Safe Online Dating

My Post

Online dating is a great way to connect with people. Throughout the history of the internet, it has gotten better and better. Most millennials meet their partner online compared to other ways of meeting new people. It’s quicker and easier than ever, where a date with a new person can be arranged within an hour’s notice through your smartphone.

How We Can Help

Despite the concerns that may be raised with some of the risk-related content in the article, online dating overall isn’t a bad thing nor is it something to fear. You can be immensely rewarded and fulfilled by it, and many happily married couples have their origins online. The only thing is, that you have to educate yourself on the environment. Dating online has a different range of risk factors than, say, meeting someone at a nightclub, but just like monitoring your drink in that example, there are steps you can take to avoid being taken advantage of.

We at Centry have been inspired to help people like you after hearing so many stories of online dating gone wrong. We believe you can find something real if you go about it mindfully. So, we are happy to announce that we have opened up an identity verification service called Date Check Online that provides three different levels of private checks to make sure that the person you are talking to is who they say they are. These checks are performed by investigative professionals who have been trained to spot red flags and have data sources available to them to search names against known sex offender registries and watchlists, so it’s a smart way to support your initial Facebook sleuthing if you have a funny feeling about someone.

The Risks

New technologies and phenomena often bring with them concerns that need to be addressed. With the ease of availability comes volume, and, as in any kind of risk management, with increased volume comes increased risk. Online dating can be immensely rewarding, but it should be conducted responsibly; individuals should be aware of their personal safety concerns and online dating risks should be managed accordingly.

Misrepresentation and Catfishing

Misrepresentation is always a risk with online dating, whether it’s something like hiding the fact that someone is married or using a photo on the profile that doesn’t accurately reflect their appearance. It’s so easy to lie behind a digital barrier that you never really know who the person is that you are talking to until you meet them, and even then there could be facts that haven’t been disclosed.

When misrepresentation is deliberate to the point of falsifying an identity, it’s called Catfishing.

It’s a term that refers to situations where someone has been involved in an online romance under the guise of a fake persona. Oftentimes these people will take images of attractive men or women from Google Image Search, come up with a fake name, and create life stories for these personas in order to take advantage of the people who fall for them.

We have all heard of the horror stories of grown  men using these fake personas to take advantage of young girls, but this concept exists across all genders and can affect anyone.

At best these circumstances result in broken hearts and feelings of betrayal when the lie is discovered, but they could also cost you your life savings. Huffington Post reported on a 69 year old woman in Florida who spent two years in a relationship with an individual that ultimately ended up abusing her trust to make money. Over the years of their relationship and phone calls and texts, she had funneled him roughly 1 million USD for the purpose of what she believed was to help him run his business.

Action Fraud reported that targets of romantic fraud lost approximately 41 million GBP in 2017. This number is likely also only the tip of the iceberg, especially considering that it can be humiliating to be taken advantage of in such a way, which can discourage victims from coming forward about their experiences.

Greater Risks for Women

The risks with online dating are greater for women, considering worst case scenarios such as physical or sexual assault, trafficking, or worse. While things like this can also happen to men, statistics for these crimes are heavily skewed toward female victims and that fact cannot be ignored.

This is all the more difficult considering that a number of dating websites perform no screening whatsoever on people who sign up for it. Which means that registered sex offenders can sign up– and approximately 10% of sex offenders use online dating sites.

Online Dating as a Business Risk

For businesses, online dating is a relevant factor that can affect several risks. It is so prevalent that the odds are that someone around you is participating in it. In your technology reliant workplace, most employees feel it is important to have their smartphones with them all the time, and the honeypot tradition has its roots in a long history of espionage. An online romance is a shortcut vector for red teams to breach your company’s security. Other concerns may elevate risk in business travel: online dating apps have been known to be used to lure victims into situations where they can be easily robbed.

While we think that implementing dating controls to your corporate policies is a bad idea, we urge individuals to think about how your personal communications may have have an effect on your professional security. Business is also a great analogy for online dating: as an entrepreneur you would have to take risks that could have negative outcomes, however, with the right planning, the positive outcomes are much much more likely and the impacts of the negative ones are minimized.

