Google’s New Application Tools for Maps, YouTube, and Assistant Put Privacy in the Hands of Its Users

Image Source: www.iStock.com/IngusKruklitis

Just in time for National Cybersecurity Awareness Month, Google Maps, YouTube, and Google Assistant were recently announced to have new tools related to user privacy and security. The new updates to these applications give users more control over what data Google can retrieve, and even gives the option for users to delete already collected data such as within Google Voice Assistant. 

Google Maps has now included an incognito mode to keep the application from tracking which places you search for and where you travel to, this thus giving its application users more control over privacy. Incognito mode also helps to keep users’ personalized recommendations from including any locations that would otherwise be irrelevant. Android and iOS users are expected to have this feature available to their Maps application this month.

Image Source: Google | https://www.blog.google/technology/safety-security/keeping-privacy-and-security-simple-you/

 

YouTube is receiving an update as well, with users now able to choose when the app will automatically delete accumulated history. You can choose to keep your watch history for three or 18 months, or just choose to keep the data until you delete it manually.

Google Assistant is also getting an update that allows users to delete any saved voice data. By saying phrases like “Hey Google, delete the last thing I said to you,” or “Hey Google, delete everything I said to you last week,” to your device, Google Assistant will delete its “Assistant Activity”. Deleting voice data from a while back would require you to go into account settings.

After it was revealed that actual people could listen to voice recordings for the purposes of improving voice assistants, Google, Amazon, and Apple all took action to remedy the privacy situation. Alexa, for instance, was implemented with the option for consumers to choose whether recordings will be reviewed. Two months ago, Apple also stated the suspension of its Siri grading program which similarly recorded user audio. The company commented on how they would incorporate consumer participation choice in the grading program with a future update. 

Image Source: Google | https://www.blog.google/technology/safety-security/keeping-privacy-and-security-simple-you/

 

This Google Assistant feature is expected to be released in all languages by next month. The English commands will be available this month. 

Lastly, Google had released Password Checkup within its Password Manager tool. The Checkup feature notifies its users if their passwords have been compromised from a data breach, weak and need to be strengthened, or whether a password has been reused. Google will be adding this tool to Chrome soon, but users can still take advantage of the feature at passwords.google.com.

Cybercriminals Impersonate These Well-Known Companies in Phishing Emails

Suspicious emails coming through to your mailbox? Does the email claim to be from Microsoft and need your login information to fix an unfounded issue? Cybercriminals increasingly send victims emails such as these, impersonating large-scale companies to appear legitimate, and it’s not only Microsoft impersonations. From Facebook to Amazon, to Paypal and Netflix, it’s a good idea to double check where those emails are actually coming from.

Cybersecurity company Vade Secure conducted an analysis of companies that were most impersonated and found that Microsoft was one of the most used brands in phishing schemes, with an increase of 15.5% since the previous year. Due to the popularity in Outlook mail and Office365, Microsoft is a widely popular impersonation target. With businesses and corporations relying on Office365 for keeping restricted and sensitive files, hackers look for any means necessary to get their hands on such valuable information. Access to Office365 accounts can also open more doors for targeting other users to gain access to more accounts. 

Illegitimate emails claiming to be from Microsoft ask users to log in via a link provided by the hacker and open up a spoof page that mirrors the actual website, prompting users to input their login credentials and submitting it to the cybercriminal.

Paypal comes out as the second most common company to be used in phishing schemes, as the brand is easily recognizable by many. While Paypal still remains a popular choice in targeting victims with fake emails, malicious URL targeting has been declining.

The third most popular company to be used in a phishing attack is Facebook, as Vade Secure tracked a 176% increase in fake URL use to target users’ social media accounts. The social network acts as a perfect opportunity for hackers to send phishing messages to victims’ friends. Facebook access can particularly be harmful if victims have third party applications connected, to which cybercriminals can also access. 

The report further lists other brands like Netflix, Bank of America, and Apple that are also used in these emails. Amazon is now the eighth most popular brand for phishing use by hackers, and its use has grown over 400% in just a year, this likely due to the popularity in Amazon Prime Day and the extensive number of shoppers on the site. 

Phishing attacks are continuously utilized by hackers due to the cheap and easy way it reaches a mass of users. If you receive any such suspicious emails in your inbox, mark it as spam immediately. If you are ever unsure about your account, log in through the company’s official site instead of clicking on malicious email links.

Hackers Gained Access to Sprint Customer Accounts via Samsung Site

Image Source: iStock.com/TennesseePhotographer

As reported on Tuesday, July 16, Sprint has confirmed that a data breach took place through  Samsung’s website, in which hackers were able to access customers’ accounts. There is no detail on how many of such accounts were breached through this occurrence.

