Fake Social Media Profiles: What to do if You are Being Impersonated Online

My Post (1)

Impersonation on social media is rampant; whether you know someone who have received a message from a fake profile, or you have found your own identity personated on some platform online, it seems that there are precious few degrees between individuals and fake accounts.

When account setup is as easy as inputting a name and email, it’s no wonder that these false accounts are everywhere. And they will continue to be created, unless social platforms integrate stricter terms for signing up.

For now, all of the bots/impersonators of the world can continue to thrive in account creation as easy as 1-2-3.

Insta1Good enough for Instagram.

So, what can you do to prevent this from happening in the first place? The short answer is, unfortunately, nothing. But you can address the issue after these fake accounts have been identified, and it is important to do so. At best, impersonators may be a minor nuisance. At worst, they could damage your online brand.

Fortunately, most popular social networks have processes to report false profiles. Without further ado, here is how you can take action.

Facebook

If you see a profile impersonating you or someone you know, here are the steps you can take to address it.

Navigate to the fake profile, and on the lower right corner of the cover photo, there should be a symbol that looks like facebook dots.PNG .  If you select this, a drop-down menu will appear, from which you can select ‘Report’ and follow the onscreen instructions.

If you do not have a Facebook account and wish to report a fake profile in your name, you can do so by filling out this form.

LinkedIn 

The process for reporting a fake profile on LinkedIn is very similar to that of Facebook. Like Facebook, LinkedIn has the three-dots symbol on its profiles that will enable you to select the option to Report/Block. Then, in the reporting pop-up window, you’ll be able to detail the impersonation under “What do you want to do?” > “Tell us a little more”.

Twitter

Twitter’s policy is complex because it does allow parody accounts so long as they clearly state that they are not the individual that they are parodying, however, you can still take action against fake profiles in your name by filling out this form.

Instagram 

You can report fake profiles on Instagram either within the app or by filling out a separate form, which will require you to provide a piece of government issued photo ID, such as your driver’s license or passport.

Finally, after going through the reporting process for the false profile, be sure to let your friends and followers know that this impersonator account is not real and that they should not click on any links coming from it.

This article was written by Kristina Weber of Centry. For more content like this, be sure to subscribe to Centry Blog for weekly articles and follow us on Twitter @CentryLTD!

Social Networks & Data Protection Policies

tree-200795_1920

In preparation for GDPR, a comprehensive EU data protection law, a few big-name social media companies have taken the time to review their privacy policies, making it easier for users to know where and how their information is being used.

Facebook has made some changes to its privacy settings in light of the Cambridge Analytica scandal and Mr. Zuckerberg’s congressional hearings. While it is not changing the information that the company collects from its users, it is making strides toward greater transparency on what that information is and how that is shared. It created a central hub with a more user-friendly interface to enable people to more easily see what data they are sharing and who can see it.

Additionally, the social network will make it easier for users to see all the data that the company has on them – previously, this could be accessed by a massive data dump download, however the new Access Your Information tool allows individuals to explore the information by category.

Twitter updated their privacy policy, sending out emails to their users with information on some of their key revisions. These include more focus on the controls that they offer users over their personal data, more focus on how Twitter shares public data, more transparency and control over how the data is shared with business partners. Furthermore, there is more clarity about how data may be shared to prevent harm, comply with the law, or serve public interest.

LinkedIn has adapted its policy to enable members to download their personal data, and it has followed up on GDPR’s right to erasure, by clarifying that personal data such as audience email addresses will be automatically deleted within a 90 day time frame if it is not edited or being used in active campaigns.

If you are active on any social media networks, be sure to take a proactive approach and review your privacy settings, as well as the availability of your personal data.

This article was written by Kristina Weber at Centry Ltd. For more content like this, subscribe to Centry Blog and follow us on Twitter @CentryLTD!

GDPR & Consent

GDPR and Consent (1)

The deadline for compliance with the General Data Protection Regulation (GDPR) is approaching fast: May 25th, 2018 is when enforcement will begin.

Be sure to read Centry’s GDPR Guide for a concise, easy-to-read breakdown of what GDPR is and important details of what you need to know about it.

For any questions or comments, feel free to contact us at info@centry.global or on any of our social media outlets. We’re here to help you!

