Tate's Cyber Cuts 6.15.2023

Scammers creating compromising photos of you with AI; 20% of CA community college applications are fake; new security features with Apple; beware Strava heatmap

Read this article on Substack:

Strava heatmap feature can be abused to find home addresses

Summary - full article?here

Researchers at the North Carolina State University Raleigh have discovered a privacy risk in the Strava app's?heatmap feature that could lead to identifying users' home addresses.

Strava is a popular running companion and fitness-tracking application with over 100 million users worldwide, helping people track their heart rate, activity details, GPS location, and more.

In 2018, Strava implemented a feature called "heatmap" that anonymously aggregates users'?(runners, cyclists, hikers) activity to help users find trails or exercise hotspots, meet like-minded individuals, and perform their sessions in more crowded and safer locations.

However, as the researchers?found, this feature opens up the possibility for tracking and de-anonymizing users using publicly available heatmap data combined with specific user metadata.

For their research, the scientists correlated their findings with voter registration data and found their predictions were roughly 37.5% accurate.

What YOU should DO

The heatmap feature is active by default on all Strava apps, but users can opt-out through settings.

1. Go to Settings —> Privacy Controls —> Map Visibility

You can hide the start and end points of activities and choose to hide your activity maps completely.

1. Opt out of Settings —> Privacy Controls —> Aggregated Data Usage

3. Keep your Settings —> Privacy Controls —> Profile Page open to just followers.

Summary - full article?here

The FBI has issued a warning to active social media users that scammers could target them with an AI-based extortion scheme – one that frankly is a little over-the-top.

The Bureau has received reports from victims of the scam who say they were presented with a deep fake photo of themselves that had been combined with a pornographic image. In short, their face was merged into the photo of an adult film?star doing what they do.

The FBI said the scammers are targeting both children and adults, telling them they will distribute the photos online unless the victim pays. In most cases, the FBI says the scammers easily get the photographs from social media platforms like Facebook and Instagram.

What YOU should DO

1. If a scammer reaches out to you with this claim, be skeptical — don’t panic!
2. Check the privacy settings on your social media accounts, and restrict access to your photos (and profile photos if you can).
3. Use discretion when interacting with known individuals online who appear to be acting outside their normal pattern of behavior. Hacked social media accounts can easily be manipulated by malicious actors to gain trust from friends or contacts to further criminal schemes or activity.
4. Secure social media and other online accounts using complex passwords or passphrases and multi-factor authentication.

Scammers Are Now Applying To California Colleges Just To Steal The Financial Aid

Summary - full article?here

A stunning 20% of all applications to California community colleges are now “ghost students,” that is, scammers using someone else’s name to pocket the financial aid and never show up for a single class.

The fraudsters are primarily running this scheme on community colleges, which are required to accept any student’s name that has a high school diploma attached to it, and a social security number is not required on an application. And the scheme is becoming extraordinarily common for these schools. The Chronicle notes that 460,000 of the 2.3 million online applications to California community colleges since last July are these fraudulent, “ghost student” applications — meaning that a full 20% of these college applications are fake.

What YOU should DO

1. Protect your identity and make it harder for bad actors to use it by using a service like?Kanary!

2. Pay attention to your credit reports and consider freezing your credit.?Frozenpii.com?is a great resource to learn how to do this for free!

Apple announces powerful new privacy and security features

Summary - full article?here

Apple has some exciting new privacy and security features that will be coming soon. If you are passionate about protecting your privacy and security, make sure you are using Apple products vs. Android. For example, Apple provides E2E encryption for content in iCloud, including files. Google does not.

Upcoming Apple privacy & security features:?

• A new feature called?Check In,?which automatically notifies family members when you've arrived at your intended travel destination.
• A new AirDrop feature called?NameDrop, which allows a user to hold their iPhone near another to share their contact information with only their intended recipient.
• Support for Lockdown Mode is also coming on watchOS.
• Apps like Messages, AirDrop, and FaceTime will now show a "Sensitive Content Warning" when someone sends an unwanted nude image or video.
• You can now lock Safari Private Browsing windows under a FaceID scan to prevent unwanted snoopers from sticking their noses in there.
• Communication Safety, designed to warn children when receiving or sending photos in Messages that contain nudity, now also covers video content.
• Safari Private Browsing, Messages, and Mail will soon remove tracking parameters from URLs.

Stay Safe!

Tate

Follow me on substack!