The data breach took place on June 22nd, to which Sprint had notified consumers that information such as first and last names, billing addresses, phone numbers, account numbers and more were compromised. According to a statement provided through their website, Sprint stated how the information collected by hackers does not allot for the possibility of fraud or identity theft to occur. After the breach, Sprint had “taken appropriate action” in securing customer accounts to avoid another mishap such as this from happening again. The carrier company also noted how fraudulent activity has yet to be detected. 

On June 25th, Sprint had reset its customers’ Personal Identification Numbers (PINs) in case hackers had breached consumer accounts through PIN. Hackers could have likely gained access to account PINs via a Boost Mobile breach that occurred back in March (Boost Mobile uses Sprint’s network). 

Sprint’s spokesperson emailed CNET stating that “credit card and social security numbers are encrypted and were not compromised” when the data breach happened. Another spokesperson from Samsung had stated that fraudulent activity was detected through hackers using Sprint account information on Samsung’s main website. The spokesperson continues: “We deployed measures to prevent further attempts of this kind on Samsung.com and no Samsung user account information was accessed as part of these attempts.”

Cybercriminals Are Using Domain Fraud to Trick Victims into Using Forged Websites

Cybercriminals are using top level domains (TLD) to their advantage, performing domain fraud in the hopes of directing user traffic towards their own registered sites. Domain fraud happens when hackers register a domain that is made to look legitimate by using, for example, typos in the site name. The domains are meant to imitate real company names.  

In the instance of typo use, these lookalike domains replace letters that are easy to go unnoticed without a second glance. For example, cybercriminals can replace “m” with  “r” and “n” combined and easily trick site visitors into thinking the domain is legitimate. These illegitimate sites with typo-registered domains can be used for phishing schemes in which a hacker may attach their domain link to an email made to look like it came from a real company source. After clicking on the link, victims would be directed to a fake site that asks for users to log in, thereby allowing hackers to steal sensitive credentials. Cybercriminals also use their fake sites for other means like selling counterfeit products of a well-recognized brand. 

Researchers at Proofpoint noted how there has been an 11% increase in malicious domain registrations in 2018, with retail brand sites the main target for such domain fraud. 96% of organizations as part of Proofpoint’s customer base had noticed that their domains were copied as is, with the only exception being the domain name extension change (i.e. .net, .co, .info). 

Due to the extensive variety in domain name extensions, cybercriminals have found it much easier to register domains that copy actual business sites or brand names. Alongside this, the European Union’s General Data Protection Regulation allows privacy for domain registrars thereby making it much more difficult to track cybercriminals. 

Cybersecurity experts warn users to always check the URL for a safety certificate – in which HTTPS is used rather than HTTP – to ensure a fraudulent site isn’t used. However, hackers can always use safety certificates to their advantage, posing their site as one that is legitimate. In this case, it’s always best to double-check the URL spelling or do a quick search on Google to find the actual company site. 

Instagram is Testing New Feature That Can Help Users Combat Hackers Stealing Accounts

Image Source: iStock.com/bigtunaonline

Instagram is working on putting user account security at a high priority by making it more difficult for hackers to steal accounts to hold them hostage for ransom or sell for high profit.  

Hackers are after big influencer accounts in a scheme reported by Motherboard which involves cybercriminals targeting big name Instagrammers. The attack works through an email link that – once clicked – directs users towards a fake Instagram login page. Once a hacker steals the login credentials and has access to the account, victims are unable to sign-back in or regain access to their own profiles, as hackers change both the recovery email address and phone numbers associated with the account.

Instagram had previously acknowledged the problem of users having difficulty in accessing their accounts, to which the company had advised in setting up two-factor authentication as well as implementation of stronger passwords, but adding these extra steps of security doesn’t exactly help when a cybercriminal has already accessed an account. Phishing links have been used as a primary means of tricking influencers into signing into bogus login pages made to look authentic. Furthermore, if an influencer has used the same account credentials that were previously involved in a data breach elsewhere, cybercriminals can use this information to their advantage to gain access to an account

After users have long complained about Instagram’s lack of responsibility and initiative in taking care of the hacker issue, the company recently announced new ways of combating this ransom tactic.

If a user can’t log in to his/her page, Instagram gives one the option of sending a six-digit authentication code to the account’s original phone number or email address that was used when the account was first created. Any other devices used by hackers that are logged in will be logged out, allowing a user to recover their page by resetting their email and password. This feature is currently under testing. 

Image Source: Instagram

 

Instagram has also promised to bring another feature – one already available for Android users – to iOS. The feature allows a user to change their Instagram handle while also allowing one to maintain their previous handle for 14 days. This upcoming update is meant to deter any hackers from taking popular usernames to sell for profit. After the 14 day period is over, the username becomes available for anyone to use.

Father’s Day Tech Gift Guide 2019

Finding the perfect gift for Dad this Father’s Day doesn’t have to be a challenge. Our 2019 Father’s Day Tech Gift Guide can help you make the right gift choice he’ll surely appreciate! We’ve compiled a list of tech tools from headphones to smart gadgets Dad will love to use at home or on-the-go!

Check out these cool tech products below! Each product has been linked to make ordering Dad’s gift a breeze. 

Image Source: Amazon

ANKER PowerWave Wireless Charger

Price: $22.79

Does Dad need a power up for his phone? Why not get him the ANKER Wireless Charger stand? With this gift, he can recharge his phone while making sure his phone screen is in clear sight so he’s not missing a message from you.

Image Source: Amazon

DJI Spark Portable Mini Drone

Price: $335.00

Who wouldn’t want to fly a drone? This cool DJI Spark Portable mini drone will allow Dad to take aerial photos and videos and get creative using the products app!

Image Source: Amazon

Sony Alpha a6000 Mirrorless Digital Camera

Price: $498.00

Want to help Dad capture memorable moments? Get him the Sony Alpha Mirrorless Digital Camera to take photos in high resolution and full HD quality.

Image Source: Amazon

Sony Noise Cancelling Headphones WH1000XM3

Price: $298.00

Set aside the Beats and get Dad these Sony Noise Cancelling Headphones to make sure he doesn’t miss one one beat of his favorite music. These headphones are said to have a “virtually soundproof experience”.

Image Source: Amazon

Sennheiser Momentum True Wireless Bluetooth Earbuds

Price: $299.94

Want to get Dad something smaller but just as powerful for listening quality? Check out these Sennheiser Wireless earbuds that promise exceptional clarity in music sound.

Image Source: Amazon

VANKYO Leisure 3 Mini Projector

Price: $89.99

If Dad loves to watch is movies, this Vankyo Mini Projector is the right gift for him. This Father’s Day relax with Dad outdoors or indoors by easily connecting your device to this projector to play all his favorite films.

Image Source: Amazon

Fitbit Ionic Watch

Price: $199.95

If Dad loves to get fit and keep track of it, get him the Fitbit Ionic Watch! The Fitbit Ionic can track your heart rate, activity, and sleep patterns.

Image Source: Amazon

Pocketalk Language Translator Device

Price: $299.00

Does Dad do a lot of travelling? The Pocketalk can help him break down the language barrier. This onscreen device can translate up to 74 languages and offers real-time translation.

Image Source: Amazon

Logitech Keys-to-Go Ultra-Portable, Stand-Alone Keyboard

Price: $45.99

This keyboard is perfect if Dad needs to do a quick type-up with any of his iOS devices. This Bluetooth keyboard is both dirt resistant and portable.

Image Source: Amazon

Echo Show 5 – Compact Smart Display with Alexa

Price: $89.99

If Dad needs a screen assistant, why not get him the Echo Show 5? This device comes with smart home controls, can help Dad stay updated on the latest weather, news, and game reports, and video call you when he can.

Image Source: Amazon

Eufy Smart Scale

Price: $44.99

This scale does more than just measure weight – it can give Dad a full insight on his BMI, Muscle Mass, Bone Mass, and more! He can even keep track of things using Apple Health, Google Fit, or his Fitbit.

Image Source: Amazon

Apple iPad Pro (11-inch, 64GB)

Price: $749

Help Dad get creative with the latest iPad Pro from Apple. With complete Liquid Retina display and a device that allows for multitasking, Dad can get all his work done and still have time to catch the game with you.

iOS 13 Features iPhone Users Can Look Forward To

Image Source: Apple.com

This year’s WWDC Conference showcased Apple’s newest features for the upcoming iOS 13 update set for release this Fall. A bunch of new tools are on the way, including a dark mode, swipe-able keyboard for easy texting, photos application redesign and plenty more.

Here are some updates all iPhone users can look forward to with the new iOS 13 software:

DARK MODE

One exciting feature – dark mode for iPhone – will allow users to switch to a visually appealing dark aesthetic that’ll be great for using your phone during nighttime. Dark mode appears to be implemented across the entire iOS system as demonstrated in apps such as music, photos, maps, and calendar.

Image Source: Apple.com

SWIPE-TO-TEXT KEYBOARD

iPhone users are well aware that swiping for text writing was essentially nonexistent…until now. Apple unveiled the swipe-able keyboard, calling it “QuickPath Typing”, which is said to work just as well as regular keyboard tapping. The QuickPath typing feature also comes with spelling suggestions as well.

Image Source: Apple.com

PHOTOS AND CAMERA APPLICATIONS

Apple’s iOS update also brings new features of photo editing to its photos application, allowing iPhone users to change light intensity in portrait lighting, for example. Other editing features include vignette, vibrance, and noise reduction. Users can also change video orientation if a video was shot incorrectly.

Photos will also organize your images in a more easy-to-find design: by sorting photos by year, month, and date. As you scroll through your photos, live photo captures and videos also play.

FIND MY

Apple has combined two of its applications – Find My Friends and Find My Phone – into its new application named Find My. If a user loses his/her offline device, a secure Bluetooth beacon may be used to locate a missing or stolen phone.

SIGN IN WITH APPLE

Apple is adding a privacy feature – Sign-in with Apple – for apps that ask you to log in using an account. The purpose of this feature is to block any third party applications from accessing or tracking user data. Authentication of user credentials during app logins will be done through Face ID check through using Sign-in with Apple. Users also have the option of hiding their email address and instead using Apple’s randomly generated email that will forward information to your actual email address, thereby limiting any application’s access to your real email.

Apple also added a feature to block location tracking via WiFi and Bluetooth.

SIRI VOICE UPDATE

The newest iOS promises a more natural sounding Siri voice assistant, as Apple has used AI to smooth out Siri’s voice responses with less speech gaps.

To view more iOS 13 features, check out Apple’s iOS 13 preview page here.

Boost Mobile Customer Accounts Breached by Hackers

Sprint’s mobile network Boost Mobile recently admitted to hackers having breached their customers’ accounts through their main website. The data breach originally occurred back in March and was only recently announced.

A website notification was posted to which the company stated that their site “experienced unauthorized online account activity [and that] an unauthorized person accessed [user] account[s] through [their] Boost phone number and Boost.com PIN code.” The company’s fraud team noted how the incident was quickly taken care of through “a permanent solution [that was used] to prevent similar unauthorized account activity.”

According to TechCrunch’s communication with a Sprint spokesperson, Boost Mobile had encrypted any social security or credit card information, leaving such sensitive data uncompromised in the data breach.

Due to the breach affecting a large consumer base of over 500 people, the company had to notify the California attorney general through written notice.

Through access to Boost Mobile’s user account names and PINs, hackers can utilize a type of cyberattack known as credential stuffing to automate and send login requests on the Boost Mobile site to access consumer accounts. The company has already sent a text with a new temporary PIN to those affected by the breach. Users can log into their accounts with the link provided in the text message in order to set a new PIN code. Boost Mobile recommends users reset their PINs if they have not done so already.

In the meantime, the company has also recommended that customers regularly check their Boost Mobile accounts for any fraudulent activity and to report any identity theft or fraud to consumer credit reporting companies.

FBI Takes Down Dark Web Site Deep Dot Web

Image Source: TechCrunch

The FBI has recently seized a dark web site and marketplace, Deep Dot Web, and has arrested several suspects thought to have connections to the site’s marketplace. The agency posted their notice on the website, revealing their warrant for the domain seizure.

Authorities arrested two individuals in Israel as well as others in France, Germany, and the Netherlands. The administrator of the site was taken into custody in Brazil. Those arrested in Israel were accused of helping facilitate weapon purchases and drug distributions via Deepdotweb dark site referrals as reported by The Times of Israel.

Admins of the website made millions from referring other users to purchasing illegal items on other sites.

This website take down comes after the Wall Street Market – another large scale dark web marketplace – was shut down by authorities in the U.S. and Germany. The marketplace was said to harbor illegal drugs and weapons as well as stolen user credentials.

Augmented Reality Tech is Coming to Google Search

Google’s I/O developer conference had some interesting technological reveals this week, one of them including Augmented Reality technology that will be brought to Google Search.

During the conference, Google demonstrated different examples of how the new search function would operate. For instance, if a user were to search “great white shark”, an option to use your camera for a 3D model will be available for a more immersive experience. 3D objects can be viewed in your own space to give a sense of what the object would look like in detail.

Image Source: TechCrunch via Google; Image showing AR of human muscular system

Google CEO Sundar Pichai explained that the company’s “goal is to build a more helpful Google for everyone,” and to help “[get] things done.”

Brands may also be able to take advantage of the AR search experience by providing a digital view of products for consumers. The AR search result could help unsure consumers in making a decision to purchase a particular product when previewing it in better detail.

There is no word on how many 3D models will be available to users or whether other publishers can contribute to the AR search with their own models.

The new AR features are expected to roll out by the end of this month according to a twitter post by Google.