 

Orbitz Data Breach

pexels-photo-91217

If you made travel plans with Orbitz or Amex Travel between 2016 to 2017, you might want to keep a close eye on your card statements.

This week, the Expedia-owned travel planning company, Orbitz, announced that it had discovered a potential data breach that may have compromised information tied to 880,000 credit cards. Hackers may have been able to access consumer data submitted between Jan. 1, 2016 to June 22, 2016 on the company’s legacy platform.

Partner platform Amextravel.com was also affected, linked to purchases made between Jan. 1, 2016, and Dec. 22, 2017.

The compromised data includes names, dates of birth, postal and email addresses, gender, and payment card information of customers who submitted such information in those specified time periods. Orbitz stated that they do not yet have any “direct evidence” that this information was stolen, but it was certainly put at risk. The company has said that it has been notifying customers who may have been impacted by the breach, and it is offering a free year of credit monitoring to affected U.S. customers.

In a statement, Orbitz described working with a forensic investigation firm, cybersecurity experts, and law enforcement once the breach was discovered, on March 1st, in order to “eliminate and prevent unauthorized access to the platform.”

In the meantime, Orbitz has set up a website for US customers to find out more about the breach and whether their information may have been compromised. Individuals that enter their name and email address into the form requesting additional protection will be directed to a confirmation page and emailed a redemption code from orbitz@allclearid.com. Orbitz asserts that the AllClearID website will be the company’s primary platform for communication on the protective services they are offering.  

If you are worried about your information being compromised, ensure that you review payment card statements carefully and call your bank if there are any suspicious transactions. Similarly, be aware of phone calls or emails that offer identity theft protection – these may be phishing scams to steal your information while you’re vulnerable.

For more content like this, follow us on Twitter @CentryLTD!

Out-think Fraudsters!

My Post

Centry Ltd. will be participating in The Institute of Internal Auditors Finland (IIA Finland) fraud training workshop! Join us to learn about effective desktop investigation procedures, and how this can boost security for your organization.

Important Details

When

This workshop will take place on March 8, 2018 from 8:30am to 4:00pm.

Where

Radisson Blu Royal

Runeberginkatu 2

00100 Helsinki, Finland

Ticket Prices

Members

580€ + VAT*

*Discount offered for one or more members of the same organization at 400€ + VAT per person!

Guests

730€ + VAT

The Program

Over the course of this workshop, you will learn methods for Investigative Desktop Research (‘IDR’), which is the process of collecting readily available public information and analyzing it for signs of fraud, corruption, or other unethical business behaviours.

This workshop will be conducted in a hands-on style, to help you learn the best that you can of how to identify, collect, and analyze information from external and internal sources for your own research.

IDR is a useful tool for assessing the nature of red flags, whilst using a small amount of resources, time, and budget. With information readily available, we will teach you where to look, and how to interpret the things you find.

Here’s what you can expect from spending the day with us, as represented in English by Oskar Savolainen of Centry Ltd! Other speakers will include industry experts Veronica Morino and Nigel Iyer, both with over twenty years of experience with IDR.

Working with us, you will:

  • Gain an understanding of the risks, costs, and effects of fraud and corruption.
  • Come to appreciate the power of detection and analytical techniques to be applied to red flags.
  • Learn to sort, interpret, and evaluate your findings.
  • Acquire skills for presenting your findings to management.

We look forward to seeing you there! Click here to register before February 25th, 2018!

For any questions or comments, please feel free to reach out to Centry at any of our social media platforms, where we will direct you to Oskar Savolainen and Kimmo Loukonen!

The Question of Privacy in the Smart-Tech Life

pexels-photo-267394

Smart-technology, wearable or otherwise, is undoubtedly a luxurious convenience. With products ranging from Fitbit for keeping track of your health to voice-activated vehicle consoles to home improvement and more, the market for this tech is seemingly limitless.

So how does this compromise your privacy?

Josh Lifton, CEO of Crowd Supply, said in a TechRepublic article: “…we’re entering this world where everything is catalogued and everything is documented and companies and governments will be making decisions about you as an individual based on your data trail…”

The European Union answered this question by issuing the new General Data Protection Regulation (GDPR), which bolsters the rights of individual data privacy, ensuring people have the right to know how, when, and where their personal information is used.

