WEEK ENDING: 2nd July – A ROUNDUP IN I.T. & TECH NEWS
What a week for English sport, and we don’t just mean the Euros. With football, tennis and cycling monopolising our screens this week, the big news in tech and I.T. may have passed you by.
This week’s round-up covers everything from hackers launching ‘sneak attacks’ against your smartphone, LinkedIn data up for sale on the dark web and Google’s latest ad restrictions.
Let’s get you up to speed.
Hackers could be launching ‘sneak attacks’ against your smartphone
Cyber criminals have become increasingly sophisticated with their attacks, unfortunately the COVID-19 pandemic has helped fuel these attacks. According to a report published by security firm McAfee, as we’ve spent more time at home recently, fraudsters have seen an increased opportunity to steal data and financial information from our mobile devices.
McAfee’s previous Mobile Threat Report showed that hidden applications posed the greatest threat to mobile users, however hackers have now expanded their attacks to include billing and banking fraud techniques. Many now use pandemic-related themes to lure victims into clicking malicious links that provide attackers with information or control over their devices.
Raj Samani, McAfee Fellow and Chief Scientist, commented,
“We’ve seen how the pandemic not only led to an increased dependence on mobile devices, but how it has prompted bad actors into developing new ways of tricking consumers and stealing their personal data. As well as these advanced forms of malware and deceit, we’ve seen that hackers are also returning to billing scams but using new tricks.”
How are hackers taking advantage of the current climate? Well, a common strategy is piggybacking on newsworthy events to encourage people to engage with fraudulent emails, SMS messages or apps. The COVID-19 vaccine rollout provided the ideal opportunity for hackers to capitalise on the anxiety surrounding the pandemic. Many people unknowingly engaged with ads related to the vaccine and subsequently had their personal data stolen.
Research around malware trends has shown that 90% of all pandemic-related threats took the form of trojans, a type of malware disguised as a legitimate application or service. The most common malware was fake vaccination registration apps that demanded access to SMS messages, allowing the hackers more access to the victims contact book.
To help maximise protection against these types of cyberattacks, you should only download content from the official app store and research the developer before clicking. Getting antivirus software on your mobile can also help to prevent potential malware attacks.
Read more here.
700m LinkedIn users’ data for sale on dark web
Hackers have put up for sale the personal data belonging to millions of LinkedIn users, including email addresses, locations, phone numbers and even estimated salaries. The data, which is estimated to be of around 700 million users, has been seen up for sale on the dark web, according to security researchers, Restore Privacy.
The dark web, a version of the public web that requires special browsers to access, is regularly used by criminals to buy and sell illegal goods while remaining anonymous. Many cyber criminals have started using it to sell or buy stolen personal information, either to gain access to certain apps or to further exploit them through ransomware.
But this isn’t a traditional data breach, the dark web user claimed that the data had been gathered by using software from LinkedIn for developers, an application program interface. However, this has been the second reported incident of data harvesting from LinkedIn this year, after hackers were able to steal personal data from 500 million users in April.
At the time, LinkedIn argued this wasn’t a data breach. A LinkedIn spokesman commented,
“While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach, and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our terms of service and we are constantly working to ensure our members’ privacy is protected.”
Discover more here.
Google UK announces ad restrictions to help fight financial fraud online
The UK arm of tech giant, Google, is making changes to its financial products and services advertisement policy to fight the rise in online fraud. Financial services will be required to verify their identity with Google before any advertising on the platform will be allowed. This new requirement is due to take effect from September and will help prevent scammers from exploiting its platforms.
How will this work? Advertisers must successfully complete an updated verification process to show financial services ads to UK users. In addition, financial services advertisers will be required to demonstrate that they are authorised by the UK Financial Conduct Authority (FCA).
Ronan Harris, Google UK managing director, commented,
“While we understand that this policy update will impact a range of advertisers in the financial services space, our utmost priority is to keep users safe on our platforms – particularly in an area targeted by fraudsters. We are committed to leading on necessary changes to help fight online scammers.”
The FCA is welcoming the steps that Google UK is taking to protect consumers from scams, however they wish to see continued and concerted efforts by all organisations with an interest in protecting consumers to achieve a sustained reduction in scams.
Some ads categories including debt services, gambling, cryptocurrencies, and credit repair, would not be considered financial services for the purposes of the new policy, but will still be required to comply with all other Google ads policies to have paid advertisements shown.
Find out more here.
Those were just some of this week’s top stories but if you want more content, follow us across our four social media channels: