OBJECT TO THE EQUIFAX SETTLEMENT BY NOVEMBER 19TH

We should all collectively object to the Equifax settlement.

November 19th is the deadline date if you want to object to the Equifax settlement. So please do it TODAY – as soon as you finish reading this. Why?  This settlement is an insult to the millions of consumers who had their data compromised. This settlement is not only completely inadequate, but also barely a slap on the wrist for Equifax.

This Puts it in Perspective:

  1. The consumer cash portion is less than 5% of the total settlement pool.
  2. The proposed credit monitoring supplier (Experian) has had recent and large-scale data breaches of their own.
  3. The payment is likely to be magnitudes less than what was advertised.
  4. The attorneys representing the class are getting double the total cash portion of their consumer client base.
Object to the Equifax Settlement
SHAME ON YOU EQUIFAX!

I was among the millions of unfortunate victims of the Equifax Data Breach.  Equifax recently announced that a settlement to the class action against them had been finalized. Remember that nearly 148 million consumers were violated in this totally preventable breach. Our most private sensitive data was hacked and exposed. Equifax makes a handsome profit selling our data. Yet, they failed miserably when it came to protecting that data.

Here’s What Happened

When the class action settlement was first announced, many of us signed up and chose the option for the $125 cash payment – instead of the offer for free credit monitoring.  Shortly thereafter, the lawyers sent out a follow-up email. The email informed consumers that because so many people chose the cash payment option (instead of the free credit monitoring) that the cash settlement amount would be decreased from $125 to just $5.00.  Wait…WHAT???

INSUFFICIENT FUNDS

There was only a meager $31 million set aside in the settlement for those who chose to opt for the cash payment. Apparently, they greatly underestimated the number of consumers who would opt for the cash payment, instead of the free credit monitoring.

Presently, that $31 million is insufficient to grant the full $125 to everyone who chose the cash option. Therefore, those who still wish to receive a cash payment, should only expect to receive a mere $5.00 or perhaps even less than that!

It was revealed that while nearly 148 million Americans were impacted by the Equifax breach, only 3 million consumers had signed up for the free credit monitoring. Most consumers chose the cash payment option instead.

Adding insult to injury, the lawyers involved in this class action settlement have already been awarded $77 million and are now asking for even more money.

CONSUMERS CAN AND SHOULD OBJECT

Today I visited a website that walked me through the steps needed to object to the Equifax Settlement.  (See my second choice option below)

Remember, you have the right to file an objection to this absurdity. BUT – the objection must be completed by the deadline date of November 19th. Consumers have two choices on how to go about filing an objection.

The first choice – is by sending a letter to the Equifax Data Breach Class Action Settlement Administrator. The instructions are available at the Equifax Breach Settlement website on its FAQ page here:  Then see Question # 25. Warning: they don’t make it easy.

THE SECOND CHOICE IS AN EASIER WAY!

Begin by reading an article written by consumer advocate Bob Sullivan on his website here

In his article, Bob Sullivan explains that Reuben Metcalfe, founder of Class Action Inc., has made filing an objection with the court a lot easier – using a bot he created. His website is named ‘NoThanksEquifax.com’. Here’s the link

The website features a bot that semi-automates the objection letter-writing process. The bot, named Clarence, also has a sense of humor. He cheers you on as you walk through the steps of filing your objection.

The ‘NoThanksEquifax’ bot helps consumers opt-out for FREE. He thinks massive objections or opt-outs would force negotiations and hopefully result in a better deal for consumers. He states “I believe a mass opt-out campaign for the Equifax settlement would result in an additional $2 to $3 billion in… consequences”.

Once the objection date (November 19th) expires, the judge overseeing the settlement must legally consider all objections at a fairness hearing scheduled for Dec. 19.  FYI – Objections do NOT remove consumers from the class. If the settlement is approved, claimants can still receive payment or credit monitoring services offered to other class members.

To find out if you were one of the victims of Equifax’s data breach and an eligible class member, call 1-833-759-2982 or go here:

IMPORTANT NOTE: if you wish to join the class action and file a claim in the Equifax class action settlement, you must do so by January 22, 2020.

REMEMBER: THE DEADLINE TO OBJECT TO THE ABSURD DECREASE IN THE CASH OPTION AMOUNT IS NOVEMEBER 19th.  SO HURRY!  DO IT TODAY. THE MORE OBJECTIONS, THE BETTER!!!

FYI: I wrote an earlier article about the Equifax breach settlement in August. It provides many of the details about the settlement. You can read my article by clicking here. 

ROBOCALLS AND PHONE SCAMS

The US Senate and the FCC has finally taken up the battle against Robocalls and Phone Scams. This federal intervention should provide much needed relief to consumers. Estimates of robocalls and phone scams have grown from 29% of all calls in 2018 to as much as 45% of all phone calls in 2019.

THE TRACED ACT

In May the US Senate approved the Telephone Robocall Abuse Criminal Enforcement and Deterrance (TRACED) Act by a 97-1 vote.  Don’t you just love how they come up with these nifty names?  Also, I wonder which Senator was the only one who didn’t think this legislation should be passed. The TRACED Act grants the Federal Communications Commission (FCC) stepped-up enforcement power to levy heavy penalties and fines against violators.

Additionally, the FCC voted unanimously to finally grant telecommunications companies the authority to use technology to proactively identify and block Robocallers.  A summit was held in July with carriers to identify a framework for implementing these new guidelines. The FCC says it is committed to pursuing “aggressive enforcement action” against Robocallers.

Robocalls and Phone Scams
STOP CALLING ME!!!

MOST ALL ROBOCALLS ARE ILLEGAL

Robocallers often place their calls using internet technology that hides their location. When these calls come in, your Caller ID usually displays a “spoofed” (fake) phone number. Tens of millions of these calls are blasted out each day. Most robocalls and phone scams are automated voice messages.

Industry stakeholders are working to implement a caller ID authentication system. Once implemented, it should help the accuracy of caller ID information and help consumers determine which calls are authenticated.

EXAMPLES OF 2 NEW ROBOCALL TACTICS

‘Neighborhood Spoofing’ and the ‘One Ring Scam’ are two of the newest tactics being used to get you to pick up or call back. Neighborhood Spoofing is when a fraudster alters their phone # to look like a phone number with the same area code as yours. The One Ring Scam involves a Robocaller hanging up after only one phone ring, hoping you’ll be curious enough to call back.

THWART ROBOCALLS AND PHONE SCAMS

  • Don’t Engage: Don’t pick up if it’s a number you don’t recognize. Let it go to voicemail.
  • Don’t Answer: Don’t pick up or return any calls you don’t recognize
  • Don’t Encourage Them: If you are instructed to press a “key” to be taken off their list or to speak to an operator you are, in essence, logging your number as a working number. You will be targeted for even more annoying calls. Hang up without pressing any keys!
  • Block Them: Block Robocall phone numbers on your phone, but realize that telemarketers change phone numbers often.
  • Use Technology: Use call blocking options for your cellphone
  • List: Add your number on the Do Not Call Registry  If your number is already registered and you still get unwanted calls, report them  to help expose and catch these fraudulent callers.
  • Forward: SPAM text messages to 7726 (or SPAM)
  • Report: File a Complaint to help investigators detect and track patterns in Robocalls. Call the Federal Trade Commission at 888-382-1222.

Read my prior article about Robocalls here.

FCC Consumer Resources

Equifax Settlement after Massive Data Breach

An Equifax settlement has finally been reached – nearly two years after their massive data breach. The company has agreed to a global settlement with the Federal Trade Commission and the Consumer Financial Protection Bureau. The settlement includes a Consumer Restitution Fund totaling up to $425 million to help people affected by the data breach and another $175 million going to all 50 U.S. states and territories.

Padlock with Identity Theft Theme
Nearly 148 Million Records Exposed!

TOTAL INEPTNESS

It was in September of 2017 that Equifax, one of the largest consumer reporting agencies in the world, suffered a data breach that affected roughly 148 million consumers – nearly half the U.S. population.

