login details by sending a fake Spotify iTunes email. If you click on the link, the message says you bought a year of Spotify Premium for $150.99 – which is a lie. It also links to a fake Apple page to asking you to log in and “review your subscription.” One way you know this is fake is the alleged automatic payment it says you signed up for. Of course, the con knows you’d worry about that and want to log in to erase the purchase.
There are lots of email scams like this. When getting an alleged payment you know you haven’t made by a bank or a company, contact them over the phone or by an or alternative email address and ask to confirm if the email is legitimate.
Also remember to turn on two-factor authentication for as many apps as you can. That way, even if a hacker gets hold of your login, they can’t access the app because they need the second confirmation.
Face recognition software is one of those two-factor authentication technologies. But it can also be used for things you don’t want from the photos you upload to your social media sites, like target advertising or create a phony identity. University of Toronto graduate Joey Bose has created a company called FaceShield to market a noise filter that can be added before uploading to a photo which he says can defeat some types of facial recognition while leaving the image still viewable. The first three filters can be tried for free at FaceShield.ai. Other filters designed for specific social media sites will be available by the middle of next year, but there will be an as yet to be determined fee.
People interested in cryptocurrencies like Dogecoin and Etherium are still falling for scams. The latest warning comes from antivirus vendor Dr. Web, who notices a scammer uses a number of techniques to sucker people into downloading malware, including setting up online lotteries with digital coins as the prize, or promising a prize just for viewing a web page with ads. Instead, you get software that steals data from your computer, or steals any cryptocurrency you have in your digital wallet. This scammer has even set up sophisticated web pages that look like a legitimate digital currency exchange. Dr. Web estimated 10,000 people have fallen for these scams. Remember, there’s lots of phony balony around digital currencies. Be alert.
Finally, a warning about old computer equipment. You know already that old versions of Windows don’t get security updates. Neither do old versions of software. Unfortunately, the same is true for old modems and Wi-Fi routers. This is topical now because of reports that six models of D-Link routers have vulnerabilities that haven’t been patched, and won’t be because the manufacturer considers them end of life. Some of these devices are more than four years old. So here’s my advice: Got a modem or router that’s four years old? Go to the manufacturer’s web site and check if it’s still supported. If not, it’s time to buy a new device.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon