Tagged: 2FA Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 8:00 am on July 26, 2021 Permalink | Reply
    Tags: 2FA, , , , ,   

    Bank scam targets gig economy workers 

    Bank scam targets gig economy workers

    By Greg Collier

    For better or worse, millions of people have turned to work in the gig economy either as their primary income or as a secondary source of revenue. The gig economy is where people work for non-traditional companies as independent contractors. For example, if you drive for Uber or Lyft, or deliver for Grubhub or DoorDash, you’re part of the gig economy. Working as an independent contractor for any one of these types of companies already comes with its own pitfalls. Many say that the companies are already taking advantage of their workers by removing protections that many traditional jobs have. If that wasn’t bad enough, scammers are now targeting gig workers’ bank accounts.

    A DoorDash driver from North Carolina was recently a victim of this scam, where he ended up losing $1,000. While making his rounds, he received a phone call from someone claiming to be from DoorDash. They told him to pull over somewhere safe and then said that the driver’s DoorDash account had been compromised. The scammers were even able to give him details from his own account. The scammers then instructed the man that they were going to send him an authorization code to save his account. All he had to do was tell them the code, which the driver did. When he went to get his payment from his DoorDash account, he discovered that the scammers had directed his payment away from his bank account and into theirs.

    Authorization codes are usually sent to customers of whatever service if they need to make a change to their account. This is part of what’s known as two-factor authentication. If someone is claiming to be a representative of that company, they won’t need an authorization code to make changes or protect your account, as they already have your information. This affects everyone too, not just gig workers, as many of the services we rely on every day require authorization codes to access them.

     
  • Geebo 8:00 am on October 21, 2020 Permalink | Reply
    Tags: 2FA, , , , , ,   

    A Cash App scam that could happen on the street 

    A Cash App scam that could happen on the street

    Most scams that happen on payment apps like Cash App happen online. However, we just came across one that happens on the street.

    The report we found about this scam comes out of Nashville, Tennessee but could happen in any city. In Nashville, the city is known for its music scene so there are a number of street musicians looking to get their name out there. There are also a number of scammers looking to take advantage of those interested in the music scene.

    The scammers will pose as a street musician and will approach a victim. The scammer will ask for the victim’s phone so they can pull up their music video on YouTube. Instead, the scammer accesses one of the victim’s payment apps like Cash App, Venmo, or PayPal and sends the victim’s money to themselves before fleeing the scene.

    While this particular approach may be exclusive to Nashville or any other city with a vibrant music scene, this scam could happen anywhere. You could be approached by someone asking to use your phone for an emergency where instead of calling someone they could be draining one of your payment app accounts.

    There are several ways to protect yourself against a scam like this. First off, it’s generally a good idea to never hand your phone over to someone you don’t know. Secondly, most of the leading payment apps have security features that prevent other people from accessing your account on your phone. Known as two-factor authentication, you can have a PIN set up to open the payment app or you could use your phone’s fingerprint reader to access your account. When these features are enabled, it goes a long way in preventing others from accessing your accounts on your phone.

     
  • Geebo 8:04 am on October 21, 2019 Permalink | Reply
    Tags: 2FA, , , , , ,   

    Smart home camera hacked in baby’s room 

    Smart home camera hacked in baby's room

    A California CEO has written a column for The Mercury News where he relays the tale about how his smart home camera system was hacked. It is quite a rather harrowing tale as the digital vandals used the speaker on the camera in the baby’s room to harass the family’s nanny. The anonymous voice on the other end of the camera was using profanity and even threatened to come take the baby at one point. It wasn’t until all the cameras were disconnected did the harassment stop. The father later found out that this is a fairly common occurrence with internet-connected cameras, specifically the brand that he was using.

    The father then tried contacting the technical support arm of the corporation that manufactures the cameras and was on hold for over an hour. He also received emails that continued to push the idea of two-factor authentication to keep out would-be pranksters. The father was not satisfied with this response and has vowed not to use this brand of camera ever again. His outrage can be understood especially for parents with young children because you can never truly know who is watching your home while you’re unaware. A more sophisticated criminal could use such information gleaned from home cameras to tell when a home may be vulnerable to being robbed.

    While the camera maker’s customer service may sound a little tone-deaf as far as the father’s mistrust is concerned, their advice about two-factor authentication is not wrong. 2FA, as it’s known, can go a long way in preventing these cameras from being hijacked. Also if you use the same password across multiple services you could be compromising your security greatly by making it easy for hackers to gain access to your devices. In this case, you may want to try some of the more reliable password managers out there. As we have said before, if you don’t take your internet security more seriously, it’s like having the most expensive lock that you just leave the key in.

