Posts

Facebook Breach: Zuckerberg Karma & Your Stolen Cell #

Facebook Breach

The Facebook Breach Might Not Be What You’re Thinking

How many Facebook user records were just breached? The answer might surprise you.

Zero.

That’s right, the 533 million records that were “scraped” off in the recent-headline-grabbing Facebook breach actually disappeared from their website in 2018 and 2019. Not 2021.

It’s just that Facebook never told us. Never notified us per standard procedure. We found out when the data was posted to a free hacking forum on the dark web.

The breach compromised the personal data of more than half a billion Facebook users including phone numbers, Facebook IDs, full names, locations, birth dates, bios and in some cases email addresses. Yes, that’s right, all of those spam calls you get on your mobile phone might be due to the Facebook breach. Even Facebook founder and CEO Mark Zuckerberg’s cellphone number was part of the hack!

Although the data has been floating around for two years, the way the data was sorted and posted on a free hacking forum this week makes it far more accessible for criminals to exploit. And, although some data for the affected people may have changed in two years, it could still be of value to hackers and cyber criminals like those who engage in identify theft.

What to do?

  1. Never put your real phone number, address or birthdate into Facebook in the first place. Use a Google Voice number if you must.
  2. Change your password in Facebook regularly, even though you no longer have to on most sites.
  3. If you turn on two-step logins, don’t give your cell phone number, as it will be breached. Give the Google Voice number.
  4. See if you were included in this hack by entering your email into HaveIBeenPwned.com. Do you see Facebook there? I hope not.
  5. When you’ve had enough, delete your Facebook account.

John Sileo is a cybersecurity expert, privacy advocate, award-winning author and media personality as seen on 60 Minutes, Anderson Cooper and Fox & Friends. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado.

Private Eyes Are Watching You: What it Means to Live (and Be Watched) in the Surveillance Economy

surveillance economy john sileo

What it is the Surveillance Economy

How do you feel about the fact that Facebook knows your weight, your height, your blood pressure, the dates of your menstrual cycle, when you have sex and maybe even whether you got pregnant? Even when you’re not on Facebook, the company is still tracking you as you move across the internet. It knows what shape you’re in from the exercise patterns on your fitness device, when you open your Ring doorbell app and which articles you check out on YouTube — or more salacious sites. 

Welcome to the surveillance economy — where our personal data and online activity are not only tracked but sold and used to manipulate us. As Shoshana Zuboff, who coined the term surveillance capitalism, recently wrote, “Surveillance capitalism begins by unilaterally staking a claim to private human experience as free raw material for translation into behavioral data. Our lives are rendered as data flows.” In other words, in the vast world of internet commerce, we are the producers and our digital exhaust is the product. 

It didn’t have to be this way. Back when the internet was in its infancy, the government could have regulated the tech companies but instead trusted them to regulate themselves. Over two decades later, we’re just learning about the massive amounts of personal data these tech giants have amassed, but it’s too late to put the genie back in the bottle. 

The game is rigged. We can’t live and compete and communicate without the technology, yet we forfeit all our rights to privacy if we take part. It’s a false choice. In fact, it’s no choice at all. You may delete Facebook and shop at the local mall instead of Amazon, but your TV, fridge, car and even your bed may still be sharing your private data. 

As for self-regulation, companies may pay lip service to a public that is increasingly fed up with the intrusiveness, but big tech and corporate America continue to quietly mine our data. And they have no incentive to reveal how much they’re learning about us. In fact, the more they share the knowledge, the lower their profits go. 

This is one of those distasteful situations where legislation and regulation are the only effective ways to balance the power. Because as individuals, we can’t compete with the knowledge and wallet of Google, Facebook and Amazon. David versus Goliath situations like this were the genesis of government in the first place. But in 2020, can we rely on the government to protect us? 