Equifax’s failure to maintain and update their security system is what caused this preventable breach. Despite knowing about a critical vulnerability in its software, Equifax failed to fully patch its systems. The breach went unnoticed for 76 days.

This epic breach enabled hackers to penetrate Equifax’s systems and exposed the private data of 56% of American adults. Breached information included Social Security numbers, names, addresses, birthdates, credit card numbers and some driver’s license numbers too.  It was, and still is, the largest and most damaging breach of highly sensitive consumer data.

RESTITUTION FUND – JUST A MERE $2.87 – PER VICTIM!
Equifax Settlement
Barely A Slap On The Wrist!

The Equifax Settlement includes a Consumer Restitution Fund totaling up to $425 million that will go to consumers who can demonstrate that they were financially harmed by the breach.  $300 million is dedicated to addressing consumer redress. However, if the $300 million is exhausted, the fund can increase by up to an additional $125 million. The company must also offer up to 10 years of credit monitoring services to those affected by the breach. If you don’t want the credit monitoring service, you may be able to opt for a $125 cash payment, unless they run out of funds. You can’t get both!

Furthermore, Equifax has agreed to take several additional steps to assist consumers who are either facing ID Theft issues, or who have already had their identities stolen. It includes making it easier for consumers to freeze and thaw their credit and making it easier for consumers to dispute inaccurate information contained in their credit reports.

Additionally, the Equifax settlement requires the company to maintain sufficient staff dedicated to assisting consumers who may be victims of identity theft. For at least seven years, Equifax will provide free assistance to victims via their Identity Restoration Services. In other words, if you discover there was misuse of your personal information, call the settlement administrator at 1-833-759-2982 and you will be given instructions for how to access Equifax’s free Identity Restoration Services.

WHAT DO I NEED TO DO NOW?

Equifax is offering FREE Credit Reports for ALL U.S. Consumers. Starting in January 2020, all U.S. consumers can get 6 free credit reports per year for 7 years from the Equifax website. That is in addition to the mandatory free credit report everyone is entitled to each year from each of the three credit bureaus that you get from going to www.AnnualCreditReport.com

To find out if you were one of the over 147 million victims of Equifax’s data breach and an eligible class member, call 1-833-759-2982 or you can click here

*NOTE: If you wish to file a claim, you must file your claim by January 22, 2020.

Visit the Federal Trade Commission’s website for info on How to File a Claim

Read a previous article I wrote about the Equifax Breach to learn how it all came about. And Here for Part Two of that article.

PUBLIC WIFI IS NOTORIOUSLY RISKY

Public WiFi is Notoriously Risky!

If you intend to bring your internet devices with you when you travel, you must consider the inherent dangers of Public WiFi.

Public Wi-Fi Is Not Safe
Public Wi-Fi You Must Protect Your Data

Pubic WiFi is Not a Private Secure Internet Connection

Therefore anyone can access the network and anyone can eavesdrop on what’s being transmitted via Public WiFi. People tend to let their guard down while traveling. Security is put on the back burner and we tend to do things that increase our chances of getting hacked.

According to a survey conducted by Morning Consult for IBM Security, 70% of travelers take unnecessary risks while on the road. They connect to public WiFi, charge a device on a public USB station, or enable auto-connect on their wireless devices.

Hackers Set Up Fake Public WiFi Hot Spots

A skilled Hacker will typically give their fake WiFi Network a name that’s similar to an authentic connection. If it’s a hotel, they will choose a name with the hotel’s name in it or if it’s the airport, they will choose a network name that includes the airport’s name or the name of the airlines. The same goes for coffee shops or other internet hubs.

If you are inadvertently fooled by a hacker’s fake WiFi Network, you’re now giving that network permission to start taking data off your device. Furthermore, if your device is set to auto-connect, you might be leaking your personal data and not even know it.

You can’t eliminate all digital threats when you’re on vacation, but you can significantly reduce your chances of having a problem by following these tips.

TIPS TO KEEP YOU SAFE

  • Any device you use, outside your own home network, including your smartphone, laptop or tablet should have a VPN (Virtual Private Network) installed. A VPN encrypts the data leaving your device.
  • Before turning the VPN on, be sure to shut off WiFi and close all apps. After connecting to Wi-Fi, via your VPN, it’s safe to open up any app.
  • Never have your devices set to auto-connect. If your device automatically connects to a free WiFi Hotspot, your device is vulnerable to hacking.
  • Keep the WiFi on your smartphone turned off until you need it. Cellphone data is encrypted when it travels via your phone’s mobile network.
  • Never bring your business laptop with you when on vacation. Bring a spare one that has no corporate data on it. If you need to access corporate data or your company email, do it through the cloud.

Remember, we’re more vulnerable to digital security intrusions when we travel. Don’t opt for convenience over security.

Here is the link to the IBM Survey

Read a previous article of mine about how to keep your online data safe

 

VOICE ACTIVATED ASSISTANTS

VOICE ACTIVATED ASSISTANTS POSE PRIVACY CONCERNS

Voice Activated Assistants, aka Digital Assistants, like “Alexa” and “OK Google” have become very popular. Over 20 million homes already have a voice activated assistant installed in their homes.

These digital assistants may be the latest rave in cool technology, but the devices have created new privacy concerns and security vulnerabilities. They could potentially expose personal data like your bank account info and your contact list. So, while it may be fun to own one, be aware that voice activated assistants pose a risk, if a cyber-criminal is able to hack into it.

The digital security firm Symantec released a report about voice activated assistants. The report states that “The range of activities that can be carried out by these speakers, means that a hacker or even a mischief-minded friend could create havoc, if they were able to gain access”.

Voice Activated Assistants
THEY’RE LISTENING!

WHY? IT’S ALWAYS LISTENING!

The user must first use a wake-up command such as “Alexa” or “OK Google” to activate the digital assistant. Therefore, the device must always be listening, waiting to be activated by that command. This can cause unintentional or accidental triggering. Even a radio, TV or streaming video, playing in the background, might inadvertently set it off.

Once the device is awake, it will record what is said and then sends that recording to a server, where it is stored. However, you do have the option to listen back to these recordings and delete them if you wish.

Symantec’s threat researcher sees a potential danger from these ‘always listening’ digital assistants. He states, “Someone could hack into these devices remotely and then turn them into a listening device”. “Some of them even come with cameras, so they can also see what you are doing”.

Pam Dixon, executive director of the World Privacy Forum, cautions against allowing your digital assistants to store passwords, your contact info or credit card data. Additional dangers include the fact that the device may come with a purchasing option, which is usually turned ON by default. You should set a security PIN or disable the feature.

CRIMINALS CAN TAKE CONTROL

Voice Activated Assistants are designed to be hubs that can control other devices or appliances in your home. These other external devices are referred to as the “Internet of Things” (IoT). Gadgets like lights, cameras, thermostats, coffee makers, alarm systems and door locks are all part of the Internet of Things.

Be aware that the convenience of these IoTs, may create new vulnerabilities. For example: if you connect your door locks or alarm system to your digital hub, then a burglar could command your digital assistant to “open the door and turn off the alarm”.  Additionally, any device connected to the internet is vulnerable to Malware. Always be sure to change the default password and assign a stealth password to each of them.

TIPS TO KEEP YOU SAFE

  • Be careful which accounts you connect. Don’t connect things you don’t need to use, like your address book or calendar.
  • Always use long strong passwords and enable 2-step authentication if it’s available. Remember that anyone with access to your account can listen in remotely, play back recordings, change settings and access personal information.
  • Be sure that your voice activated assistant is linked to your private home or office Wi-Fi network. Password protect your Router.
  • Devices made by Amazon and Google both offer voice recognition, so use that feature. But realize it’s not foolproof.
  • Remember to put the device on Mute when you go on vacation.

To learn more about the danger posed by these gadgets, read my prior article about the Internet of Things.

CYBERSECURITY RESOLUTIONS

As 2018 comes to an end, I am putting together my recommended list of Cybersecurity Resolutions for 2019. Although the number of data breaches went down in 2018, the actual number of individuals affected by those breaches dramatically increased.  So, you must continue to remain ever vigilant if you want to protect yourself.

Cybersecurity Resolutions to head off Cyber disasters
Head Off Pending Disasters

Here are some important Cybersecurity Resolutions you should adhere to.

  1. I WILL USE STRONG, LONG, STEALTH PASSWORDS that are unique for each different website. A good password is one that uses a combination of upper and lower case letters, numbers and special characters. Don’t use the same password for different websites. Be creative and don’t use obvious things like your Mother’s Maiden name, your date of birth, street address, your pet’s names, etc. Your social media page will give any scammer clues of what you might use to create a password. So, don’t make it so easy for them to crack it.
  2. I WILL KEEP MY SOFTWARE UPDATED as soon as I am notified that an update is available. If you do so, in a timely manner, then you won’t have to worry about your devices getting compromised. Set your programs to perform updates automatically.
  3. I WILL BACK UP MY FILES REGULARLY. Backing up your files has become an essential security continuity practice. If you are a victim of Ransomware, a Malware infection or even Mother Nature, you’ll be glad you backed up your data to a separate hard drive or thumb drive. Always remove the backup device from your computer after doing the routine backup.
  4. I WILL USE 2 FACTOR AUTHENTICATION WHENEVER POSSIBLE. Also known as 2FAs, it adds a second layer of security onto your account access, by confirming that you are who you claim you are. It also protects you from those who unlawfully attempt to access your account. Not all businesses and online accounts offer this extra security, but take advantage of the companies that do.
  5. I WILL ONLY VISIT SITES THAT BEGIN WITH HTTPS. Not every website, even some popular ones, begin their web address with the more secure HTTPS. It is not safe to enter any of your personal information on a website that begins with HTTP instead of HTTPS. The “S” stands for secure. Security must go hand-in-hand with privacy. There are extensions that you can install to your browser that will only connect automatically to HTTPS versions of websites. For example, try installing “HTTPS Everywhere” on your google browser. It’s what I use.
  6. I WILL HANDLE MY EMAILS CAREFULLY. Repeat after me: I will never click on links or open up attachments in any email unless I am 150% sure that the email is legitimate. Emails are the easiest way a criminal can gain access to your system. Ask yourself, does the email seem fishy? Is the grammar and spelling correct? Does it sound too good to be true? OR does the email contain an urgent message that you must click on in order to solve a problem? These are all telltale signs of a phishing email. If you click on that link, or open that attachment, you will surely infect your computer. Hover your mouse over the sender’s email address and see if it appears legitimate. My advice is to go onto the business’ website by typing in the URL yourself rather than the provided link in the email. Don’t hesitate to call the business to verify that the email is legit. Most companies will never ask you for your personal information.  You’ve been warned!!!
  7. I WILL BE CAREFUL AND THINK BEFORE I POST. Privacy is dead. Whatever you post is open season for anyone who wants to exploit that information. Sharing details of a personal nature can be dangerous. Criminals can and will use your information against you. The information you so freely give away online, can be used to access your accounts or steal your identity. Tone down the stuff you post about yourself or people close to you.
  8. I WILL KEEP ABREAST OF THE LATEST CYBERSECURITY THREATS AND SCAMS. Knowledge is power! The more you know the more you’ll be able to protect yourself and your loved ones.
Cybersecurity Resolutions to help lprotect your data
Everyone is after your data! You must protect it.

So, there you have it.  If you follow these Cybersecurity Resolutions, you’ll be a whole lot safer from scammers, crooks and fraudsters in 2019.  Stay safe out there and Happy New Year to all.

MAIL FISHING

MAIL FISHING

 Mail fishing is an easy low-tech type of crime. Thieves don’t need any special skill level to retrieve someone’s mail in an accessible public mailbox. According to law enforcement officials, public mailboxes are increasingly a target for criminals.

There’s a treasure trove of goodies in any public mailbox. Think of the many millions of gift cards, cash in greeting cards, rent checks, money orders, bill payments, etc., we mail every day. Most people either place their mail in their own ‘unlocked’ personal mailbox or use the blue postal mailboxes in their neighborhood. This puts their mail in danger of mail fishing.

MAIL FISHING
Thieves Go Fishing To Steal Your Mail

HOW IS MAIL FISHING DONE?

Thieves are using tools like sticky traps – used to catch rodents – attached to the end of a string, to retrieve envelopes placed in postal mailboxes. Using this method, a thief can easily pull up to 20 envelopes at a time this way. OR a thief can easily grab your outgoing mail from your unlocked personal mailbox outside your own home.

 

CHECK WASHING MAY COME NEXT!

Your checking account could be in danger of getting cleaned out if a mailbox thief gets a hold of one of your checks. Once a thief gets their hands on someone else’s check, they will ‘wash’ the ink from that check with chemicals. Once the check is washed, the criminal now has a blank check, with your account information. They will make the check payable to whomever they wish and for whatever amount they want. If that check clears your bank, your money will have been stolen. Additionally, if there wasn’t enough money in your checking account, you will also incur overdraft fees.

Mail Fishing at your Home
Collect Mail Promptly

HERE’S HOW TO KEEP YOUR MAIL SAFE

To avoid ‘check washing’ write your checks out using a type of ink that won’t wash away. Purchase a Uni-Ball brand # 207 gel pen for writing your checks from now on.

If using a postal mailbox, place your bills before the last collection time. This will prevent your mail from sitting in the mailbox overnight. Most mail fishing is done after dark.

Place your mail inside the actual post office. Walk inside and drop it in the post office outgoing mail bin.

Never put outgoing bills in your own personal mailbox, unless it’s a locked/secure mailbox. Also, never raise your mailbox flag, as this will bring attention to would-be mail thieves.

Consider using post office ‘tracking’ when mailing important or large checks.

Don’t keep large sums of money in your checking account and monitor your checking account balance frequently to make sure your checks have cleared. Contact your bank immediately if something is amiss.

Contact the U.S. Postal Inspection Service at 877-876-2455 if you see something suspicious. Mail theft is a federal crime, punishable for up to five years in prison.

Post offices are beginning to either replace or retrofit mailboxes to make them fishing resistant. In the meantime, be vigilant.

FBI Warns of Router Vulnerabilities

Router Vulnerabilities

The FBI is sounding the alarm and giving an official warning about router vulnerabilities. Apparently, foreign hackers are using a type of malware called “VPN-Filter” to target routers around the world. These router security vulnerabilities were present in many of the most popular router brands.

Your router is often one of the most overlooked of all your computer devices. Realize that hackers can and often do break in to a router, just as easily as any other device on your computer.

Router Vulnerabilitles
Check for updates every 90 days

 

SO WHAT IS A ROUTER ANYWAY?

A router is defined as a hardware networking device that routes data from one computer network connection to another, on the internet. It performs traffic directing functions that allow authorized machines to connect to other computer systems. They are in essence electronic devices that join multiple computer networks together.

If your router becomes compromised, the security of all the devices that utilize that router, are in jeopardy. Once infected, Malware causes the router to block all network communications, thus rendering your router inoperable.

ADVICE FROM THE F.B.I.

According to the FBI, this Malware is difficult to detect and defend against. Therefore, the FBI is recommending that owners of home offices and small office routers should immediately reboot their routers. By doing so, it can disrupt this newly discovered Malware. The FBI is also recommending that, if you have not already done so, immediately change the “default” password and choose a new strong and long password.

Lastly, the FBI is also advising everyone to upgrade to the latest version of their router’s firmware.  Unfortunately, the companies that produce routers don’t automatically notify you when an update is available. So, it is up to you to look for them and download them yourself.

In order to do so, you need to use your internet browser to log into your router, using your router’s IP address. By default, most router manufacturers use 192.168.0.1 or 192.168.1.1 as the IP address.

Alternatively, using Windows 10 you can find your IP address by going to your Settings and choose the Network and Internet icon. Next choose Ethernet and click on your network. Then scroll down to Properties to find it.