While it might not always be a bad thing for organizations to collect information about you, it’s important that those details don’t fall into the wrong hands.

The main concern among security experts when it comes to smart devices like Amazon Echo and Google Home is the degree to which they’re listening. Obviously, they are listening for the voice-activated commands the user might say. But if you own Alexa and have ever had it interrupt you when you weren’t intentionally speaking to it, you might wonder about what else it’s listening to?

Recently, an array of Bluetooth flaws that affect Android, iOS, and Windows devices were discovered in millions of AI voice-activated assistants, including both the Amazon Echo and Google Home.

The Blueborne Exploit is the name that has been given to the attack that takes advantage of these vulnerabilities, allowing external entities to run malicious code, steal information, and otherwise assume control. What is more threatening about this is that it does not require targets to click any links or fall for any other phishing scams; it can just assume control. Moreso, once an attack seizes one bluetooth device on a network, they can infect any other devices on the same network.

While both companies have since released patches and issued automatic updates for their products, it certainly serves as a cautionary tale to be mindful of what you say and do around these devices.

Wearable smart watches like Fitbit and jogging apps on smartphones run into their own security issues, which readers may have observed recently in the news, after a heat map of jogging and cycling routes released by Strava identified dangerous details of US soldier in war zones in the Middle East.

Overall, as much as it can be a minor inconvenience to do so, it is important that users don’t blindly press ‘accept’ on privacy terms for these apps and gadgets, and instead take the time to review how their information is collected and used. Such insight could lead to foresight that would ensure turning the relevant devices off in situations where that is appropriate.

This article was written by Kristina Weber, Content Supervisor of Centry. For more content like this, follow @CentryLTD on Twitter!

2018 World Economic Forum Highlights

davos_2018_2018125112752

Each year, world leaders, economic experts, industry leaders, celebrities, and other keynote speakers gather to meet in Davos, Switzerland for the annual World Economic Forum. The official program lasts for five days and features more than four hundred sessions, which center discussion around key issues of global relevance, such as globalization, markets, international conflict, environmental issues, etc.

As of today, January 26th, the 2018 forum just wrapped up.

With the immense volume of information, it can be difficult to get a handle on everything that was discussed. As such, we’ve put together some of the big bullet points here for your leisure:

  • India’s Prime Minister, Mr. Narendra Modi, listed his three greatest threats to civilization: terrorism, climate change, and reactionary backlash to globalization.
  • The German Chancellor, Ms. Angela Merkel, stated that global multilateralism has come under threat, as populist movements sweep through countries.
    • Upon this point, Mr. Emmanuel Macron, the President of France, voiced his enduring support for Europe, stating that France would not succeed without greater European success.
    • Although Brexit may come to mind on the point of Ms. Merkel’s statement of deteriorating multilateralism, the UK Prime Minister – Ms. Theresa May assured attendees of Davos that the United Kingdom would remain an advocate of global trade, with plans for bilateral deals with countries worldwide.
  • United States President, Mr. Donald Trump, discussed the state of the US economy, saying that “America First does not mean America alone,” in the context of the thought that as the United States grows, so too will the rest of the world.
  • Alibaba founder Jack Ma spoke about the IQ of love – a subject that we have discussed previously on Centry Blog.
  • The International Monetary Fund raised its forecasts for global crown in 2018 and 2019 to 3.9%, in the wake of the impact of the recent US tax reforms. These new estimates are 0.2 percentage points higher than the IMF’s previous projections in autumn of 2017.
  • Google CEO Sundar Pichai emphasized the importance of artificial intelligence, saying that despite the risks, the potential benefits of it could not be overlooked.
  • China’s three big movements for the future, as outlined by Mr. Liu He, will be: alleviating poverty, preventing major financial risks, and reducing pollution.

In light of the Davos forum, the WEF released this year’s risk report, outlining ten significant risks in terms of likelihood and impact. See Figure 1 below.

It should be noted that within the top 5, just behind natural disasters, the threat of cyberattacks and data breaches pose a remarkable risk to individuals and organizations worldwide. For an additional perspective on the landscape of geopolitics on the cyber field, be sure to read our article on how Cyber is the New Cold War, written by Centry CTO Dave Ehman.

For more content like this, follow @CentryLTD and @CentryCyber on Twitter!