Tag: z

Car-Hacking…

Posted on by Gail Eddy in GPS, Hackers

I read an interesting report released by Senator Markey last month.  His office was concerned that appropriate measures were not being taken to secure cars and trucks on American highways.  With most modern cars having built in WiFi, Bluetooth and other technology, they wondered what happened to the collected data, and how vulnerable the cars were to outside influence.  Turns out they were right to be concerned.

Here are their key findings:

  1. “Nearly 100% of cars on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.
  2. Most automobile manufacturers were unaware of or unable to report on past hacking incidents.
  3. Security measures to prevent remote access to vehicle electronics are inconsistent and haphazard across all automobile manufacturers, and many manufacturers did not seem to understand the questions posed by Senator Markey.
  4. Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time, and most say they rely on technologies that cannot be used for this purpose at all.
  5. Automobile manufacturers collect large amounts of data on driving history and vehicle performance.
  6. A majority of automakers offer technologies that collect and wirelessly transmit driving history data to data centers, including third-party data centers, and most do not describe effective means to secure the data.
  7. Manufacturers use personal vehicle data in various ways, often vaguely to “improve the customer experience” and usually involving third parties, and retention policies – how long they store information about drivers – vary considerably among manufacturers.
  8. Customers are often not explicitly made aware of data collection and, when they are, they often cannot opt-out without disabling valuable features, such as navigation.”

Most striking to me was this sentence:

“The diversity of responses received by Senator Markey shows that each manufacturer is handling the introduction of new technology in very different ways, and for the most part these actions are insufficient to ensure security and privacy for vehicle consumers.”

While it’s unlikely that a particular car will be targeted for hacking, the privacy issue is concerning to me. Read your manual or check with your dealer to see if there is a way to turn off data collection. It may be as simple as turning off your GPS feature, but check with your dealer to be sure.  If you have an older car without GPS, OnStar, Bluetooth, etc., you likely do not have to worry about this.

Here is the Press Release from Senator Markey’s office along with a link to the original report: http://www.markey.senate.gov/news/press-releases/markey-report-reveals-automobile-security-and-privacy-vulnerabilities

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

 

Gone Phishing

Posted on by Gail Eddy in anti-virus, eMail, Hackers, Phishing

No matter how tightly your computer is locked down, phishing continues to be an issue. Your anti-virus and/or email program will identify some of the culprits, but, because the phishers are always evolving, they can’t identify all of them. That’s why it’s important for you to be able to identify phishing attacks yourself!

What is “Phishing”?:

Phishing is defined very well by this Wikipedia article:

“Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.”

Phone Calls:

  • Your “bank” calls you to tell you about some unusual activity on your account and asks you to confirm your birthday.
  • “Microsoft” calls you to tell you that your machine is out of date or has a virus and asks if they can access your machine to “fix” it.

Emails:

  • Your bank sends you an email stating that someone has tried to access your online account. They’d like you to click on a link to prove that you’re you.
  • The IRS sends you an email saying you have a refund coming.
  • Yellow Pages needs to update your ad, when you’re not advertising with them.
  • You get an email from yourself. (This is common. I get a lot of emails *from myself* asking if I want to purchase a product!
  • Your insurance company asks you to click on a link for a new free service.
  • Here’s an example of a phishing email I got the other day. It’s from a person I don’t know who wants me to open a Google document. The email program I use, Thunderbird, shows me where the link included in the document will take me. Notice that it is NOT a Google website! (Google docs always start with https://docs.google.com/…and.then.the.document.file.name ) Even if you don’t use Thunderbird, you can still hover your mouse over the link and most email programs will show you the full link.20150206 example of phishing email

Listen to your spider-sense!

Even if everything looks okay, but you get a tingling sensation that it might not be, pay close attention. If you get *any* indication that the email is not from who it says it’s from, do some investigation. Is it supposedly from a friend? Call or text them and ask if they sent it? Is it from your bank? Call the number you have for your bank and ask!

Recent Phishing Scams:

IRS Warns of Phishing Tax Scams, Fake Emails

Anthem Warns Customers About “Phishing” Email Scam

Phishing Scam Spoofs BBB questionnaire; Businesses Warned Not to Click

Email Scam Alert from UC-Santa Cruz

What to Look For:

Every email & text that you receive should receive the once-over by you. Are you expecting that text / email / phone call? Are there misspellings? Are the links directed to where they say they are going? Is the grammar correct? Every unexpected phone call from an “authority” should be treated with suspicion until you’ve determined their authenticity.

Be Safe out there Folks!

Make sure your anti-virus is always up to date and be careful of what information you provide to third parties. (If you do happen to inadvertently download a malware program, run your anti-virus right away.)

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

 

Save