It is recommended that you check for updates every 90 days. Below are the links to more information for updating the most popular brands of routers.

Apple:   https://support.apple.com/en-us/HT201519

Asus:  https://www.asus.com/microsite/2014/networks/routerfirmware_update/

D-Link:  http://support.dlink.com/

Linksys:  https://www.linksys.com/us/support-article?articleNum=135561

Netgear https://kb.netgear.com/23442/How-do-I-update-my-NETGEAR-router-firmware-using-the-Check-button-in-the-router-s-web-interface

SCAN YOUR ROUTER FOR ANY BREAK-INS

Using the link below will enable you to check your router for any break-ins.  It is a safe and free service that is specially designed to scan your router to make sure there are no hackers lurking in your router.

Here is the link:

https://www.f-secure.com/en_US/web/home_us/router-checker

Just click the “Check Your Router” icon and you’ll receive an instantaneous report.

FACEBOOK PRIVACY SCANDAL

Facebook Privacy Scandal  –  Who’s at Fault?

The CEO of Facebook, Mark Zuckerberg faced a grilling during Capital Hill hearings about the recent Facebook privacy scandal. It appears that Facebook allowed a third-party company, Cambridge Analytica, to plunder the personal information of 87 million Facebook users. This is one of the largest data leaks in the social network’s history.

Cambridge Analytica was able to pull off this data harvesting, under the guise of an app, that appeared to be just an innocent social media quiz.  The app “This is Your Digital Life” paid Facebook for the ability to invite users to take quizzes.  Downloading the app resulted in you granting them full access to your public profile information. If that weren’t bad enough, once a user granted them access, the app was able to view the information of the their Facebook friends too.  Any and all information that was available in a user’s public profile was likely compromised.

Next, the collected data (via the quiz app) was in turn shared with the political research firm Cambridge Analytica.  So, they were able to extract all that Facebook data, under the premise that they were collecting information for academic purposes.

Facebook has since banned the app and is in the process of informing users if their personal information was wrongly accessed.  But, whether your information was accessed or not, the lesson learned here is that you should always be mindful of what you share on your social media profiles.

 

Facebook Privacy Scandal
Why is he so smug?

YOUR PERSONAL DATA IS THE PRODUCT BEING SOLD

During the Joint Commerce and Judiciary Committee hearing, Zuckerberg is quoted as saying: “I would hope that what we do with user data is not surprising to people”.  It was however, a surprising revelation to most Facebook users. Facebook users hadn’t considered the fact that they are NOT Facebook’s customer.  Advertisers are in fact Facebook’s actual customers.

When a user doesn’t pay a fee to use an app or a social media platform, then the user’s personal data is the ‘product’ being sold. Everything we click on and everything we buy or read is tracked, catalogued, analyzed and then sold.  All the information that is collected about us is being harvested and then sold to advertisers, research firms and data brokers.

ON THE INTERNET – NOTHING COMES FREE

Users actually pay for the ‘free’ use of Facebook, by giving up their data. That is why it’s so important to examine your profile privacy settings.  Realize that there is a big difference between Facebook’s “profile privacy” settings and their “application privacy” settings.  Always be aware of what personal information any downloaded app or social media platform can view and use from your account.  Never put too much info about yourself out there. AND read those “Terms and Policies” notices before clicking “Yes”.

Lastly, I would refrain from clicking on those Facebook “LIKE” buttons.  Consumer lawyer and privacy expert Joel Winston wrote an excellent must read article in a column for NBC.

Here’s what he had to say about “Likes”

“On the basis of ten “Likes”, researchers from Cambridge Analytica have demonstrated that Facebook knows you better than your work colleagues. After 70 “Likes,” Facebook knows you better than your friends. Accumulate 150 “Likes,” and Facebook knows you better than your parents. Complete 300 “Likes” and Facebook knows you better than your spouse or partner. Record more than 500 honest “Likes” and Facebook can even know you better than you know yourself.”

You can learn how you can remove apps and websites, if you no longer want them to have access to your Facebook information, by logging in to your Facebook account and going to their help section.