Category Archives: Now You Know

Interesting bits of information about how things work in the cyber world.

Facebook’s Dirty Scandal – Now You Know!

Image courtesy of Arztsamui

The world’s greatest social media network! The greatest collector of personal information in history of mankind! The greatest surveillance machine ever created! All this can be said of Facebook. But when you screw up it quickly becomes equally great. 

Facebook knew its security was weak.

 Facebook’s Chief Information Security Officer, Alex Stamos  argued that the amount of data Facebook was collecting made it a target for hackers, spies and hostile state actors. 

In an audio recording leaked to ZDNet, Stamos was heard telling his security team that he had warned management “that we have the threat profile of a Northrop Grumman or a Raytheon or another defense contractor, but we run our corporate network, for example, like a college campus, almost.” Executives inside Facebook were not happy.

Stamos argued for more openness about how Russian agents used Facebook to influence the 2016 presidential election and beyond. From the inside Stamos fought for organizational changes that would at least minimize the use of misinformation. Again, Facebook executives resisted his efforts. As a result Stamos is planning to depart Facebook by August.

Between 2011 and 2012 former Facebook platform operations manager, Sandy Parakilas, was  responsible for policing data breaches by third-party software developers. According to the Guardian he warned senior executives at the company that poor data security measures were a major vulnerability.

“My concerns were that all of the data that left Facebook servers to developers could not be monitored by Facebook,” said Parakilas, “so we had no idea what developers were doing with the data.”

Parakilas went on to say that Facebook had terms of service and settings that “people didn’t read or understand.” Parakilas went on to accuse Facebook of failing to use any enforcement mechanisms at its disposal, including audits of external developers, to ensure data was not being misused. Basically Facebook was warned by its own employees of the coming danger.

What happened?

Facebook basically lost control of the personal data of over 50 million users. The data was then used to target American voters with misinformation, fake news and other highly manipulated information by Cambridge Analytica.

Professor Aleksandr Kogan a psychology professor at the University of Cambridge, requested user data from Facebook. Kogan created a research app to be used by psychologist entitled “thisisyourdigitallife.”  

Some 270,000 Facebook users downloaded the app. Each user consented to allow Kogan’s app access to their personal information provided by Facebook. The data included their “Likes,” the city they live in, etc. But what users were not consenting to was giving up the same information on their friends.

According to Facebook Kogan assured the company that the data would be cleansed of identifying information and only used for research purposes. This turned out not to be the case. Kogan shared the dataset with Christopher Wylie of Euonia Technologies and possibly others. Wylie is the whistleblower who blew up the whole scam. More on him later. The two men formed a third company, Global Science Research that, once again, assured Facebook that the data would be anonymized. Global Science Research then proceeded to build out SCL and Cambridge Analytica’s (CA) voter profiles using the data.

Kogan has spoken out claiming that he is being scapegoated. Kogan told BBC Radio 4 Today program of an environment of permissive data-gathering and lax privacy policies. “We thought we were acting perfectly appropriately. We thought we were doing something that was really normal,” said Kogan. “My view is that I’m being basically used as a scapegoat by both Facebook and Cambridge Analytica.”

Cambridge Analytica

Lets get one thing straight before we go any further, CA could easily take the title of Department of Dirty Tricks. They are not the innocent data analysis firm they would have you believe.

According to the TheGuardian.com CA was caught bragging about using honey traps, fake news campaigns and operations with ex-spies to swing election campaigns around the world. CA executives were recorded on hidden camera by British news reporters talking about the dirty tricks they used to help clients.

CA CEO Alexander Nix was recorded telling reporters: “It sounds a dreadful thing to say, but these are things that don’t necessarily need to be true as long as they’re believed.” In addition Nix was known to refer to black clients as “niggers” in internal emails. Emails that were encrypted and programmed to self-destruct.

Nixon has since been suspended from the company and is under investigation.

Now if you want to know how dirty this whole thing gets a former employee of CA told CNN  former White House chief strategist Steve Bannon presided over a program at CA who’s purpose was collecting Facebook data to create voter profiles. CA was a prime data provider to the campaigns of Ted Cruz and Donald Trump.  Trump political appointee, Kelly Rzendzian, also worked at Cambridge Analytica.

