Posts tagged television
When I first spoke about Deliveroo scams for BBC Watchdog in 2016, I had hoped the fast food delivery service would have taken away some tips on how to keep its customers’ accounts safe from fraudsters.
Yet here we are in 2019 and once again I’m investigating – this time for The One Show – why Deliveroo can’t seem to be able to keep its customers’ accounts secure.
Three years on and it seems little has changed at Deliveroo HQ.
Desperate Deliveroo customers are still finding orders being placed without their consent and delivered to addresses they know nothing about. Victims are still discovering that their email address is being changed, passwords updated, payment details changed, refunds issued – and even their name changed – without any apparent verification or controls.
Deliveroo vehemently denies that its own systems have been hacked. Instead it deflects responsibility back to its customers, admonishing them for reusing passwords across multiple online services.
Deliveroo: You Get Stuffed
Deliveroo claims that criminals are using “credential stuffing” attacks to take over customer accounts. It says usernames and passwords leaked from other online services are used to try and log in to Deliveroo accounts. Because many of us use the same passwords for multiple services, this can be a fruitful method of attack for criminals looking to hijack others’ accounts.
In my opinion, this victim-blaming doesn’t let Deliveroo off the hook. Other online services also acknowledge that these kind of attacks take place – and take further sensible precautions to protect their users.
One method used by many online services to add an extra layer of security is two-factor authentication. With “2FA”, a text message containing a one-off security passcode is sent to the account owner’s smartphone. It works because even if a hacker has identified a potential victim’s username and password, it’s unlikely they will have access to their smartphone too.
Fixing Deliveroo’s Fraud Problem
At the time of writing, Deliveroo does not ask customers to validate updates made to their account. A change of email, new delivery address, payment details, even name – I mean, how often do you change your name? – go unchallenged by Deliveroo’s security systems. Yes, an email advising of a change is sent after the event, but by then it’s often too late for victims.
Adding an additional security step like this for significant or out-of-character account activities would, it seems to me, stem much of the fraud Deliveroo customers have been facing.
Deliveroo does say that it employs advanced machine learning technology to catch fraud. However, with its algorithms failing to identify seemingly bizarre patterns of behaviour, it appears that Deliveroo’s computer all too rarely says no.
During the investigation I discovered tutorials shared by hackers on how to break in to Deliveroo accounts – and other services such as Netflix, Spotify or Amazon Prime Video – many hidden online in plain sight. I saw the encrypted chat rooms where hijacked user accounts are bought, sold and requested in bulk.
I also found evidence of fraudulent Deliveroo shop-fronts that offer hefty discounts for ordering through them instead of directly with Deliveroo. These middle-men place orders on behalf of their clients using hijacked Deliveroo accounts, funded with victims’ details, stolen credit cards or refunded credit. They are paid a cut of the order value – typically 30 percent – using tough-to-trace cryptocurrencies.
On the surface, takeaway food crime may appear low-key – but there’s clearly more here than meets the eye.
My advice for Deliveroo customers is this:
- Use password manager software to create and store long, strong, unique passwords for your online accounts – including Deliveroo – that will be almost impossible for a hacker to guess. There is no such thing as infallible security, but in my opinion a password manager is the best choice you can make right now.
- For those accounts that support it – and there’s a long list of major online services do – enable two-factor authentication. Here’s hoping that, one day, Deliveroo joins that list.
Finally, and most important of all, if you don’t trust an online service to keep your account, your personal information or your payment details safe, then vote with your feet and use another service.
Mobile World Congress (MWC) is where the world’s mobile industry meets.
An enormous event attracting over 100,000 visitors, MWC sets the agenda for the technology that impacts our lives the most.
This year, working with the show’s official broadcast outlet, we were challenged to produce a daily hour-long TV show that captured the energy, creativity and invention of MWC’s startup-focused event, 4YFN.
The result – The 4 Years from Now Show – achieved all that and more, with top quality broadcast output that surfaced the scale and spirit of the show.
We spoke with startups applying robotics, AI and blockchain to solve real-world challenges; we chatted biohacking, transhumanism and brainwave modulation with experts and practitioners; we even tried a sleep robot, a connected cat litter tray and a post-workout training shoe drying and sterilising device.
Individual packages from the show are now available on demand over at Mobile World Live TV.
Last weekend I was in Cannes at the iconic InterContinental Carlton Hotel to host the TV industry’s Content Innovation Awards 2018.
The awards fall on the eve of MIPCOM TV, the annual television industry marketplace in which networks from around the world buy and sell the shows we watch.
Categories at this year’s awards included best entertainment format, best use of social media, best VR project as well as recognition for outstanding contribution in the industry.
Here’s a taste of the evening:
It was my first time in Cannes, and I had a terrific time at the awards helping the industry to celebrate its successes. I’m very grateful to the team at Informa, Television Business International and Digital TV Europe for asking me to host this year’s prestigious event.