Safety, responsibility and integrity considerations aren’t hindrances – they are success enablers. As we always recommend, trust your instinct, and use resources provided to you.

Feel free to reach out to us on any of our social media platforms or on the Date Check website if you have any questions or comments!

For more content like this, please subscribe to Centry Blog. This article was written by Kristina Weber and Oskar Savolainen of Centry Global.

Common Security Dos and Don’ts

internet screen security protection

Photo by Pixabay on Pexels.com

Security vulnerabilities pose a major threat to organizations. Breaches can be costly both in terms of finances and reputation. So what are some ways that businesses can take initiative in protecting themselves against some of the most common security threats?

Do screen job applicants and third parties

Comprehensive background checks and due diligence are extremely important to getting the whole picture of an applicant or a third-party business relationship. Without going through this process, you expose your business to countless threats.

Typical background checks may verify an applicant’s residence and professional history, where a comprehensive investigation including social media can identify more subtle connections that would alter the risk recommendation. If your business does not have the resources to do this on its own, we can help you with our team of professional investigators. Don’t hesitate to reach out!

For more on this subject, be sure to read our article on The Significance of Background Checks in Business.

Do come up with a robust security policy

Your organization’s security policy should cover procedures for preventing, detecting, and acting upon misuse, as well as guidelines for conducting due diligence. These should be crafted with a plan for investigating insider breaches as well.

A good security policy also contains risk management processes. Check out our guide here on the basics of forming a risk management plan.

Don’t overlook the threat of malicious emails

Your organization might go to extremes to secure their email system, and yet it remains one of the most vulnerable links in the chain. All it takes is for one person to inadvertently click on an malicious link or attachment to infect all the computers in the office.

A good rule of thumb is to never open a link or attachment if you don’t recognize the sender, and ensure that your employees are trained in recognizing this type of scamming/phishing behaviour. For help in training your employees on this, don’t hesitate to reach out to our cyber security team.

For more content like this, subscribe to our blog for regular updates in the security industry. If you have any questions or comments, feel free to reach out to us on Twitter @CentryLTD

Centry Opens New Office in Mexico City!

el-angel-de-independencia--mexican-landmark-552812595-59863bb2519de2001116a0d0

We are pleased to announce the expansion of Centry Global to Mexico!

Our new office is now open, located on the 17th Floor Torre Magenta, Paseo de la Reforma 284, Colonia Juarez, Distrito Federal, Mexico CP 06600.

new office.PNG

As an international security company, our work takes us across the world. With the opening of this office, we are now able to better serve our clients in the region.

At Centry, our focus is to develop long-term, communicative working relationships to provide you with the best resolutions to your security challenges. While our combined expertise primarily revolves around security and risk management, you will find among our ranks professionals in corporate and private investigations, fraud control, and experts in programming, software development, and more.

We look forward to meeting and working with more clients across Mexico. Please don’t hesitate to contact us!

📧 info@centry.global 📱 +52 55 4739 2665

 

Typosquatters

Man typing

Of all the myriad of ways that we can be duped, scammed, or otherwise taken advantage of on the internet, “typosquatting” remains one of the easiest to stumble into.

Perpetrators of this scam will purchase site domain names that are very similar to popular pages that people visit, usually by changing the .com part of the web address to .cm. This preys on people who make typos, which is, suffice to say it – all of us.

These duped sites can range from being pop-up laden cesspools riddled with viruses or malware, to near-replicas designed to fool users into inputting login information that can be manipulated later.

So, who is doing this? While these types of tricks can occasionally be tied down to lone actors (given how easy it is to obtain a domain name), KrebsOnSecurity identified the marketing firm Media Breakaway LLC to be behind more than 1500 of these false .cm domains. The company is headed by one Scott Richter – a convicted felon who has been the target of several successful lawsuits for illegal spamming. Other companies related to Richter include Dynamic Dolphin and affiliate[dot]com, also related to email spam.

Just how many people are falling victim to these scams? More than 12 million in a 3 month time frame – amounting to a potential of 50 million per year, according to an analysis conducted by Matthew Chambers. Several of these visitors additionally were found to be coming from .gov and .mil sites in the USA, which are the official federal government and military domains. Many popular news sites, social media, banking, and music streaming sites have these malicious doppelgangers.

The actionable item to protect yourself in this situation ultimately boils down to a matter of double-checking the web address before you hit enter, or bookmark your most commonly visited sites.

For more information on this subject, feel free to reach out to us @CentryLTD on Twitter or any of our other social platforms.

Supply Chain Security Introductory Guide

architecture-bay-boat-326410

Having a secure logistics supply chain can save your company millions in terms of assets and reputation, and here at Centry, we have the know-how to help you. Two of the biggest certifications that we offer consultation on in our supply chain security program include the Authorized Economic Operator (AEO) authorization and compliance with security standards of the Transported Asset Protection Association (TAPA).

What is AEO?

The Authorized Economic Operator (AEO) Program is an initiative of the European Union geared toward securing logistic supply chains against trafficking and financial fraud. Being an Authorized Economic Operator is beneficial – it is an open declaration that your company has a lower risk and threat evaluation.

Basically, traders who meet the criterion of the program are entitled to enjoy benefits of trade in international supply chains. Some of these benefits include things like easier admittance to customs simplification programs, fewer physical and document-based controls, priority treatment if selected for control, and reputational advantages such as recognition as a safe and secure business partner, improved relations with customs and gov’t authorities, and reduced theft and losses.

What is TAPA?

When you become a member of TAPA, you are taking a stance for your company with an internationally recognized leader of the fight against cargo crime. TAPA is a worldwide coalition of manufacturers, shippers, carriers, insurers, service providers, law enforcement, and government agencies. It is inclusive of every type of organization or company facing the problem of cargo crime within the transportation supply chain.

TAPA security requirements have expanded to global recognition as the industry standard for cargo facility and transport security, notably:

  • FSR (Freight Security Requirements)
  • TSR (Trucking Security Requirements)

These standards exist to help TAPA members reduce losses, and to provide a platform for more uniform conformance with state of the art security. Carrier hubs and depots that are TAPA certified guarantee with minimum security standards for manufacturers, and they are suitable for inclusion in contractual agreements.

Centry was recently appointed to be the TAPA Service Center in Thailand, becoming the main TAPA service provider in the country, supplying our services also to the general region of South East Asia.

Our supply chain security team supports organizations that are interested in enhancing the resilience of their supply chains by applying for international certificates and authorizations.

Who Can Benefit from this? ​

Our program is suitable for both organizations who are just beginning the journey toward a more secure supply chain, and organizations that have an established security resilience culture, but wish to improve it with objective knowledge. In order to ensure that the efforts of the organization receive the recognition they deserve, we support our customers in complying with the requirements of AEO, C-TPAT, ISO 28000, TAPA FSR and TSR certificates and authorizations.

Where to Begin

For businesses looking to begin the journey toward securing their supply chains, we provide our full spectrum of services that are aimed at guiding the customer through the whole process of certification and security– from preliminary discussions to the maintenance phase of the security management system.

Our primary objective is to support the creation of a system that suits the existing culture and processes of the organization. This begins with determining the desired outcome for the program, followed by examining the operations to understand the business and pinpoint the critical areas. When the key areas have been identified, we provide our expert knowledge to comply with the requirements of the certificate or authorization. This includes system upgrades, creation of documents, training of staff and third parties, inspections of third parties and ensuring compliance with internal requirements.

How to Extend Your Knowledge

For an organization with established security resilience culture, we provide objective and up-to-date knowledge and services regarding supply chain security. The service can be directed to specific issues or give an overarching view of the whole organization. It ensures that the team tasked to ensure supply chain resilience has the up-to-date information regarding key topics and solutions required to enhance the main business. The services we provide include: site and system assessments to ensure compliance with requirements, workshops and training sessions for key stakeholders, classroom sessions for larger crowds, e-learning solutions to ensure global coverage and intelligence services to clarify the opportunity and threat profiles for business objectives and areas.

As global supply chains involve long subcontracting chains, we provide third-party monitoring solutions. We conduct assessments and investigations on behalf of the organization to their third parties for an objective compliance evaluation against any security requirements.

All of these services can be included with Centry’s Security Manager as a Service -package. With it, the organization has the up-to-date knowledge available, when it is required.

If you have any questions or comments, feel free to contact us at info@centry.global.

Bulgarian-Swiss Business Connection

My Post

Last week, Centry supported the “Promoting business partnerships with Switzerland” forum, organized by the Bulgarian-Swiss Chamber of Commerce (BSCC) in cooperation with the Chamber of Commerce and Industry (CCI) Stara Zagora.

The main objective of the forum was to boost and develop business relations between Bulgarian and Swiss companies such as those already part of the BSCC Partnership Platform and other Bulgarian producers and service providers who plan on working with Swiss companies.

The information presented on Bulgarian-Swiss business relations issues and the role of BSCC in establishing sustainable partnerships between these companies served as the foundation of an interesting discussion during the event.

1.PNG

For more information about the forum, please follow this link to the BSCC website! If you have any questions or comments, feel free to reach out to us on any of our social media platforms.

 

Valid Concern or Tap Anxiety? An Evaluation of Amazon’s Alexa Recording

406213-amazon-echo

Alexa’s Infamous Recording

A couple weeks ago, a family from Portland, Oregon reached out to Amazon to investigate after they said that their home assistant device, “Alexa”, had apparently recorded audio of a conversation the couple was having and sent it to an acquaintance of the family who’s phone number was in their contact list. The acquaintance, a work colleague, immediately contacted the family to let them know that he received the recording, and told them to turn off their devices.

This led to a media frenzy, where countless sources questioned the security of home assistant devices, likening them to Orwellian wire-taps.

So, how did this happen?

When the family contacted Amazon concerning the incident, an engineer investigated the logs of the device and was able to confirm the recording and subsequent sending. The engineer suggested that the entire issue was a result of the device misinterpreting the sounds of the distant conversation as commands to record and then send the message.

The company’s official statement was:

“Echo woke up due to a word in background conversation sounding like “Alexa.” Then, the subsequent conversation was heard as a “send message” request. At which point, Alexa said out loud “To whom?” At which point, the background conversation was interpreted as a name in the customer’s contact list. Alexa then asked out loud, “[contact name], right?” Alexa then interpreted background conversation as “right”. As unlikely as this string of events is, we are evaluating options to make this case even less likely.”

Is this something to be genuinely concerned about?

In short, not really: the coverage of this situation was greatly sensationalized.

If you have ever “butt-dialed” someone from your mobile phone, this is not very much different of a circumstance. Accidental activation leads to a call or command.

Anyone who has one of these devices has probably heard it pipe up unprompted, whether it was from a distant conversation, the TV, radio, computer, etc. It’s important to remember that home assistant devices like Amazon Echo and Google Home are still first generation pieces of technology – they are learning on the go, and there is bound to be a few hiccups along the way. Human speech interpretation is very hard.

Both devices have large, easy to see indicators of when they are listening for the keyword. Alexa has a bright blue circle that illuminates on the top, and Google Home also lights up.

However, if you are still worried, here are a few steps you can take:

  1. Turn on command tones in the app. This makes the device “ding” when it hears the keyword, letting you know that it’s actively listening.
  2. Don’t ignore it when it speaks– tell it to stop. Otherwise, it could continue mishearing commands.
  3. Protect your WiFi network. These devices are only as secure as the network they connect to.
  4. Check in the app to see if there are any stored recordings, and delete them.

If you have any questions or comments, feel free to reach out to us on any of our social media profiles. For more content like this, subscribe to Centry Blog for weekly articles!