Technology - working for us, working against us

May 29 2020
Simone Caron, IFPC

As we reach the tail-end of the isolation period, governments are looking to implement social distancing measures in public and the workplace As well as implementing contact tracing methods as isolation restrictions are faded out. Of course, a lot of us will still be working from home if we are able to and this period of isolation will have a lasting effect on many businesses and the economy as a whole. Many people find themselves without a job or living on a reduced salary, making people reluctant to spend money on luxuries - making scams offering free products or subscriptions all the more tempting.

Scammers are using whatsapp to lure people into revealing their personal data in exchange for false promises of free Heineken. Heineken has announced that they are not currently running any promotions and has urged consumers to ignore these messages and avoid clicking on any suspicious links. Heiniken has commented saying that in some cases, personal names of Heineken officers and the company’s logo are “copied and used for these purposes to give the impression that it is genuine. We have become aware that the HEINEKEN Company, the Heineken brand name and logo, as well as personal names of HEINEKEN officers, are being fraudulently used for activities in which HEINEKEN is not involved whatsoever.”

Whilst remote employees are hard at work, there have been concerns over cyber security issues as employees access their employers network from home. It seems rather that Google was saved by it’s employees working remotely as a gang of chinese hackers compromised Google and stole intellectual property, prompting them to develop a security-posture, treating all employees as remote workers which may cause the end of VPN’s as we know it. If Google got hacked - how protected are you? Google has shifted to a “zero trust access” approach called BeyondCorp that began in 2011 for internal use only. The system works using "phishing-resistant authentication like security keys" and works off the assumption that nobody can be trusted, no matter where they are connecting from, and those users are then allocated permissions to access only what they can be trusted with.

Apple has confirmed that there is a security risk in the iOS system involving the mail app. Zecopp’s report revealed the vulnerability despite Apple originally denying it, and stuck by their data, push back against the tech company and even found that attacks are easier to perform on iOS 13 than previous generations of iOS. For example, ZecOps explains that with iOS 12, an attacker requires the iPhone user details to open a malicious email. But with iOS 13, it can be triggered simply from the Mail app being opened in the background. Zecops reported that this security flaw has been used to breach device security on at least six separate occasions, as far back as January 2018.

Nintendo has also found itself under the spotlight as it announced 160 000 Nintendo accounts have been hacked of Nintendo Switch, Nintendo 3DS or Wii users. The breach occurred when users connected their old Nintendo 3DS and Wii U "Nintendo Network ID" (NNID) to the Nintendo Switch. Nintendo now uses a system called Nintendo Account, but the company allowed people with existing NNIDs to connect those to their new Nintendo Accounts. The company then announced that the NNID login will no longer be used on nintendo switch and sent out emails notifying users who’s accounts had been breached.

We see it as our duty to keep you informed of these scams taking advantage of the vulnerable and overwhelmed. Subscribe to our newsletter to stay informed.

Covid19, technology, pandemic, scams, fraud