I was back in the BBC Watchdog studio last night for an item on how Nectar card fraud has been leaving some viewers with a decidedly sour taste in their mouths.
Reports of fraudsters targeting the Nectar loyalty scheme aren’t new, but a recent spate of activity has brought it back to the top of the Watchdog mailbag.
Nectar began rewarding shoppers in 2002, and now around 20 million members collect and spend points at a variety of high-street and online retailers. In February this year, Nectar was bought by supermarket chain Sainsbury’s, which now also owns catalogue chain Argos.
In the fraud, Nectar points are redeemed – often in high street stores – to buy goods. The first victims know is when they try to spend their Nectar balance and find instead that their account is empty. So prolific are the fraudsters that, in some cases, victims have even found they‘be been left with a negative balance.
There are some patterns to the fraud:
- Victims are adamant that their physical Nectar card – which is required to redeem points for goods in store – hasn’t been stolen, mislaid or even in the same town as where the points were redeemed
- Argos appears to be a hot-spot for fraudsters redeeming Nectar points
How does Nectar card fraud work?
That is the million Nectar point question. On the surface, this is very straightforward:
Click to read on
The new series of Rip Off Britain – series nine! – began on BBC1 this month and once I am on-hand as its resident technology expert.
Earlier this week, I spoke with Angela about how high-tech car criminals are able to hack their way past current keyless security systems. I also shared a few tips that may help concerned viewers prevent their cars being stolen. Here’s a quick taster:
Car crime has largely moved on from the coat hanger and hot-wire days of old, with crime rates decreasing by 80 percent since 1993 according to the Office for National Statistics. However, a new wave of tech-savvy car criminals is now making easy work of making off with many makes of car.
I’ve been following the high-tech car crime trend closely, trying to understand the ways in which criminals are able to bypass or subvert car keyless security systems – whether through signal amplification, wireless jamming or keyless code capture. Criminals often steal to order, targeting high-value vehicles that are driven to so-called ‘chop-shops’ and sold on for parts.
Next week I travel to Glasgow for BBC Rip Off Britain Live. I find the live shows particularly enjoyable because we are able to be responsive to news stories as they break. As such, I can’t say yet exactly which stories I’ll be covering, but I believe we’ll be discussing how the Internet of Things has made our homes vulnerable to hackers.
This week I appeared on BBC1’s The One Show sharing advice on how parents can help their children to develop healthy habits when using smartphones and tablets.
I’m a dad, and like most parents, I feel as if I’m making it up as I go along – which, of course, I am. How I introduce my children to technology is no exception.
Understanding a little about how children develop, what their needs are at different ages, and how easily influenced they are by adults around them, can all help make sure that children – and their parents – have a happy relationship with gadgets.
Technology offers amazing opportunities but, for me, the old adage that ‘too much of a good thing is a bad thing’ stands as true with smartphones and tablets as it does with anything else.
The One Show is on BBC1 at 7pm most evenings, viewers in the UK with a television licence can watch here.
In today’s Metro, I ask how the tech firms are tackling online abuse.
Despite the efforts of social networks such as Twitter and Facebook, many of the internet’s most popular destinations remain troubled by trolls.
When the trolls are in town, popular social platforms become unpleasant, unsocial places, not a carefree online destination to catch up with family and friends.
Some of those accused may claim they are exercising free-speech, but that doesn’t wash if the intent is to cause alarm or distress. Hurling abuse at somebody isn’t free speech, it’s hurling abuse at somebody.
So, isn’t it high time that tech firms stepped up their game to tackle the online abuse that runs riot on their platforms?
That’s what I examine in How tech is tackling trolls: how artificial intelligence, machine learning and image recognition are being deployed to disarm the trolls who terrorise the web.
However, there’s another angle to this that I’d like briefly to expand upon here: social networks need to tackle online abuse not only for their users’ sakes but for their investors’.
You see, for online social platforms driven by advertising – which is most of them – it is impossible to ignore the economics of trolling.
Economics of Trolling
Social networks are based on the principle that we humans are social creatures who like to express ourselves. The more we share, the more the networks know about us, and the more able they are to sell targeted advertising (ads that are, in theory, more relevant to us) on behalf of their partners.
Overall, it’s a happy relationship, and the numbers speak for themselves: almost 2 billion of us log in to Facebook every month to share status updates, likes and photos, from which it made almost $10 billion in 2016.