     
  • Geebo 8:00 am on October 9, 2019 Permalink | Reply
    Tags: 2FA, , , , , ,   

    Twitter leaks phone numbers to advertisers 

    Twitter leaks phone numbers to advertisers

    We’ve mentioned two-factor authentication, or 2FA as it’s known, a few times lately. It’s the security protocol that has two or more layers of authentication that better secures your online accounts. The most common form of 2FA is through text messaging. For example, if you have 2FA enabled, when you sign in to an online account not only would you have to provide your password but you’d also have to provide a code that had been texted to you. While authentication sent through SMS texts isn’t the most secure form of 2FA it is better than nothing. However, thanks to so many platforms using SMS texting for 2FA it has led one platform to issue an apology recently.

    Twitter recently announced phone numbers that users had registered with them for two-factor authentication were used for targeted advertising. The numbers were used to match users to marketing lists provided by advertisers. In some people’s eyes, that goes against everything that 2FA is supposed to stand for. One security expert even compared Twitter’s practice to that of trying to secure a tent against bears by using raw meat.

    Like we said, While SMS text messages are the most common form of 2FA, they’re not the most secure. There are alternatives that you can use that are more secure. There are hardware keys that act as authenticators that can be used on both computers and mobile devices. There are also software alternatives that are free, that create something along the lines of a temporary secondary password that can be used for the second layer of authentication. This way, you won’t have to worry about even more robocalls from advertisers and other bad actors from plaguing your phone.

     
  • Geebo 8:00 am on September 26, 2019 Permalink | Reply
    Tags: 2FA, , , , , ,   

    When a smart home isn’t so smart 

    When a smart home isn't so smart

    Many people think that they are better securing their home by installing smart devices. These devices can range from anything from cameras to door locks and anything in between. These classes of smart devices are known as the internet of things or IoT for short. That means that these devices are connected to the internet so the user can control them from just about anywhere. The major drawback to IoT devices is that they can also be controlled by bad actors if the user isn’t careful.

    A couple in Milwaukee found that the hard way this week when someone was able to take control of some of their smart devices. The couple had a nest camera and thermostat installed. When one of them came home they found that the thermostat was set at 90 degrees. After that, someone started verbally harassing them through the speaker on their security camera. Even after the couple changed all their passwords the abuse continued until the devices were disconnected. The couple lays the blame at Nest, which is owned by Google, but the fault may lie elsewhere.

    It’s not hard to hack into IoT devices if the users are using the same password or weak passwords to secure their network and devices. Also, as we discussed with the recent YouTube hack, two-factor authentication (2FA) should also be enabled on these devices. While 2FA has its own flaws, it’s more secure than using an easily guessed password. These devices are designed to help protect your home, but if you’re not using 2FA it’s like having the most expensive lock that you just leave the key in.

     
  • Geebo 8:00 am on September 24, 2019 Permalink | Reply
    Tags: 2FA, , , ,   

    What you can learn from the massive YouTube hack 

    What you can learn from the massive YouTube hack

    Recently, a large number of YouTube channels with substantial subscriber counts had been hijacked by hackers. This way the hackers can sell the accounts to bad actors who can then potentially claim a channel with a large built-in subscriber base. It’s not easy to cultivate a successful YouTube channel. Some creators have spent years carefully growing their audience in a highly competitive market. To possibly see it all disappear in an instant could be a devastating blow to any moderately successful channel.

    The plot against some of YouTube’s creators was a coordinated phishing attack. Authentic looking emails were sent to creators asking them to log into their accounts. Like most phishing attacks, the creators were then directed to phony login pages where the hackers could steal their login credentials. The hackers could then assign the channels to new owners, locking the creators out of their channels. What’s particularly troubling about this attack is that it allegedly bypassed what’s known as two-factor authentication. 2FA, as it’s known, is the process of requiring a user to securely log in to their accounts using a two-step process that usually involves signing in with their log-in credentials then verifying their access request by replying to a text message. it’s believed that the hackers were able to intercept the 2FA messages.

    If you’re not using 2FA, you should be. While it’s not unhackable it does go a long way in stopping someone from accessing your sensitive accounts. While SMS text messages are the most common form of 2FA, they’re not the most secure, however, there are alternatives. One way of protecting yourself is by purchasing a hardware key that works on both your computer or phone that you have to have in your possession to access your accounts. There are also software approaches to 2FA like Google Authenticator or Microsoft Authenticator, both of which are free.

    Some of these YouTube creators may have lost their life’s work. With a more secure 2FA option you may not have to worry about losing anything important that you access online.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel