A classic Facebook scam is still going strong – Don’t fall for it

If you have spent time on social media over the last few years, you probably know your villain name, which Disney character you are most similar to, or how well your friends know you. Here’s another quiz you should take: Which generation has the worst password habits?

These whimsical quizzes and questionnaires can be an excellent distraction from daily realities. But if the Cambridge Analytica scandal taught us anything, it’s that information divulged online can be used against you.

It might seem to be harmless fun but read on to see why you need to think twice before taking those social media quizzes.

Here’s the backstory

Have you ever stopped to think about the information you freely put out on social media? We’re not talking about uploading photos or linking to a personal blog. We specifically refer to the multitude of quizzes on Facebook, Twitter and other social media platforms.

For instance, in one quiz spotted on Twitter, you correlate your birth month and birthday from the selection to get the answer to “What’s your horror hostname?” That quiz is relatively mundane, but others are more intricate.

Their problem is not that our horror hostname is “Collector of Villainy,” but that it is easy to disseminate the information. It would be quick for someone else to work out the precise details of your answer and collect more information than you intended to share.

Depending on the quiz type, you could reveal your birthday, favorite color, pet’s name, the first letter of your mother’s name, where you live and so on. These answers are often found in account recovery or password retrieval.

See the problem? If hackers wanted to target you through phishing attacks or brute force, they could go through your social media quizzes to learn more about you. Chances are, they will come across some information that could help them.

What you can do about it

The easiest way to ensure that you don’t share sensitive information is not to take the quiz. Instead, you could work out the answer for yourself and have a giggle, but resist the urge to share it on social media.

The Better Business Bureau (BBB) has also warned against these questionnaires and sharing the results. “These are common security questions for insurance, banking and credit card accounts. Social media data and quiz answers can be used to steal your identity or enable a scammer to impersonate you,” the BBB explained.

Here are some tips from BBB to stay safe online:

  • Be skeptical: Before answering a quiz, figure out who created it. Is it a brand you trust? Just because something appears to be fun and innocent, doesn’t mean there isn’t an inherent risk.
  • Adjust privacy settings: Review the social media account’s privacy settings and be strict about any information that is shared. Also, be mindful of who you are sharing it with.
  • Remove personal details from your profile: Don’t share information like your phone number or home address on social media.
  • Don’t give answers to common security questions: Be cautious if the questions in a quiz ask for things like your mother’s maiden name, the street you grew up on, previously owned vehicles, favorite foods or the name of your high school.
  • Monitor friend requests. Don’t accept friend requests from people you don’t know. And be wary of a second friend request from someone you are already connected with; the second profile may be an imposter trying to access your data and Friends list.

More on this scam:

Remember when you took that little Facebook quiz that claimed to reveal “what type of beauty you possess”?

Or that funny photo app that turned you into a magazine cover model? Or maybe that test that told you what kind of “Game of Thrones” character suits you?

Admit it, you have taken a number of these Facebook tests, haven’t you?

Quizzes like these are some of the social media site’s most popular guilty pleasures. If all your Facebook friends are taking them, they’re probably OK, you might think.

Well, the Cambridge Analytica scandal reminded us how these seemingly harmless and fun quizzes and apps can be trojan horses for massive data collection.

Take this popular third-party Facebook quiz app, for example. It looks like it has been leaking user information for years!

Are you one of 120 million?

(No, this is not another silly quiz.)

NameTests, one of Facebook’s biggest quiz app platforms, has been publicly exposing the data of up to 120 million people for years, including names, birthdates, photos and status updates.

Security researcher Inti De Ceukelaire discovered the alarming flaw and reported it via Facebook’s new Data Abuse Bounty program. Note: This program was launched as part of Facebook’s ongoing crackdown on abusive third-party apps.

Now, unlike in the Cambridge Analytica case where the quiz developer willingly shared the data with the analytics firm, Nametest’s data leak was caused by a glitch on its website.

According to De Ceukelaire’s findings, each time someone takes a NameTests quiz, its website fetches the Facebook user’s personal information and displays it on a webpage.

The problem? This page was poorly configured and allowed anyone to access it.

“I was shocked to see that this data [were] publicly available to any third-party that requested it,” de Cuekelaire wrote in a blog post. “In a normal situation, other websites would not be able to access this information.”

Be safe on-line.

Article by Charlie Fripp and Francis Navarro for Komando.co

Source: A classic Facebook scam is still going strong – Don’t fall for it (msn.com)

Why the new iOS update is such a big deal

Article by Rebecca Heilweil for Vox©

© Corbis via Getty Imagesa drawing of a face: Open Sourced logoOpen Sourced logo

On Monday, Apple is rolling out a long-awaited privacy feature for iOS. The latest version of the company’s mobile operating system, iOS 14.5, will prompt iPhone and iPad users to opt out of tracking in apps that monitor their behavior and share that data with third parties.

This new feature is a significant step for user privacy, as it gives people more control over their mobile phone app data and how it’s used by companies, like Facebook and Google, to target ads. At the same time, the move has frustrated app developers and tech companies that have relied on the reservoir of user data for years, and who fear they’re likely to be cut off from it in the near future.

The biggest difference most people will see with the introduction of the new privacy tool, called App Tracking Transparency, is a pop-up that appears when you open an app that tracks you:graphical user interface, text, application, chat or text message© Apple

Since 2012, apps developed for iOS have used an Identifier for Advertising (IDFA) to conduct tracking across different websites and apps. Apps usually collect this identifier so they can connect the information about the user gathered through the app to information about that user gathered elsewhere, like on the web, in order to better target ads. Before 14.5, Apple mobile users were able to limit ad tracking through toggles deep in the software’s settings, but this newest update directly prompts users to approve and disapprove this tracking for every app.

With the App Tracking Transparency feature, however, apps will need users’ permission to access a user’s IDFA before conducting tracking, which could include collecting user data to sell to data brokers or linking a user’s app data with third-party data that was collected in order to target ads. These new rules, Apple has said, will also impact other app processes, including sharing location data with data brokers and implementing hidden trackers for the purpose of conducting ad analytics. Some ad industry experts believe a large number of users will opt out of tracking when the new app tracking transparency feature goes live.

The iOS 14.5 software update is considered a major win for user privacy and is expected to give iPhone users a much greater sense of the type of tracking that takes place in their devices (in fact, privacy advocates were frustrated that the tool wasn’t rolled out earlier). While Apple users had some control over ad-tracking in the past, it’s easier than ever for users to opt out of being tracked.

“They’ll see a simple pop-up that basically prompts them to answer the question of, are they okay with being tracked or not? If they are, things move on,” Apple CEO Tim Cook explained in an interview with Kara Swisher earlier this month. “If they’re not, then the tracking is turned off for that individual with respect to that specific app.”

At the same time, this new Apple feature has frustrated other technology companies that rely heavily on this data to support their web advertising businesses. Google has announced a number of changes to its Google ads systems following the announcement of the new Apple privacy features. The update has also led to a rather public fight between Facebook and Apple. Facebook has run a months-long media campaign claiming that Apple’s changes will hurt the personalized ads that support small businesses. The change is actually more likely to hurt Facebook, assuming many Facebook users opt out.

Apple has been running a campaign of its own, touting privacy and security as key features of its products, for years. Tim Cook, the company’s CEO, has long emphasized that Apple is not in the data business, a position that has increasingly put him at odds with Facebook CEO Mark Zuckerberg. App Tracking Transparency isn’t even the only big privacy update in iOS 14, which also includes “privacy nutrition labels” that encourage apps to provide explanations of their privacy that are easier to understand.

Aside from its privacy features, iOS 14.5 offers a few other reasons to update your software. For instance, you will now be able to set your phone to automatically download security updates, rather than remembering to do this yourself. New emoji options are available. You also now have the option to unlock your phone using an Apple Watch if the device’s Face ID cameras see that you’re wearing a mask.

The App Tracking Transparency tool won’t necessarily mean an end to all tracking, and Apple is already playing whack-a-mole trying to find and stop other workarounds for identifying your device. Still, this newest feature is a new and in-your-face way to remind users about the kind of data apps are seeking about them.

Open Sourced is made possible by Omidyar Network. All Open Sourced content is editorially independent and produced by our journalists.

Source: Why the new iOS update is such a big deal (msn.com)