Posts tagged Cyber Security
If you’re parent, you’ll know how much your children are missing their friends at the moment.
Video chat apps like Zoom, Houseparty and Facetime are a great way for children to keep in touch with their schoolmates – but sometimes things can go wrong.
Here’s a piece I filmed with BBC Newsround to help children and their parents learn how to stay safe when using group video chat apps.
A dedicated page on the website features these video group chat tips and some further online safety resources. It also includes a chat with my daughter about how she is keeping in touch with school friends while school is closed.
Newsround is something of an institution here in the UK. For many of us as we were growing up the John Craven-hosted daily show was our main window on the world.
As a parent now, I’ve once again found Newsround to be an invaluable resource, providing my children with just the right balance of information, reassurance and distraction when things outside are so confusing. The Newsround website is also filled with uplifting, informative and topical stories, and has helped us to talk about some big world topics as a family.
Is there a Gadget Doctor in the house? There is now.
In my surgery I mostly cover online safety and cybersecurity. Recently I’ve shared tips on video chat app safety, smart speaker privacy, and how to set up group calls for relatives who aren’t on the internet.
Needless to say, with many of us relying on technology at the moment to keep in touch with family, friends and work colleagues, we very have a busy mailbag right now.
Also on the Gadget Doctor rota are fellow experts in gaming, home entertainment, smartphones and photography – between us, we have most tech topics covered.
Need help with a tech tongue-twister? Drop the team a line at ku.oc.ortemnull@rotcodtegdag
When I first spoke about Deliveroo scams for BBC Watchdog in 2016, I had hoped the fast food delivery service would have taken away some tips on how to keep its customers’ accounts safe from fraudsters.
Yet here we are in 2019 and once again I’m investigating – this time for The One Show – why Deliveroo can’t seem to be able to keep its customers’ accounts secure.
Three years on and it seems little has changed at Deliveroo HQ.
Desperate Deliveroo customers are still finding orders being placed without their consent and delivered to addresses they know nothing about. Victims are still discovering that their email address is being changed, passwords updated, payment details changed, refunds issued – and even their name changed – without any apparent verification or controls.
Deliveroo vehemently denies that its own systems have been hacked. Instead it deflects responsibility back to its customers, admonishing them for reusing passwords across multiple online services.
Deliveroo: You Get Stuffed
Deliveroo claims that criminals are using “credential stuffing” attacks to take over customer accounts. It says usernames and passwords leaked from other online services are used to try and log in to Deliveroo accounts. Because many of us use the same passwords for multiple services, this can be a fruitful method of attack for criminals looking to hijack others’ accounts.
In my opinion, this victim-blaming doesn’t let Deliveroo off the hook. Other online services also acknowledge that these kind of attacks take place – and take further sensible precautions to protect their users.
One method used by many online services to add an extra layer of security is two-factor authentication. With “2FA”, a text message containing a one-off security passcode is sent to the account owner’s smartphone. It works because even if a hacker has identified a potential victim’s username and password, it’s unlikely they will have access to their smartphone too.
The weekly podcast takes a lighter look at the serious business of cyber security, and I appear to have been pigeon-holed as the show’s resident cyber-sex reporter. Oh well.
In last week’s episode I reported on AgeID, the latest attempt by a leading adult-content outlet to adhere to the UK’s upcoming age verification legislation which seeks to protect under-18s from accessing explicit online material.
We’ve never had so many people download an episode of the “Smashing Security” podcast as quickly as our latest one:
“Hijacked homes, porn passports, and ransomware regret”
— Graham Cluley (@gcluley) March 19, 2019
Clearly, there are a lot of challenges with this piece of law – practically, technically and morally – which is why the UK government has struggled with guidance and deadlines. At the time of writing, we’re still no clearer when the go-live date will be or how effective any block may prove.
Also in the episode we ask when it makes sense to pay off that ransomware fee, and uncover the ‘$150 million mansion hijack’.
Tap here to catch the full episode, or find it in your favourite podcast player.
I was back in the BBC Watchdog studio last night for an item on how Nectar card fraud has been leaving some viewers with a decidedly sour taste in their mouths.
Reports of fraudsters targeting the Nectar loyalty scheme aren’t new, but a recent spate of activity has brought it back to the top of the Watchdog mailbag.