However, fear of unsocial behaviour on social platforms makes us more reluctant to express ourselves online; the less we share, the less they know and the less we visit, so the more it hurts the online platform’s ad revenues. The likes of Facebook and Twitter make nothing if we’re too afraid to use them.
Facebook and Twitter make nothing if we’re too afraid to use them
Twitter: We Suck
There are other ways in which the economics of online abuse can hurt too. Last year, Disney dropped its plans to buy Twitter over concerns that widespread trolling and bullying on the platform might, according to Bloomberg, ‘soil the company’s wholesome family image’.
Months before, Twitter boss Dick Costolo wrote, “We suck at dealing with abuse and trolls,” adding “It’s no secret, and the rest of the world talks about it every day.”
It does: just ask Leslie Jones, Katie Price, Zelda Williams, Katie Price, and countless others who have made the news after leaping from the toxic platform, having unwittingly stirred the trolls’ nest.
So, clamping down on unsocial behaviour is an obvious investment for businesses that rely on us being socially generous.
As I explore in the Metro feature, technology can go some way to weeding out abuse, but the trouble with automated tools is where the boundaries blur between abuse and robust argument. Even human moderators struggle with this and, for a while yet in my opinion, it’s likely AIs will too.
In today’s Metro I investigate whether the CIA really can ‘hackcess all areas’. Plus, I ask if wearable tech has fallen from fashion. Hold on tight, it’s time to Connect…
Last week’s WikiLeaks document dump professes to reveal how the CIA has – with help from agencies including MI5 – been collecting and developing an arsenal of hacking tools, exploits and cyber skeleton keys to pick its way into the devices we use every day.
We shouldn’t be surprised. Covert surveillance is a tool widely used by intelligence agencies to maintain national security and counter terrorism.
But if the good guys can find a backdoor into our connected kit, surely the bad guys can too? Read on in the Metro e-edition…
The Apple Watch launched less than two years ago. I know this because on the day of the launch I confidently declared that ‘wearable tech is the next big thing’ on stage at the Gadget Show Live, enthusing about the upcoming Pebble Time smartwatch and the latest Jawbone and Fitbit gear.
How times change.
Less than two years on and the wearables phenomenon has failed to catch on, leading analysts to rein in their optimism.
Back to the Apple Watch.
Many – myself included – saw the launch of Apple’s highly-anticipated wearable as a watershed moment. Indeed it was, but rather than sparking a wearables revolution it had the opposite effect. ‘Oh, is that it?’, was the consensus.
However, as Bill Gates once quipped, we tend to over-estimate the impact of a technology in its first two years but underestimate its impact in ten. It might be in the depths of the trough of disillusionment but I can’t see anything other than wearable tech to playing a huge part in our future.
My feature on how to secure your Amazon Echo was published in TechRadar last week. Here is my take on why securing these intelligent home hubs is of vital importance.
Buttons are obsolete. Simply by conversing with my Alexa I can control my central heating and the lighting around my house and garden; I can buy products with my voice, check my personal calendar, set alarms or reminders, update my things to do list, read my favourite book or play any song, album or playlist on Spotify. With my voice.
Hear no Evil
The convenience this offers is staggering and, in a little over three months since I plugged it in and powered it on, my Amazon Echo has already changed many behaviours in our household. For the better? I think so. However…
With convenience comes compromise, especially when it comes to security. We should never be blinded by the utility of any new piece of technology.
I made one mistake in extolling the virtues of our Amazon Echo above. You see, all of these amazing things and more can be commanded not only with my voice, they can be asked by anybody’s voice.
Voice Recognition versus Speech Recognition
While Alexa has enviable speech recognition – the ability to understand and interpret natural language input by speech – she has yet to learn the skill of voice recognition. Often confused, voice recognition is the ability to uniquely distinguish between different people’s voices by analysing physical and behavioural characteristics.
With voice recognition Alexa would know whether it was me (ie authorised) ordering that Nintendo Switch console from Amazon Prime, or if it was my Mario Kart-loving daughter trying her luck (sorry, denied). Did I just ask Alexa for a 2am alarm call or was somebody outside my living room window attempting to play a prank?
