Tuesday, January 31, 2017

The “can you hear me?” phone scam is back. Here’s how to protect yourself.

Can you hear me? Don’t answer that.

The Better Business Bureau issued a press release yesterday warning the public of an an age-old scam making a comeback.

It’s been deemed the "Can You Hear Me?" scam.

In the past, this scam targeted businesses. The scammer would call - even pretend to adjust the phone or headset - and ask, "Can you hear me?"

The person on the other end would likely say, "Yes, yes, I can hear you."

With this grunt of approval, scammers could twist that around to, "Yes, the nice woman said she’d purchase this bulk of office supplies." Or, "Yes, he wants to buy an ad."

Now the phone scam is back, but it’s targeting individuals. In fact, BBB says more than half of the scams reported through its BBB Scam Tracker in the past few days have been about this one.

This is what happens: Someone calls you and you pick up. Consumers say the calls have been about anything from vacation packages to cruises to warranties.

Then the operator will ask if you can hear them, and you impulsively say "yes." But you haven’t just politely answered their questions. Rather, you’ve committed to something and didn’t even know it.

What to do if you get a "Can you hear me" call:
  • If someone you don't know asks "Can you hear me?" don’t say anything. Hang up.
  • Stay aware of any other questions to solicit a yes. These scammers are smart; they’ll know the public has caught on and will adjust accordingly.
  • Don’t answer a call from an unknown or unfamiliar number.
  • Check your bank and credit card accounts on a regular basis.
If you do get a call from someone you think is a scammer, report it to BBB Scam Tracker to help warn others of your experience.

*Source: BBB

Wednesday, January 25, 2017

Don't fall victim to the 'Free Wi-Fi' scam...Those wireless connections could be a trap.

The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware - you may end up being victimized by the latest hot-spot scam hitting airports across the country.

You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie. The attack could even leave your laptop open to hackers every time you turn it on, by allowing anyone to connect to it without your knowledge.

First, let's take a look at how the attack works. You go to an airport or other hot spot and fire up your PC, hoping to find a free hot spot. You see one that calls itself "Free Wi-Fi" or a similar name. You connect. That's it - you've been compromised!

The problem is that it's not really a hot spot. Instead, it's an ad hoc, peer-to-peer network, possibly set up as a trap by someone with a laptop nearby. You can use the Internet, because the attacker has set up his PC to let you browse the Internet via his connection. But because you're using his connection, all your traffic goes through his PC, so he can see everything you do online, including all the usernames and passwords you enter for financial and other Web sites.

In addition, because you've directly connected to the attack PC on a peer-to-peer basis, if you've set up your PC to allow file sharing, the attacker can have complete run of your PC, stealing files and data and planting malware on it.

You can't actually see any of this happening, so you'd be none the wiser. The hacker steals what he wants to or plants malware, then leaves, and you have no way of tracking him down.

All that is bad enough, but it might not be the end of the attack. Depending on how you've connected to that ad hoc network, the next time you turn on your PC, it may automatically broadcast the new "Free Wi-Fi" network ID to the world, and anyone nearby can connect to it in ad hoc peer-to-peer mode without your knowledge - and can do damage if you've allowed file sharing.

While some of these ad hoc networks advertising themselves as available for connection may be attributable to Windows behavior that the PC's user is unaware of, wireless ad hoc attacks may be more common that you think. Security company Authentium, Inc. has found dozens of ad hoc networks in Atlanta's airport, New York's LaGuardia, the West Palm Beach, FL, airport and Chicago's O'Hare. Internet users have reported finding them at LAX airport in Los Angeles.

Authentium did an in-depth survey of the ad hoc networks found at O'Hare, visiting on three different occasions. It found more than 20 ad hoc networks each time, with 80% of them advertising free Wi-Fi access. The company also found that many of the networks were displaying fake or misleading MAC addresses, a clear sign that they were bent on mischief.

"You connect to one of these networks at your own peril," says Corey O'Donnell, vice president of marketing at Authentium. "And you would have no way of tracking down how you were attacked, because you would have thought you were at an ordinary hot spot connection. Enterprises are also at risk, because if someone uses a corporate laptop to connect to one of these networks and gets infected, when he plugs back in to the enterprise network, the whole network is put at risk."

Tuesday, January 17, 2017

A warning to all the selfie queens out there: you can be hacked!

Next time someone poses for a selfie with their fingers held up in a peace sign, maybe tell them to leave it at a smile.

An ordinary photo of the universal sign of goodwill might be enough for a thief to copy a fingerprint, thanks to the high quality of digital photos these days. And since Touch ID and similar technologies turn fingerprints into keys that unlock our devices and the data we keep in them, that’s cause for concern.

Just by casually making a peace sign in front of a camera, fingerprints can become widely available.

A team at the NII’s Digital Content and Media Sciences Research Division, Japan was able to reconstruct fingerprints spotted in pictures taken from up to 3 meters away.

“Fingerprint data can be re-created if fingerprints are in focus with strong lighting in a picture.” - Isao Echizen, a professor at Japan’s National Institute of Informatics

The peace sign is a common expression in social media pictures, but this technique could conceivably be applied to other common gestures like waving or giving a thumbs up. Matched with a person’s face, that makes for a significant amount of biometric data that identity thieves could do real damage with.

How Thieves Could Get Fingerprints From Selfies

The technique described by Echizen uses no special software, but does require good lighting - so for the moment you can feel free to flash whatever signs you like when the light is low. As mobile cameras become more and more powerful, though, selfies will become a bigger security liability.

The better alternative might be to make sure you aren’t relying on fingerprint security measures whenever possible. Or just avoid selfies altogether.

Wednesday, January 11, 2017

Sure, Alec Baldwin and Missy Elliott can ask Alexa to have a dance party. But soon you may be able to tell Alexa to start your car.

By now you have seen the commercial below, which shows Amazon's Echo basic features. But did you know that more advanced features are coming soon? Ford announced Wednesday at CES 2017 that its newer vehicles will work alongside Amazon's popular Echo smart speaker and its voice assistant Alexa.

The move will allow select Ford owners to make voice requests via the Echo such as "Alexa, ask MyFord Mobile to start my car," provided they're within earshot of the smart home device.
Other capabilities include the ability to turn off the car, lock or unlock the doors and check a vehicle's battery power level. The technology could also be useful for those who want to loan a car to a friend without handing over a key. A car owner could ask its Echo to unlock and start the car, even if its miles away.

The partnership will come this month to three existing electric Fords - the Fusion Electric, Fusion Energi and C-MAX Energi - as a free upgrade to its built-in Sync 3 tech platform. Ford will roll it out the upgrade to more vehicles later in the year.

Eventually, Ford drivers will be able to make Alexa requests from directly within the car. For example, a driver could ask the technology to play an audio book or turn off their smart lights at home.

In addition to an Amazon Echo, eligible Ford owners will have to pair an Android device to Amazon's Alexa app. Meanwhile, iOS users are required to connect to the car with a physical cord. Drivers can tap the existing voice recognition button on their steering wheel to speak to Alexa.

By embracing voice commands, Ford intends to make it easier for drivers to keep their hands on the wheel and eyes on the road. The effort comes as motor vehicle fatalities spiked in 2015. Experts believe distracted driving is a key contributing factor.

Monday, January 2, 2017

Like BMW? How about transformers? If so, this is the car for you!

Antimon is a BMW 3-series car that transforms into a robot in 30 seconds. It's the work of 12 engineers and 4 technicians from Turkey, who spent 11 months putting their creation together.

"We want to show our power all over the world. We think if we do something like this it'll get great exposure all over the world." -Turgat Alpagot, sales and marketing director for Letrons

Alpagot says he's already received bids for Antimon at this week's Big Boys Toys exhibition in the UAE capital. The highest bidder can take Antimon home at the end of the exhibition on Saturday.

The car isn't licensed for the road, and you can't drive it. But it can be moved by remote control at speeds up to 20 kilometers (12.4 miles) per hour. In its standing position, the robot can move its arms, fingers and head.

Letrons hopes Antimon will be the first in a series of 12 transformers. The rest are in the research and development stage.

Alpagot says the company has received interests from theme parks and shows looking to rent Antimon.

What's next? The creators are seeking funding from private investors to develop smaller transformers that are more affordable and can be driven on the road.

Above: Antimon - the BMW transformer made by Letrons