I’ve been filming some items for Channel 4 prime-time consumer programme, Supershoppers. In tonight’s show, I’m investigating broadband and Wi-Fi speeds.
Is the internet speed you pay for the speed you actually get throughout your home? There are lots of reasons why that may not be the case, one of which is how well your broadband router performs.
The majority of us make do with the router provided by our internet service provider when we sign up. While that’s often the easiest way to get up and running, that bundled hardware may not always provide the best internet experience around the house.
So, we’re testing the kit shipped by the some of UK’s top internet service providers – as well as some after-market options – to see which router works the hardest to send Wi-Fi around your home.
In the show we test:
- BT Smart Hub
- Sky Q Hub
- Virgin Media Hub 3.o
- TP-Link TL-W940N
- Linksys WRT1900ACS
Watch Supershoppers on Thursday 14 June 2018 at 8pm or catch up on All 4.
This week I’m at Mobile World Congress in Barcelona reporting for Mobile World Live TV.
Mobile World Congress is where the mobile industry meets. Each spring, over 100,000 visitors swarm into Barcelona to get a first look at the technologies that will feature in our pockets, homes, offices, cars and cities in the coming months.
Mobile World Live TV is the official broadcast channel of MWC, playing on over 100 screens around the Fira, live on the web and to tens of thousands of hotel rooms across the city.
Each day I’ll be hunting down the best start-up stories from in and around 4YFN at Mobile World Congress for my very own 60-minute show on the channel.
What is 4YFN?
Connecting start-ups from around the world, 4 Years From Now is where the firms and technologies we expect to see maturing in, let’s say, 4 Years From Now showcase themselves, speak to investors and network with others who can help take them to the next stage.
4YFN is 20,000 visitors, 650 start-ups, 110 hours of keynotes, workshops and panels discussing how technologies such as 5G, AI, Machine Learning, Internet of Things and Blockchain will continue to permeate our lives in the next 4 years from now.
The first episode of the show broadcasts on Tuesday 27th February at 15.00 CET with repeats each evening at 21.00 CET. Watch live – and on-demand after MWC – on Mobile World Live TV site.
The new series of Rip Off Britain – series nine! – began on BBC1 this month and once I am on-hand as its resident technology expert.
Earlier this week, I spoke with Angela about how high-tech car criminals are able to hack their way past current keyless security systems. I also shared a few tips that may help concerned viewers prevent their cars being stolen. Here’s a quick taster:
Car crime has largely moved on from the coat hanger and hot-wire days of old, with crime rates decreasing by 80 percent since 1993 according to the Office for National Statistics. However, a new wave of tech-savvy car criminals is now making easy work of making off with many makes of car.
I’ve been following the high-tech car crime trend closely, trying to understand the ways in which criminals are able to bypass or subvert car keyless security systems – whether through signal amplification, wireless jamming or keyless code capture. Criminals often steal to order, targeting high-value vehicles that are driven to so-called ‘chop-shops’ and sold on for parts.
Next week I travel to Glasgow for BBC Rip Off Britain Live. I find the live shows particularly enjoyable because we are able to be responsive to news stories as they break. As such, I can’t say yet exactly which stories I’ll be covering, but I believe we’ll be discussing how the Internet of Things has made our homes vulnerable to hackers.
David McClelland joins the BBC X-Ray team for a photography summer special.
As regular visitors here may know, I’m a photography nut. Naturally, I was very excited to be asked to be part of the BBC One Wales X-Ray Summer Special on how to make the most of your camera. I was pleased too that a primetime TV show had dedicated its slot to talk about photos – after all, with smartphones in almost every pocket now, snapping photos is something that many of us do all the time.
On a blustery afternoon in late-spring, I arrived by train into the picturesque Welsh coastal town of Aberystwyth. Heading first for the seafront, and then to the Arts Centre, I spoke with presenter Lucy Owen about all manner of issues that might arise when taking pictures and sharing them online — even how to back them up:
The show also looks at how to take better pictures with your smartphone, how to get great footage while safely flying a drone, and how the National Library of Wales preserves its priceless collection of photos.
UK licence fee payers can watch the whole BBC One Wales X-Ray episode on BBC iPlayer.
This week I appeared on BBC1’s The One Show sharing advice on how parents can help their children to develop healthy habits when using smartphones and tablets.
I’m a dad, and like most parents, I feel as if I’m making it up as I go along – which, of course, I am. How I introduce my children to technology is no exception.
Understanding a little about how children develop, what their needs are at different ages, and how easily influenced they are by adults around them, can all help make sure that children – and their parents – have a happy relationship with gadgets.
Technology offers amazing opportunities but, for me, the old adage that ‘too much of a good thing is a bad thing’ stands as true with smartphones and tablets as it does with anything else.
The One Show is on BBC1 at 7pm most evenings, viewers in the UK with a television licence can watch here.