Amazon has no plans to introduce voice recognition into the Amazon Echo just yet. Nevertheless, there are steps that Echo owners can take to make sure they enjoy the convenience of a virtual assistant without the worry of being woken up by a 2am prank alarm call.
Pop over to TechRadar to read my 8 top tips to lock down your Alexa.
In the US Black Friday follows Thanksgiving Thursday and, along with so-called Cyber Monday, has become one of the biggest days in the online shopping calendar. Inevitably it has become a big deal in the UK now too.
On Friday’s ITV Good Morning Britain I was in the studio sharing some tips on how to bag the best online Black Friday bargains.
Many Black Friday shopping tips apply equally to buying online around the rest of the year, but some peculiarities have emerged:
- Keep checking throughout the day. A large element of surprise and secrecy exists around Black Friday that retailers are keen to persist. Prices change, new deals get added and stocks are limited: it’s all part of a clever strategy to keep us interested throughout the day and coming back to their online stores. But that does mean that a good price at 8am might be even better by midday, but sold out by six. That’s the risk you take.
- Black Friday Pop-Up Portals: Comparison sites and aggregation tools are useful all year round, but on Black Friday dozens of pop-up sales portals appear on reputable websites. Which to choose? If you’re shopping for gadgets and technology (always a big deal over this weekend) then take a look at the website of popular gadget magazines or online titles – referrals and traffic mean Black Friday is great business for them too, and many have journalists locked in a room all day hunting down the best deals so you don’t have to.
- Is it really a bargain? It’s worth pointing out that some retailers don’t play fair – research by Which? found many so-called Black Friday bargains were anything but, with prices cheaper both before and after the shopping bonanza weekend. Websites like camelcamelcamel.com (I’ve no idea…) keep track of prices over a period of time to let you see how the price you on offer today compares with the price over, say, the last twelve months.
It goes without saying to watch out for scams though phishing, smishing and malvertising, be aware of your rights and consider paying by credit card for the best consumer protection.
A final thought:
- Don’t let Black Friday Frenzy take over. Remember this is essentially a bit of fun – the worst that can happen is that we pay full price for something or don’t buy it at all. Part of the fun of the whole experience is the thrill of chasing a bargain but your life absolutely does not depend on it. Keep it in perspective and if the fun stops then switch off your computer, switch on the kettle and make a cup of Black Friday tea.
On BBC Watchdog tonight I appear in an item highlighting gaping holes in home food delivery service Deliveroo’s security and fraud prevention systems.
Victims of so-called ‘Deliveroo fraud’ report having their credit and debit cards emptied of many hundreds of pounds on food and drink orders they never placed, to addresses many hundreds of miles from where they live.
Deliveroo’s standard response to claims of a security breach has left those affected with a bitter taste in their mouths, suggesting victims look to their own security failings instead.
The first a victim knows of the fraud is when they receive an email from Deliveroo confirming an order has been placed.
Deliveroo insists that its own systems have not been the subject of a hack or data breach; instead, the firm advises that customers should not reuse passwords and usernames across multiple online accounts.
Sound advice on its own, but a critical mass of Deliveroo victims all suffering the same fraud might suggest that Deliveroo should look again at its own security measures.
- Smart fraud prevention mechanisms, if present at all, appear to be ineffectual here. Purchases that are so out of character – such as those highlighted in the show – should easily be picked up by automated systems and subjected to additional verification.
- Similarly, a change of delivery address should also trigger additional verification – a PIN sent to the account holder’s smartphone, for example.
- Deliveroo chooses not to authenticate customer card payments with a CVV2 code.
The Card Verification Value is one of the names given for the additional security numbers printed on the signature strip or front of the card. Deliveroo is far from the only retailer to forego ‘card not present’ security – Amazon, with its 1-click purchase, is another. However, this lack of verification allows fraudsters to place orders on credit cards that are not theirs with no challenge at all.
Deliveroo’s light touch on security can be put down to one thing: sales. Here’s how skimping on security benefits Deliveroo’s bottom line:
- When we buy something, the more hoops we have to jump through to make that purchase, the more likely we’ll drop out and go somewhere else.
- Understandably Deliveroo wants to make placing an order with them as simple a process as possible by cutting out as many hoops as it can.
- However, some of those hoops are there for reasons of security; in removing those, Deliveroo is not only making it easier for its customers to place an order, it’s making it easier for them to be defrauded.