Suite online bookings aren’t so sweet, a WiFi warning and a Canadian university works to defeat facial recognition software.
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Wednesday June 6th. To hear the podcast, click on the link below:
The British newspaper The Sun is warning customers of the hotel and apartment reservation site Booking.com that scammers are targeting them with phishing messages aimed at stealing sensitive financial information. Users were sent WhatsApp and text messages claiming there had been a security breach, so they had to change their password. The message includes a link to click on. But the link is phony: It gives hackers access to bookings. Then they then send follow-up messages demanding full payment for holidays in advance with bogus bank details provided.
These appeared genuine as they included personal data including names, addresses, phone numbers, dates and prices of bookings, and reference numbers.
Booking.com insists its systems were not compromised, but said hotels it works with on a separate portal were. Customers will be compensated. The lesson to listeners is be careful of any messages asking you to click on a link to change your password. No legitimate organization sends you a link like that.
UPDATE: A media relations spokesperson for Booking.com said Wednesday The Sun article, is inaccurate. Properties, not customers, were phished. Customers weren’t asked to change passwords. They were sent messages asking for payment after properties had been phished. As this story notes, customers were were victimized will be compensated.
Are you going to soccer’s World Cup in Russia next week? If so, stay off the public WiFi. Kaspersky Lab analyzed 32,000 hotspots in the 11 cities hosting matches and found 22. per cent of them are unsafe. This means that criminals simply need to be located near an access point to grab the traffic and user data. The top-three cities with the highest proportion of unsecured connections are Saint Petersburg, Kaliningrad and Rostov. The security company’s advice for securely using public WiFi there is the same for anywhere in the world: Whenever possible, connect via a Virtual Private Network (VPN); do not trust networks that are not password-protected, or have easy-to-guess or easy-to-find passwords; turn off your Wi-Fi connection whenever you are not using it; and if you still want to use the Internet, try to limit yourself to basic user actions such as searching for information. Don’t log into a bank, social media or email. Your credentials could be compromised. Remember, it may eat into your data cap, but your safest wireless connection is through your cellular carrier.
Finally, advertisers and marketers hope to use facial recognition to hone the services they deliver to people. It makes sense considering the huge numbers of photos and videos uploaded to social media. You may find this creepy. If so, work done to defeat facial recognition by engineering researchers at the University of Toronto may be of interest. They created an algorithm that works like a filter that can be applied to photos you upload to protect privacy. It alters very specific pixels in an image, making changes that are almost imperceptible to the human eye. The image hardly changes but the facial recognition software is defeated. The solution is also said to disrupt image-based search, feature identification, emotion and ethnicity estimation, and all other face-based attributes that could be extracted automatically.
If it can be perfected, the team hopes to make the privacy filter publicly available, either via an app or a website.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.