Now remember that the original number is still only 270,000 users. Cambridge Analytica took it to the next level by hiring workers on Amazon Mechanical Turk (AMT). This platform allows gig workers, known as turkers, to complete small online tasks for near minimum wage or less. Turkers have been described as “volunteer slave labor.” CA hired these people to complete an online survey. According to the The Intercept’s investigation last year this system worked for Cambridge Analytica. Basically, Cambridge Analytica tricked turkers into a downloading a tool on Facebook that exposed both the worker, and their friends, in exchange for $1 or $2 to complete an online survey. According to the New York Times this trick was a massive success exposing over 50 million Facebook users to data collection.

Now back to Facebook. Andrew Zuckerberg’s company knew about this activity in 2015.  The Guardian reported in 2015 on Cambridge Analytica’s work on U.S. election campaigns. It revealed that the company drew on research “spanning tens of millions of Facebook users, harvested largely without their permission.” Kogan denied this was happening.

This was not a great concern for Facebook until 2015. That year Facebook updated its third-party API.  An API or application programming interface is just a piece of software that allows two software programs to talk to each other. Facebook moved to block access to the kind of massive data sets that Cambridge Analytica was collecting.  Although it drastically limited the data third party apps could access Facebook said nothing to users about the API misuse. Facebook also clamped down on any third-party app requesting more than the usual amount of data like public profile, list of friends, and email addresses from its users. But it all came too late.

After The Guardian published its article, Facebook demanded Global Science Research delete the data taken from Facebook users. Facebook has the right to delete data gathered by any app deemed to be “negatively impacting the platform.” Facebook believed that Kogan and SCL complied. They had not and no one from Facebook followed up.

Christopher Wylie

Christopher Wylie blew the lid off the Facebook/Cambridge Analytica data scandal. Wylie is being cheered for revealing how CA, according to the New York Times and the The Observer of London, of  improperly using and manipulating the Facebook data to influence elections. Wylie told the Observer “We exploited Facebook to harvest millions of people’s profiles. And built models to exploit what we knew about them and target their inner demons.” According to Wylie himself he was the gay Canadian vegan who somehow ended up creating “Steve Bannon’s psychological warfare mindfuck tool”.

Now you know.

 

Blockchain – Breaking It Down

The hottest word in technology is blockchain. Whether you have heard of  it or not you will be affected by it, now or in the future. But what is it?  How will it change things?

What is Blockchain?

A block is a record or log of new transactions. This log can track things like the the creation of cryptocurrency, changes to medical records, product manufacturing from start to finish or banking transactions. After each block is completed it’s added to the chain, creating a chain of blocks, hence a blockchain.

Information on the blockchain is also available to everyone. A block chain is not hosted on a single computer or server. Because of this any changes or transactions are immediately visible to everyone. So, as you can see a blockchain is very hard to falsify because everybody can see the changes and immediately notice if something is wrong or fraudulent. Blockchains are simply a public ledger that makes everything  traceable.

Blockchain was invented in 2008 to support transactions using digital currency. If you buy something using a cryptocurrency, send some to a another person or sell it, your transaction is publicly visible on the blockchain. Other people may not know who you are but they can see exactly how much has been transferred from one person to another.

Blockchain and cryptocurrency like Bitcoin are growing as an alternative to traditional banking. Users do not need a bank to move money from one location to another or to verify the transaction. This is sometimes referred to as frictionless transactions. This means a transaction can be completed without a paying a fee to a bank or government.

How is Blockchain being used?

Although blockchain is not yet in widespread use it is expected to change industry and commerce in a revolutionary way. It is considered a disruptive technology that can easily turn the economy and society upside down. As such, it is being carefully examined and introduced.

Blockchain and your vote.

Blockchain technology can can make electronic vote counting un-hackable. Voter fraud can be eliminated by securing the system during voter registration. Blockchain can secure voter’s identification and prevent vote tampering. Blockchain creates a permanent and public ledger of votes cast and tallied that provides for more fair, secure and democratic elections around the world.

Follow My Vote is one new start up company that is trying to apply blockchain to our voting systems.

Blockchain and your identity.

Blockchain is expected to make major difference in securing your digital identity. Right now billions of dollars are being lost due to online fraud and identity theft. Using blockchain technologies will make tracking and managing digital identities secure and efficient. The result will mean a seamless sign-on and reduced fraud. This is vitally important when it comes to banking, healthcare, national security, citizenship documentation and e-commerce. 

Currently password based systems rule the Internet. Blockchain technology is based on identity verification using  public key cryptographyUsing blockchain identity authentication the only question is if the person has the correct private key. It is understood the key holder is the owner and the exact identity of the owner is irrelevant. The only drawback to this system is, as always, the human factor. People share passwords they may begin sharing encryption keys.

Blockchain identity verification can allow you to securely apply for jobs, file for medical and other various benefits, remotely open bank accounts, verify emails and social media activity and, as mentioned earlier, secure voting.

Blockchain for business.

Blockchain has the ability to make sure corporations are playing by the rules. Records stored using blockchain suddenly become difficult, if not impossible, to alter.This factor means that contracts between people or between corporations are far less open to interpretation of manipulation. These are know as smart contracts.

Smart contracts are legally binding, programmable digitized contracts entered on the blockchain. Programmers can create legal contracts as variables and statements that can release funds using the bitcoin network.

An example would be if one company wanted to pay another company a million dollars at a specific time when the preconditions of the contract are met. The conditions, payout, and details would be programmed into a smart contract. Once all conditions are satisfied the money would be sent to the appropriate party as terms of the contract dictates. Computer control over contracts can increase business efficiency and make the legal system more equitable.

Blockchain is coming to a grocer near you.

Companies in the agriculture industry are using blockchain  to track the movement of produce through the supply chain. This means the farmer can track his bell peppers from the time they leave the field to the time you leave the grocery store with them. Blockchain creates a direct link from the farmer to the grocer ensuring they are paid fairly for their produce and allowing grocers to verify that they are getting what they’ve paid for. Blockchain use in agriculture means you know exactly where your food came from and who handled it. Keep in mind food fraud is growing problem. Is that fruit really organic? Is that fish really sea bass or is this olive oil really olive oil? Blockchain makes sure you get what you think you are getting and paying for.

This technology can also increase food safety and security. Blockchain brings transparency to the supply chain allowing retailers, farmers and consumers to identify and remove bad actors and poor processes. Blockchain can determine the source of food born illnesses quickly in the event of a illness outbreak saving time, money, and lives.

Blockchain and transportation.

Another way blockchain will affect your life is transportation. Car makers are using blockchain to make sure the parts that go into your car meet their standards and come from a legitimate source. Counterfeit parts are a big problem on the secondary parts market. These parts could possibly end up in busses, trains and even aircraft endangering millions of lives. Parts can now be tracked from the manufacturer to the user eliminating any possible counterfeiting.

Now you know.

 

 

 

 

 

 

 

 

 

 

 

 

Is Cryptocurrency for African-Americans?

Is cryptocurrency for African-Americans? Are we in on the game or are we just too cautious with our money to get in right now? Can cryptocurrencies like Bitcoin help the Black economy? Are we ready or even willing to get in the digital cash game? I said it before and I’ll say it again; Black people don’t play when it comes to money!

From Black celebrity endorsements to black people actually mining cryptocurrencies the game is starting to open up and awareness is growing. But are we truly on board?

Black celebrities are pushing cryptocurrencies and initial coin offerings or ICO.   An ICO is an unregulated way to raise money for new cryptocurrencies. ICOs are used by startups to get around the rigid rules and laws associated with  the regular capital-raising process. In other words they can raise money without any rules or laws to obey. This makes ICOs an extremely risky investment.

Risky investments do not appeal to African-Americans. “African-Americans are risk-averse,” says Deborah Owens, formerly of Fidelity Investments. Owens calls herselfAmericans Wealth Coach.”  Owens told Forbes.com that, “So, one of the major reasons they have less in retirement savings is they are ultra-conservative, particularly African-Americans who work in the public sector and nonprofit organizations.”

Ultra popular DJ Khaled, alongside boxer Floyd “Money” Mayweather are pumping up Centra Tech. Chief operating officer for Centra Tech, Raymond Trapani, told Fortune.com that Khaled and Mayweather are working as  “official brand ambassador and managing partner” of the company. But the government has issued warnings about their investment advice in digital currencies.

Mayweather, in addition to Centra Tech, he is also associated with ICOs from Stox.com and Hubii Networks. Critics say both companies are risky blockchain technologies and neither has produced a product, service or profit.

Other Black celebrities involved in cryptocurrency include rapper Snoop Dogg, Nas, former Spice Girl Mel B, actor Donald Glover, Seattle Seahawks cornerback Richard Sherman, former NFL wide receiver Chad Ochocinco, actor/comedian Jamie Foxx,  and WuTang Clan’s GhostFace Killah.

Needless to say these are fairly wealthy artists and athletes who can afford to play in the cryptocurrency casino and help ICOs raise billions of dollars. But is their involvement even legal?

The U.S. Securities and Exchange Commission (SEC) is looking real hard at these celebrity endorsements. The SEC issued a statement to “celebrities and others” who use social media networks to encourage the public to purchase stocks and other investments.

The statement advises celebrities that, “These endorsements may be unlawful if they do not disclose the nature, source, and amount of any compensation paid, directly or indirectly, by the company in exchange for the endorsement.”  Put simply these celebrities need to come clean and let people know they are partners or investors in the company they are pushing.

But are Black people buying cryptocurrencies? Edwardo Jackson of Blacks in Bitcoin believes its still early and that African-Americans need to get in the game and get in the game now. Jackson told TheAtlantic.com, “Can you imagine what it would have been like to own a piece of email technology in 1994? That’s what Bitcoin is like right now, and it’s only getting bigger.”

Along with Black celebrities Jackson could be opening the door for minorities to get into cryptocurrencies. Research in 2014 showed that black people and minorities in general were not aware of the cryptocurrency phenomenon.  But now the African-American community is becoming more aware of digital currency and the wealth it can produce. Black people interested in Bitcoin and possibly investing in digital currency are beginning to form groups to study this phenomenon. One MeetUp group in Atlanta has over 180 members and the interest appears to be growing. Sources of information for black people are also growing as evidenced by Jackson’s blogBlacks in Bitcoin.”

Can digital currency help the African-American community? An interesting fact about Black people in the digital age is our love of mobile technology. Black people have become early and enthusiastic adapters of mobile technology. We are most likely to shop and access the Internet using smartphones than white people. So the idea of using a digital currency is not out of the realm. Another interesting fact is that Black communities, low income neighborhoods, are severely under-banked.

Chief market strategist for ConvergEx Group, Nicholas Colas believes digital currency like Bitcoin can make a difference. Colas sees the currency filling the hole where banks are not in these communities. Colas cited a 2013 Senate committee letter from then-Federal Reserve chairman Ben Bernanke. Bernanke did not endorse digital currency but agreed low-cost transactions could benefit low income, under-banked communities. Providers of pre-paid cards and payday loans often thrive in low income communities.  Colas added, “That’s where the promise is for the African American community, because in a finished form, it allows for a cheaper money-transfer system than anything that the current financial system can provide.”

 

African-Americans are beginning to take notice of digital currency and are venturing in with their own brand of digital currency. A Black owned digital currency company, BitMari, has emerged. Founded in 2015, BitMari is a Pan-African blockchain company seeking to secure a piece of the action in the billions of  dollars sent to Africa each year. BitMari is facilitating the transfer or remittance of money using the Bitcoin technology into Africa.

 

 

 

 

$Guap Black Owned Digital Currency

Another Black owned digital currency is $Guap launched by tech visionary Tavonia Evans. The ICO for $Guap is aimed at recycling wealth within the Black community. $Guap is intended to leverage the one trillion dollars in Black spending power. $Guap will jump on the cryptocurrency wave by rewarding African-American consumers for supporting businesses that support them.

Now you know.

 

 

Cryptocurrency – What’s It All About?

What is cryptocurrency? Or you may call it Bitcoin. Where does it come from? How does it work? Is it real money? In case you haven’t heard we are in the midst of a monetary revolution. Many people are raving about Bitcoin. Some say it’s the money of the future. Others are saying it’s a scam or worse. So what’s it all about?

First of all lets clear up the definition. Bitcoin is cryptocurrency but not all cryptocurrency is Bitcoin. As a matter of fact there are as many as 1,000 different brands of cryptocurrencies. Bitcoin is just the most valuable.

What is Cryptocurrency?

Cryptocurrency is a digital form of currency that is different from real money. Money or currency is produced by banks and nations who create the money’s value based economic strength. This money is managed through a central banking system of that nation.

How is cryptocurrency different?

Transactions of traditional money are controlled, taxed and tracked by banks and nations.  Cryptocurrency transactions are made with no banks or governmental interference.  Some economist and investors like to say that transactions are frictionless. Cryptocurrency users are anonymous . So essentially cryptocurrency is stateless money with no banks and the users are completely unknown. That is until they change Bitcoin into real cash. 

Where did cryptocurrency come from?

Satoshi Nakamoto, the inventor, created Bitcoin in 2009. He has never been seen. No one even knows who or where he is. He may not even be a single person but a group of programmers. No one really knows. So cryptocurrency’s origin is a mystery. However, some believe that the National Security Agency has identified him. As usual the NSA has declined comment.

How is it created?

Cryptocurrency is created or “mined” using computers to solve incredibly complex math problems. Performing this work eats up a lot of electricity. So much electricity that you could never make a profit with the average computer. Cryptocurrency “miners,” as they are called, have begun building their own computers or hijacking other people’s computers to create Bitcoins. This has become known as Cryptojacking.

Mining a Bitcoin is not easy or cheap. Bitcoin’s value is about $6,000. How many Bitcoins would you have to produce to deal with a monthly $6,000 electricity bill and still make a profit? 

After a computer solves a series of problems it becomes known as a block. The blocks is then verified by other users and, once confirmed, are added to what is called the blockchain. The blockchain grows rapidly with a new block being added about every 10 minutes. A blockchain is a record of the Bitcoins created. It also records Bitcoin transactions that can never be changed. The blockchain never ends and is not hosted in single location making it immune to hackers.

How do you store or spend Bitcoins?

Bitcoin transactions move between users like email. Each transaction is digitally signed using cryptography and goes to the entire Bitcoin network for verification. These transactions are open to the public and can be found on the blockchain. All Bitcoin transaction leads back to the point where the Bitcoins were first mined.

Bitcoins are kept in a bitcoin wallet or the digital equivalent of a bank account. You can download the Bitcoin wallet from the Google Play store or iTunes. Your wallet allows you to send, receive and store Bitcoins. 

To complete a Bitcoin transaction you need two things; a public encryption key and a private encryption key.

Public keys or Bitcoin addresses, are random sequences of letters and numbers that work the same as an email address or username. Public keys are safe to share. You must give your Bitcoin address to receive Bitcoin. The private key must keep secret. This private key allows you to spend the Bitcoin.

Is Bitcoin real money?

Well, that is where Bitcoin may run into problems. First of all Bitcoin must meet the current standard of what money is. There are four basic standards for money.

ScarcityThere can be a only a limited amount available to secure its value. There can only be 21 million Bitcoins in the world. Right now there are about 9 million Bitcoins. Once it reaches 21 million no more Bitcoins can be mined.

Durability It must stand up to constant handling with no maintenance or special treatment. Bitcoin is completely digital and is never actually touched but human hands. However, Bitcoin is vulnerable. User error can cause the loss or destruction of Bitcoins. Users have lost or forgotten their private key making access to the currency impossible. Recently a a single user error caused the destruction of over $300 million worth of Bitcoin. So durability is an issue as well as security.

FungibilityIs every Bitcoin worth the same.  Let me make this simple for you. According to CoinMarketCap.com there are 1,037 different cryptocurrencies available. So not every one is worth the $6,000 I spoke about earlier. 

PortabilityCryptocurrency can be carried anywhere you carry your smartphone just like cash. So it is portable.

Breaking It Down.

Cryptocurrency is growing in acceptance but is not yet considered a viable currency. Its value is unstable and it is considered  an unacceptable risk by most financial experts and the coin of the future by others. In addition, governments are now examining the cryptocurrency phenomenon. Its anonymity makes it useful for crimes such as drug dealing, terrorism, money laundering and tax dodging. So the future right now depends on the view world governments take. A single law or crime could bring the whole thing to a halt or change the very definition of cryptocurrency.

 

National Cyber Security Awareness Month – Children and Social Media

Social media is everywhere. Facebook alone has over two billion users. And the bottom line is that social media is how people in the world share their lives. Is that what you want your children to do? Share their lives with everybody in the world? Black people have a saying about this. Its called “putting your business in the street.”

Children and social media are a dangerous mix. Every year thousands of children and teens are contacted by sexual predators, marketers and information collectors of all sorts. These people are an extreme danger not only to your children but your household as well. Children can unwittingly give away your most sensitive information. Over sharing is a common problem on social media websites. And children can fall for social engineering where they are manipulated into revealing sensitive information. This information can seem harmless like “where do you go to school?” Or, “what time does mommy go to work?” To a child these questions may seem harmless but you can see how a predator can use this information. Other information revealed by a child or teen online add to the exploding  rate of child identity theft.

How do you protect your child on social media?

Black parents are warned that your child’s use of a computer, smartphone or tablet is not harmless. Especially if this activity is happening without your knowledge of supervision. Some parents think that children means your 8 and 10 year olds. But teens are especially vulnerable on social media. Teens are more secretive, especially black teens. So parents need to work harder to implement and enforce rules for their social media use.

  1. Learn about social media – As a parent of a child or teen you need to take the time to research and learn about the different social networks children and teens are using. Plenty of parents use Facebook or Twitter. But there are many other sites your child may be using you don’t know about. These include Instagram, Snapchat, Vine, YouTube, and Tumblr.  Two other websites that are about secrecy and anonymity are called Secret and Whisper. You can find the most popular teen social media websites here. Familiarize yourself with what teens are doing online and on social media. If you have a teen in the house you need to keep up with whats happening or be surprised by it. Doing the research will give you a better understanding of how each service works. You may wish to create your own profile on these sites and apps to understand how they work and what is happening. Monitoring your children for their own safety is a tough parenting skill. Spying can cause teens to withdraw further and become more secretive. Here is some information about talking to teens about social media.
  2. Establish some firm rules for social media useFirst set an age for social media use. Young children are enticed by children’s television programs to go online to connect with characters. You should be aware that this is often a marketing play to sell toys or children’s food products or gather information. As  such they should be closely supervised. Let your child know when they can use the computer and what age they can begin using social media websites. Most social media sites require users to be at least 13 years old to create an account. The Children’s Online Privacy Protection Act (COPPA) prevents companies from collecting personal information about children under the age of 13 without their parents’ permission. Set times and time limits for your child’s social media use. Parents should go online with their young children and teach them social media safety early. Remember, the same rules apply online as on the sidewalk. Don’t talk to strangers.
  3. Keep the computer in a pubic area of your homeAs I said before, teens are notoriously secretive. Your teenager may be re-treating to the privacy of their bedroom to go online. Its not uncommon but it is also something to worry about. For younger children its a good idea to have the computer in a location where you can monitor your child’s activity. As for your teenager, this is where parenting gets tricky. Make sure your teenager understands the dangers of being on social media. Ask questions about what they are doing and who they are in contact with. Spying is not always the best idea but education can certainly give you some peace of mind. “Check out Teens Guide to Social Media.” Here a re few things you can do to protect your teen.
    1. A key question to ask is if they are in touch with someone they have not met personally, in person? This could be a danger sign.
    2. Make sure your teen understands that sexual predators are online. Make sure they know not to share personal information or pictures with people they don’t know.
    3. Make sure your teen understands the concept of “over sharing”.
    4. Make sure they know to never “friend the friend of a friend.”
    5. Sexting is strictly forbidden.
    6. Establish trust and honesty. Never make your teen feel he or she can’t come to you with problems and ask for advice. Finally, perform regular checks of your child’s privacy settings. Make sure your child’s social media account is as secure as possible. Block advertisers, and name and profile searches. Restrict who can see your child’s pictures, personal information and how to contact them.

Now you know.

 

 

 

National Cyber Security Awareness Month – Identity Theft

Identity theft is big business. And if you have been paying attention you probably know that data theft is exploding globally, especially so in the U.S. According to the Identity Theft and Resource Center and CyberScout  data breaches have hit  791 incidents in the first half of 2017 alone. Up 29 percent from last year.

Lets talk money. Last year over 15 million Americans were victims of identity theft. For the crooks that pulled in a staggering $16 billion. According to an Identity Fraud Study by Javelin Strategy & Research, since 2011 identity thieves have stolen $107 billion from U.S. consumers.

African-American consumers are as vulnerable as any other Americans to identity theft. But here is the problem. Many data breaches are not reported for days and even months sometimes. Is that against the law? Not exactly. Sometimes law enforcement will ask the company not to publicly disclose the breach as part of the investigation. So, as I always say, your cyber security is your responsibility.

How do you know if your identity has been stolen?

The answer to that question is, it’s hard to tell without constant vigilance. The bottom line is that you have to be on the lookout for not only the obvious signs but subtle clues as well. Again, you are responsible for your cyber security and your money. Don’t expect banks or credit card companies to do all the work. Yeah, they have algorithms that can spot unusual transactions but they are not perfect by any means. Here are some clues you need to be alert for.

  1. Monitor your mail. Are your bills and other mail failing to arrive as usual? This maybe an indication that your identity has been compromised and the thief has changed your mailing address. Cyber crooks are smarter than you think. You maybe getting some mail but the crook has re-directed items like your bank statement or credit card bills.  If bills are late follow up with creditors as soon as possible.
  2. You’re turned down for credit. If you apply for credit and denied or you try to increase your credit limit and are rejected without good reason you need to be suspicious.  Especially if you have excellent credit. Being denied credit or being offered credit with a high-interest rate is a sign your identity may have been compromised. Take the time to contact the creditor to discuss what the problem is.
  3. Mysterious bills for items you didn’t purchase. This is a good sign that your identity has been compromised. Especially bills that come from collection agencies.  You should contact the creditor immediately and inform them that you have been a victim of identity theft and it is not your debt. Report the situation to the police and your legitimate creditors and all three credit agencies as soon as possible. Also place a freeze on your credit to protect yourself from further damage. Some creditors will persist with collection efforts and even place negative information on your credit report. Write letters and keep good records. You need to establish communication and a paper trail to protect yourself.
  4. Monitor accounts for fraudulent transactions. Regularly check all your credit accounts for fraud. This includes brokerage accounts. Immediately challenge any charges or changes you cannot identify as yours.  Look for test charges. Thieves will charge a dollar or two on a credit card or debit card to see it if it will go through. Don’t ignore these if you find them. File a police report and demand that the fraudulent activity be stopped and the institution reimburse you for any losses.  As a victim of identity theft you have rights. Check IdentityTheft.gov to learn more.
  5. Your taxes. You need to be especially alert in this area.  Millions of African-Americans file their tax returns electronically every year. If your tax return is rejected act immediately! Your return was probably rejected because the thief has filed a tax return in your name and stolen your refund.   Also, be alert for a tax refund you were not expecting or do not qualify for. This is another red flag. Has a tax transcript arrived in the mail you did not request? It’s possible that a cyber criminal was attempting to download your tax information and failed a security test. The IRS then mailed the transcript to you believing you requested it. Anytime your taxes are concerned you need to be alarmed.
  6. Someone files for unemployment using your name and Social Security Number. If a hacker gets a hold of your Social Security number and the name of your current employer they may attempt to collect unemployment benefits in your name. You may get a call from your company HR depart that something is amiss. Social media, Facebook, is a good place for thief to look to see if you recently changed jobs or quit. Using this information they file for unemployment benefits. You are clueless until you get a nasty letter from your former employer or the unemployment agency.
  7. Your credit score goes up. Strangely this could be a clue that something is happening with your identity. Check your credit reports frequently for new accounts you didn’t open or credit inquiries which could reveal that cyber thieves are trying to get credit in your name.
  8. Direct mail and phone solicitations. Are you suddenly getting catalogs and offers from companies you never do business with. Or phone calls from marketers? You could have ended up on that mailing or phone list because someone is shopping with your credit card at expensive stores.You may get calls from car dealers, calls for loans and home improvement, or high end retail catalogs. You may be the victim of a high priced shopping spree on one or more of your credit accounts.

Now you know.

National Cyber Security Awareness Month – Beware of Skimmers!

Lets face it; technology is everywhere in our daily lives. So much so that we have gotten to the point where we use it without a thought. Hackers and thieves depend on a certain level of laziness to victimize people using card skimmers.

Everyday millions of Africans-Americans pull out their debit or credit card and swipe it. We swipe it for gas, food, clothes, medicine, every conceivable purchase. But are we aware of how vulnerable your money, and even your financial life, is when you swipe your card?

One of the most prolific, and easiest,  cyber crimes is the use of skimmers. A skimmer is a small device that is almost invisible to the naked eye. It is placed inside credit card readers. When you swipe your card through the reader the device records the information on your credit/debit card and transmits it to criminals. These skimmers can be found anywhere you use a credit card. The gas station, a convenience store or even an ATM. As I said already, spotting these little devices is very difficult. Sometimes the thieves will mount a skimmer over a card scanner. Sometimes they can gain access to the machine and mount the device inside. These cyber criminals are so good that they can even build skimmers with key pads that record your PIN and you would never know you were using it.

Newer credit and debit cards have what’s known as the EMV or chip and PIN cards. These are much more secure because they transmit transaction data encrypted. But those are not 100% secure either.

After they get your information they may decide to empty your bank account or max out your credit card on a  shopping spree. Its calledcard not present fraud.”

So how do you detect a card skimmer?

If you investigate the device you can sometimes spot a skimmer. Here are a few tips.

  1. Look for tampering. Check the device for any sign that it has been tampered with. Check top, bottom and both sides of an ATM. Check the card reader and the keyboard.
  2. Does it look right? Do you recognize it? If it is your bank ATM does it look different, such as a different color or material, graphics that aren’t quite correct or anything else that doesn’t look right. Be alert and paranoid about any machine. 
  3. If you’re at the bank and there is more than one ATM compare them. Look for obvious differences between the two? They should be identical.  If not alert the bank and police immediately.
  4. Check that  keyboard. Is it too thick? Is it loose or just does not look like it fits right? There may be a PIN-snatching overlay. Don’t use it.

    Fake ATM keypad

    5. Push, pull, jiggle everything. ATM’s are pretty sturdy so it should feel solid. Card skimmers and fake key pads are installed quickly and if you pull on one it may come off in your hand.

6. Another good practice is to hide your hand when entering your PIN. Some hackers use tiny cameras mounted above the ATM to record your PIN. Use one hand to cover the other when entering your PIN.

A card skimmer can be anywhere. You need to be alert and look for any signs that something is wrong. Be aware of gas pumps that might have been tampered with. This is a favorite hacker target. Why? Because they have a high volume of traffic and are not closely monitored. A good crook can install a card skimmer in seconds and come back for it in a few minutes having collected data from several cards. He may do this at several gas stations in a single day.

But the criminal may not come back for the skimmer at all. In the past skimmers had memory chips that required criminals to come back and retrieve the device. No more. The newest skimmers can transmit the information via Bluetooth or text message to the criminals computer. They can install the skimmer and record for hours. And you don’t have to build these devices. You can easily buy these devices on the web where they are sold openly.

But you can fight back. Your smartphone can detect these Bluetooth skimmers. When you arrive at a gas pump or any location using a self-serve card machine whip out your smartphone and  go to settings. Turn on the Bluetooth and have it search for sources. If a you see a string of suspicious numbers come up do not swipe your card in that pump or ATM. Report it to the police and store management immediately.

There are also apps that can detect skimmers. Skimmer Scanner is currently available for Android phones and it can detect the presence of a skimmer on a card swipe machine. The Skimmer Scanner app checks for nearby Bluetooth transmissions and alerts you when one is detected.

Now you know.