Skip to content

CyberSecurity Report | February 2019

[clear]

[divider_top]

apple group chat bug

Apple and the Facetime Bug

The statement “Group FaceTime chats allowed people to eavesdrop on anyone they called, a bug so bad that Apple pulled the plug until it comes up with a fix,” opens an article published by Wired.com. How bad was the bug? Instead of hacking your emails or financial information, this bug lets the caller listen in on the other end of the line BEFORE the recipient even answers the phone! And, according to the article, just a few extra steps could trigger a video feed. Yikes!

This privacy breach was discovered by a 14-year-old in Arizona. He told his mother that he could eavesdrop on his friends while setting up a chat. She informed Apple who has identified the bug and is issuing a fix. For the first time in the company’s history, it took the aggressive step of shutting down an app until a fix is released.

[divider_top]
google money fine

Google Fined $57,000,000 for GDPR Violations

In case you didn’t take the General Data Protection Regulation (GDPR) seriously when they said they would fine overseas violators, take a look at Google’s fine – $57,000,000. France’s Commission nationale de l’informatique et des libertes (CNIL) accused Google of violating “obligations of transparency and information”, in addition to accusing Google of not obtaining valid consent.

Granted, a $57,000,000 fine is small change for the search giant. However, it’s a devasting amount for most companies and could put many out of business if found non-compliant. The GDPR was instituted back in May of 2018 and all internet companies pursuing the European markets that deal with data privacy should take note and ensure they are compliant.

[divider_top]
2019 cyber crime 

Cybersecurity in 2019 – What Should We Expect?

An article published by TechCrunch.com reminded us how 2018 was a tough year and warns us that 2019 might be a lot worse. In a nutshell, here are the top things to expect in 2019:

  • More data leaks and exposures
  • California’s privacy rules will come to a head
  • Brexit will hamper U.K. tech, startup growth
  • Australia’s draconian encryption laws will begin to hurt
  • Facebook’s privacy woes will spread to other Silicon Valley giants
  • Employees, not companies, will dictate how the technology they build is used
  • It’s only one incident away from sparking another Apple v. FBI crypto-war
  • Gloves are off for U.S. and China in cyberspace – again

[divider_top]
anatomy of a scam

Anatomy of a Scam

The work from home for Amazon opportunity turned out to be one of the biggest scams of the winter season.  This work from home scam is turning out to be one of the most common scams on the Internet.

First and foremost, beware! Any offer saying you’ll make hundreds of dollars a day by working at home for a few hours should raise a red flag. It’s the old, “if it sounds too good to be true, it probably is.” This scam, first reported back in August by the Better Business Bureau, has continued to evolve. The offer says that an online retailer is hiring dozens of people to list products online, post reviews, etc. It pays well – from $20/hour to $6,000/month. It turns out that there are dozens of domains (Amazon Cash Website, StockRetail.com, WebStoreJobs.com, etc.) running variations of this scam. They all redirect to a page filled with marketing, photos, videos and success stories. The following three points should tip you off:

  • It grabs your interest. Make note of some things you should notice right off:

Beware of a re-direct

  • It’s a bad sign if the website you end up on is different from the one you entered in the address bar.
  • Look at the TLD (top-level-domain) at the end of the domain name for the country code

This is just the tip of the iceberg. Bottom line is that everything is pointing you to the “If you are lucky enough to qualify” statement. Here’s where they get you – if you qualify, you will have the opportunity to pay for an “educational package” to start making money. They are counting on the fact that people just don’t read the small fine print and will send the money for the package. Had they read the fine print, they would have seen that they aren’t affiliated with Amazon, etc. and that the program is not a job but an educational opportunity that can help you learn how to make money via courses, coaching and commitments.

This scam is still circulating. Share and beware!

[divider_top]
cybercrime costs you money

Cybercrime is Costing You Money

Data breaches like December’s huge Marriott hack are becoming commonplace these days. Last year alone, the Identity Theft Resource Center tracked over 1,500 breaches. It doesn’t stop there. Once there has been a breach, the stolen information can then be used in a wide variety of scams and frauds.

Cybercrime is at a six-year high. According to the article published by CNBC.com, Comparitech’s analysis of the FBI’s Internet Crime Complaint Center’s annual report, over 300,000 people in the United States fell victim with losses topping $1.2 billion. According to the report, the top five states with the highest per-person costs were: Arizona, Massachusetts, Idaho, South Dakota and Washington.

Arizona topped the list, in part, because of its large health care services industry which holds an enormous amount of patient personal data. This industry is Arizona’s largest, yet is generally underfunded in information security practices. Health data is valuable and nets cyber-crooks a lot of money.

Florida may not be in the top five, but it has had its share of cybercrime. Florida’s numbers are:

  • Florida Total Victims: 21,887
  • Total monetary loss: $110,620,330
  • Monetary loss per person: $5,054.16

[divider_top]


This information is not intended to be exhaustive nor should any discussion or opinions be construed as professional advice.  Should you have any questions or would like to discuss your risk exposure with your company’s cyber insurance, please contact the insurance pros at ARCW Insurance.  We are here to help.