What l learned after a Windows scammer went after me, a German headache for Facebook and to important updates now available.
Welcome to Cyber Security Today. It’s Monday February 11th. To hear the podcast, click on the arrow below:
I got a phone call the other day from a con man who said he was from Microsoft Technical Support. I’m talking about it so you’ll know how these people work.
He said they’d discovered that my computer wasn’t updating some of the drivers. So I played along. He asked me to type a few things so Windows showed the details of my system. Then he wanted me to read out what the screen showed. I wasn’t going to do that. Presumably he wanted to know things like what version of Windows I have, then would ask me to download something, or ask for my email address so he could send me a file to be downloaded that would “fix” the problem, or let him take control of my computer so he could fix the problem. Of course the file would have malware. At one point I said I needed some proof this was legit. I have your ID number from your computer, he said. When you bought your computer the licence number is registered, he said. And because we’re certified partners, we also have this number. I thought that was odd — he said he was from Microsoft, not a partner. Then he said this problem cannot be fixed by your local technician — which was really odd. I told him I needed some verification. So he gave me the number 888-DCA60. Well, that’s a number that’s part of everyone’s Windows that can be found on a list in your computer. It’s not a unique licence number.
So listen: Microsoft won’t ever phone you. Your anti-virus company won’t phone you. The income tax department won’t phone you. If you get a call like this, hang up. Don’t give out personal information to anyone who phones you. If you get a call like this and you have call display, report the incident and the phone number to the Canadian Anti-Fraud Centre. In the U.S. go to www.usa.gov and search for “report scams.” Microsoft also has resources here.
Want to restrict how much Facebook knows about you? You should live in Germany. That country’s competition authority has sharply curtailed how Facebook can profile people by ruling users can refuse to allow the company to combine their Facebook information with data about their activities on other sites.
According to the New York Times, the competition agency said Facebook had exploited its dominant position in the German market by coercing people into giving up their personal data. Users have to make an all-or-nothing choice, between submitting to unlimited data collection by the company or not using Facebook at all. As a result Facebook collects data about its users’ activities on millions of non-Facebook sites, which it uses to offer advertisers the ability to better target online ads. Which is why Facebook has a lot of money. The regulators say Facebook now has to give German users a choice of not letting Facebook combine their data with information from other sources. Facebook says it will appeal.
Finally, two security updates to note: Companies using collaboration software from a company called Lifesize should look for security updates on Lifesize Team, Room, Passport and Networker. Security vendor Trustwave found the bugs, but because the products are either old or about to be abandoned wasn’t willing to issue patches. Lifesize changed its mind.
And those of you with Apple iPhones and iPads should make sure the latest version of the iOS operating system is installed. A security update fixes a major potential spying bug with FaceTime that a 14 year old American found.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.
Sponsor: Micro Focus
How GDPR can be a strategic driver for your business