Holiday Security Alert

Holiday Security Alert —
Scammers love chaos, and they are in heaven this holiday season. With shortages and high prices sending everyone scrambling for gifts while we dash to the end of the business year and try to make plans to see family and friends, scammers have an abundance of opportunities to find a weak spot in anyone’s online armor and penetrate for all you’re worth. Here are our steps to stop the scams.

Continue reading

COVID Vax Posts Help ID Thieves

You lock your doors. Security cameras ring your house. And then you post pictures of your vaccination cards on Facebook after you get your injection. We regard our vaccinations as an achievement and an encouragement for others to get their shots. Identity thieves are not gonna miss their shot at mining your data.

Let’s be real. The information on most vaccination cards is minimal: your name and your date of birth. Both pieces of information are likely known to many people and organizations who interact with you, and it’s all readily available on public information websites. We won’t get into how many of you don’t make your year of birth available on Facebook for “privacy” reasons. But you do appreciate birthday greetings.

That said, let’s get back to the vaccination cards. I fall into two groups: 1c for my age and 1b for health reasons. If an ID thief is looking for some way to carry out medical fraud, my info is right there. Looking at my age and 1b status, the thief has the makings of a target. The name and date of birth on an official document validates who you are.

The thief can find my home address. Again, it’s public information, but when it’s added to my “dossier,” it’s another piece of a puzzle. I know I have added more clues about me when I shared some of my hospital visits. By and of themselves, each piece is small, but a thief may have enough to start looking at things just to let me know that they know me.

Then comes the phishing email disguised as an offer about some kind of insurance. If I bite by clicking on a link or opening an attachment, the thief can plant some malware to get a lot more information by mining my data. They might even get into my medical records and have enough info to file a false claim for treatment I never had. They might also lock me out of my records by changing all my login credentials and using HIPPA regulations. In short, I can wind up on the hook to pay for treatment I never had, and I can’t get info about the bill.

It’s one scenario about how big data can be mined – legally and illegally – from one small piece.

You can be vulnerable in other ways.

Let’s say you take a car trip somewhere, and you post a picture that includes your car and shows its license plate number. If your car is desirable, a thief can use your license plate number to trace your address – or maybe start observing you. When you leave the car somewhere, such as in a supermarket parking lot, it’s easy enough to get the VIN number through the windshield and then take steps to retitle your car before stealing it and selling it “legitimately.”

Big data makes these examples possible. There’s a lot more out there all the time, and hackers are more sophisticated. Better software tools allow more thieves to gather and analyze data to pinpoint a target and let them commit a larger number of small crimes that add up to decent money.

Our advice is simple: Don’t put any more of your data out there than is absolutely necessary. Be careful about what you photograph and post. Be careful about how you handle email and about the info you provide – even to legitimate businesses and organizations – by email or telephone. Even with those you know, question why they need certain information, such as your Social Security Number. Use common sense.

You can augment your common sense by keeping all your operating system and application software up to date; updates usually include security patches and bug fixes. Install, properly configure and update anti-virus and malware protection software. We can help you install and maintain software. Call us – 973-433-6676 – or email us to set up an appointment.

Oh, and one more thing: Get your COVID vaccination as soon as you can!

Unlocking Phones of Masked Users

Apple’s upcoming upgrade to iOS 14.5 will make it possible to use an Apple Watch to use facial recognition to unlock your iPhone while wearing your mask. iPhone users without the watch and Android users will still have to jump through hoops to unlock their phones while masked. A year into the pandemic, we have to ask: Why has this taken so long?

Biometrics have long played a role in being able to unlock a cell phone. The first systems used a fingerprint for touch ID, and it has been a bellwether. Many cell phone users still rely on it. Face ID came along next, and many cell phone users rely on it to unlock phones quickly and easily. It’s as good as unencumbered gets.

But with COVID-19 and mask wearing, Face ID doesn’t work. If you want to use the technology while complying with public health needs, Face ID is about as cumbersome as it gets. The less-than-ideal workaround is something like this:

  1. Go to the Face ID option in the settings.
  2. Register for an alternate appearance by going to Set Up Alternate Appearance (or the Reset Face ID).
  3. Take a mask and fold it in half. Assuming the nose as the center point, put it in front of your face. It is recommended that you cover only the tip of the nose with the mask.
  4. Start registering your face like you normally do with the Face ID.  When the system prompts with a message “Face Obstructed,” start removing the mask very slowly until the system says move your head slowly to complete the circle.
  5. Once the process is done successfully, you will get a message that the Face ID is set up.

If this doesn’t work the first time, you’ll need to retry it. You may need to try another trick, such as selecting an alternate appearance option if it’s available.

Apple contends you should use a numeric code to unlock your phone while wearing a mask. They also note that manipulating the Face ID software could compromise your phone’s security. Most likely, they’d prefer you get an Apple Watch if you don’t already have.  

Once your iPhone is running iOS 14.5 and your Apple Watch has WatchOS 7.4 installed, you can turn on Unlock with Apple Watch with a few taps. Open the Settings app on your iPhone and then select Face ID & Passcode. Next, scroll down until you find the section titled Unlock with Apple Watch. The name of your Apple Watch should be listed there. Next to it is a toggle to turn the feature on or off. Slide that switch to the On position and then back out of the Settings app. 

Whenever you’re wearing a mask, all you’ll need to do is hold your phone up as normal to unlock it with Face ID. You’ll feel a haptic tap on your wrist, letting you know your watch was used to unlock your phone. The alert on your watch will also include a button to lock your phone in case it was unlocked by someone else. It’s a security feature to ensure someone else doesn’t pick up your phone and unlock it while wearing a mask.

You can expect to see iOS 14.5 in April. As the release date gets closer, we’ll pass along whatever we find out about other security features. Once it’s available, we’ll be on hand to help you configure your watch, phone and iPad if need be. Call us – 973-433-6676 – or email us to find out what you’ll need to upgrade your iOS security.