At least one anti-phishing company says it won’t be testing its customers with coronavirus-themed emails, out of concerns that it’s not socially responsible to play into fears around the current pandemic. Cofense says it has removed all COVID-19-themed spearphishing templates from its repository of attacks, and the Virginia-based company is recommending other organizations join it in a pledge to avoid using the global health crisis as fodder. Like other anti-phishing companies, Cofense sends fake emails to its customers to see if employees click on corrupted links or file attachments.
Scams related to the coronavirus pandemic are on the rise. Phone calls and text messages claim to offer a cure or test kits, but what the scammers are really after is your personal information. With that information, hackers and scammers can do all sorts of things, like take control of your phone number and then access your online accounts. In January, a published study revealed how incredibly easy it to do, potentially leading to thousands of dollars in fraud — that’s your money on the line. The practice of SIM swapping is becoming increasingly common, and despite carriers putting safeguards in place, researchers were able to demonstrate taking over your phone number quickly and with ease.
Microsoft Edge is introducing a new feature called “Password Monitor” that will alert users if their login credentials have been leaked in data breaches. As long as a user is using login auto-fill, Microsoft Edge will alert them if their credentials have been exposed in a data breach through alerts on the New Tab page or when you visit the affected web site. If the ‘More Information’ button is clicked in the alerts, the user will be brought to the Password Monitor page where they can see the leaked credentials and easily click on a button to change the password on the breached site.
In an attempt to protect shoppers and his employees from contracting the coronavirus, Ben Vo, the owner of City Farmers Market, a chain of grocery stores in Georgia, recently set up thermal cameras at the entrances of each of his six locations. “It’s focused on the face, so basically we measure the head temperature as they walk into the store,” Vo said. “It’s in the corner, not right in front of the entrance, and we have an LCD monitor that security personnel can watch and the customers can also see.” If an associate sees a reading that comes in at 100.4 degrees or higher, that shopper is pulled aside and handed a flyer that asks them to leave.
Earlier this week, live on Twitch, the streamer Kitboga attempted to place a wholesale order for an essential oil that, the woman on the phone implied to him, cured COVID-19. There is, of course, no cure for COVID-19, the disease that has infected hundreds of thousands of people internationally since January. If there were, it wouldn’t consist of oregano oil, cinnamon, clove bud, and eucalyptus essential oils. Kitboga was on the phone with a scammer. Eleven thousand live viewers were watching him expose her.
Microsoft says it will no longer invest in third-party facial recognition companies following a controversy around its funding of Israeli startup AnyVision, which critics and human rights activists say powered a surveillance program in the West Bank following an NBC News report about the company’s relationship with the Israeli government. Microsoft now says an independent investigation led by former US Attorney General Eric Holder and his team at international law firm Covington & Burling found that “AnyVision’s technology has not previously and does not currently power a mass surveillance program in the West Bank that has been alleged in media reports.” Had it done so, Microsoft says it would have constituted a breach of the finance portfolio’s pledge on ethical facial recognition use.
Lawmakers and security experts have long warned of security flaws in the underbelly of the world’s cell networks. Now a whistleblower says the Saudi government is exploiting those flaws to track its citizens across the U.S. as part of a “systematic” surveillance campaign. It’s the latest tactic by the Saudi kingdom to spy on its citizens overseas. The kingdom has faced accusations of using powerful mobile spyware to hack into the phones of dissidents and activists to monitor their activities, including those close to Jamal Khashoggi, the Washington Post columnist who was murdered by agents of the Saudi regime. The kingdom also allegedly planted spies at Twitter to surveil critics of the regime.
The Defense Department’s Cybersecurity Maturity Model Certification initiative could have the opposite of its desired effect and create security risks, major companies said in a letter to top Pentagon officials Friday seeking clarification on a number of issues. “We are concerned that current plans for implementing CMMC lack sufficient clarity and predictability in key areas, and as a result may unnecessarily generate confusion, delay and associated costs,” reads the letter to Ellen Lord, under secretary of Defense for acquisition and sustainment, and Katie Arrington, the chief information security officer for the acquisitions office. “These challenges could lead to the DIB being even less secure, if left unaddressed.”
The coronavirus pandemic has escalated tensions over whether companies have the necessary time and resources to fully comply with California’s landmark privacy law by July, but even a temporary enforcement reprieve wouldn’t give businesses a free pass for their current conduct, experts say. While the California attorney general’s office has said it has no intention to cave to mounting pressure from businesses to delay enforcement of the California Consumer Privacy Act until early next year, calls for such a pause are only likely to intensify in the coming months as the novel coronavirus forces companies to reevaluate their priorities and stretches IT departments thin, attorneys said.
The US Federal Trade Commission (FTC) warned nine VoIP service providers against assisting and facilitating illegal robocalls designed to capitalize on public anxiety surrounding the Coronavirus pandemic. “Many of these robocalls prey upon consumer fear of the pandemic to perpetrate scams or disseminate disinformation,” the letters say. “FTC staff have reason to believe that one or more of your customers may be involved in such illegal telemarketing campaigns.” Until March 30, the nine companies are required to email the FTC the specific actions taken to ensure that their services are not used in Coronavirus-related telemarketing schemes breaking the Telemarketing Sales Rule (TSR).
Building on the AI-generated Get Up! Mix the company unveiled last week, Apple is now adding a new section to Apple Music called Come Together that features a variety of playlists designed to help you get through long days stuck inside. In all, there are seven new playlists to check out. And as you might imagine, they cover the gamut of genres and moods. Apple says all the new playlists are available to listen to in the US starting today, and will be available in other countries by the end of the week.