Nectar began rewarding shoppers in 2002, and now around 20 million members collect and spend points at a variety of high-street and online retailers. In February this year, Nectar was bought by supermarket chain Sainsbury’s, which now also owns catalogue chain Argos.
In the fraud, Nectar points are redeemed – often in high street stores – to buy goods. The first victims know is when they try to spend their Nectar balance and find instead that their account is empty. So prolific are the fraudsters that, in some cases, victims have even found they‘be been left with a negative balance.
There are some patterns to the fraud:
- Victims are adamant that their physical Nectar card – which is required to redeem points for goods in store – hasn’t been stolen, mislaid or even in the same town as where the points were redeemed
- Argos appears to be a hot-spot for fraudsters redeeming Nectar points
How does Nectar card fraud work?
That is the million Nectar point question. On the surface, this is very straightforward:
Click to read on
The new series of Rip Off Britain – series nine! – began on BBC1 this month and once I am on-hand as its resident technology expert.
Earlier this week, I spoke with Angela about how high-tech car criminals are able to hack their way past current keyless security systems. I also shared a few tips that may help concerned viewers prevent their cars being stolen. Here’s a quick taster:
Car crime has largely moved on from the coat hanger and hot-wire days of old, with crime rates decreasing by 80 percent since 1993 according to the Office for National Statistics. However, a new wave of tech-savvy car criminals is now making easy work of making off with many makes of car.
I’ve been following the high-tech car crime trend closely, trying to understand the ways in which criminals are able to bypass or subvert car keyless security systems – whether through signal amplification, wireless jamming or keyless code capture. Criminals often steal to order, targeting high-value vehicles that are driven to so-called ‘chop-shops’ and sold on for parts.
Next week I travel to Glasgow for BBC Rip Off Britain Live. I find the live shows particularly enjoyable because we are able to be responsive to news stories as they break. As such, I can’t say yet exactly which stories I’ll be covering, but I believe we’ll be discussing how the Internet of Things has made our homes vulnerable to hackers.
I turned the internet’s air blue as I guested on this week’s Smashing Security podcast.
I’ve been listening to and enjoying the Smashing Security podcast since it began late last year.
So, I had no hesitation when Graham asked if I might appear as a guest on the show. I suspect he may hesitate before asking me again though…
Tasked with covering some of the week’s news, I quickly rounded on three sex stories:
- how the UK government plans to enforce age verification for sites serving adult content by April 2018
- how the owner of the Ashley Madison website has set aside $11 million to settle with disgruntled users following the 2015 data leak
- how one online adult service has introduced biometric authentication for male members
Needless to say, we covered the news with a professionalism befitting the material. Well, mostly. Hear for yourself:
To check out further episodes of the show, and to subscribe, visit the Smashing Security website.
In today’s Metro I investigate whether the CIA really can ‘hackcess all areas’. Plus, I ask if wearable tech has fallen from fashion. Hold on tight, it’s time to Connect…
Last week’s WikiLeaks document dump professes to reveal how the CIA has – with help from agencies including MI5 – been collecting and developing an arsenal of hacking tools, exploits and cyber skeleton keys to pick its way into the devices we use every day.
We shouldn’t be surprised. Covert surveillance is a tool widely used by intelligence agencies to maintain national security and counter terrorism.
But if the good guys can find a backdoor into our connected kit, surely the bad guys can too? Read on in the Metro e-edition…
The Apple Watch launched less than two years ago. I know this because on the day of the launch I confidently declared that ‘wearable tech is the next big thing’ on stage at the Gadget Show Live, enthusing about the upcoming Pebble Time smartwatch and the latest Jawbone and Fitbit gear.
How times change.
Less than two years on and the wearables phenomenon has failed to catch on, leading analysts to rein in their optimism.
Back to the Apple Watch.
Many – myself included – saw the launch of Apple’s highly-anticipated wearable as a watershed moment. Indeed it was, but rather than sparking a wearables revolution it had the opposite effect. ‘Oh, is that it?’, was the consensus.
However, as Bill Gates once quipped, we tend to over-estimate the impact of a technology in its first two years but underestimate its impact in ten. It might be in the depths of the trough of disillusionment but I can’t see anything other than wearable tech to playing a huge part in our future.