Unlikely. At least for now. For starters, federal government agencies and local law enforcement use the same technology (including facial recognition software) for collecting data and to track our every move. And unfortunately, those who make up the government are generally among the new knowledge class whose 401Ks directly benefit by keeping quiet while the tech giants grow. Plus, there are some real benefits to ethical uses of the technology (think tracking terrorists), making regulation a difficult beast to tackle. But it’s well worth tackling anyway, just as we’ve done with nuclear submarines and airline safety.

In a recent Pew study, 62% of Americans said it was impossible to go through daily life without companies collecting data about them, and 81% said the risks of companies collecting data outweigh the benefits. The same number said they have little or no control over the data companies collect. 

At some stage, consumers will get fed up and want to take back control from the surveillance economy, and the pendulum will swing, as it already has in Europe, where citizens have a toolbox full of privacy tools to prevent internet tracking, including the right to be forgotten by businesses. Europe’s General Data Protection Rule (GDPR) is a clear reminder that consumers do retain the power, but only if they choose to. It’s not inevitable that our every move and personal data are sold to the highest bidder. We’ve happily signed on, logged in and digitized our way to this point. 

When consumers (that means you) are outraged enough, the government will be forced to step in. Unfortunately, at that point, the regulation is likely to be overly restrictive, and both sides will wish we’d come to some compromise before we wrecked the system. 

In the meantime, you have three basic choices: 

  1. Decrease your digital exhaust by eliminating or limiting the number of social media sites, devices and apps you use. (I know, I know. Not likely.)
  2. Change your privacy and security defaults on each device, app and website that collects your personal information. (More likely. But it takes a time investment and doesn’t fully solve privacy leakage.)
  3. Give in. Some people are willing to bet that a loss of privacy will never come back to haunt them. That’s exactly the level of complacency big tech companies have instilled in us using neuroscience for the past decade.  

Loss of privacy is a slippery slope, and it’s important to take the issue seriously before things get worse. Left unchecked, the private eyes watching your every move could go from tracking your exercise habits and sex life (as if that’s not creepy enough) to meddling with your ability to get health insurance or a mortgage. And suddenly it won’t seem so harmless anymore.


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a privacy and cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker, and expert on technology, surveillance economy, cybersecurity and tech/life balance.

 

12 Days to a Safe Christmas: Day 5 – Don’t Tell Facebook You Won’t Be Home for the Holidays

Holiday Security Tips: On the fifth day of Christmas, the experts gave to me, 5 Facebook fixes

In general, we share too much information on social media sites. During the holidays, we are positively intoxicated with the giving spirit! Without thinking, we share our holiday travel plans, click on seemingly charitable links or post pictures of a fun night out. And when you share with friends on Facebook, you are sharing with their friends and ultimately, most of the literate world. The problem is, some of those people aren’t really friends and only want to separate you from your holiday dollars.

Solution:  Apply these five fixes to ALL of your social sharing (not just Facebook)

  1. Customize your privacy settings. Sixty percent of social network users are unaware that their default privacy settings let others into most of their personal information. Facebook does a decent job of explaining how to lock your privacy down(https://www.facebook.com/help/privacy) but you must spend at least 90 minutes going over the settings to properly protect yourself.
  2. Protect your passwords. Don’t let the bad guys take over your account and contact your friends as if they were you. Create a unique, strong, alpha-numeric-symbol password without using a dictionary word, birthdate, pet’s name or other personal identifier. Use this password only for a single site and don’t share it with anyone. Be careful of using your Facebook login for other sites, as those sites gain access to your private information.
  3. Log into Facebook only ONCE each session. If it looks like Facebook is asking you to log in a second time, skip the links and directly type www.facebook.com into your browser address bar. Phishing emails and social media posts will often send you to sites that look like Facebook but act like a data criminal. When in doubt, log out.
  4. Beware of free offers, big discounts and requests for charity (even if they come from your friends). If the offer in the post is too enticing, too good to be true or too bad to be real, don’t click. Chances are pretty good that your friend’s account has been hijacked and the hacker is serving you a warm dish of malware. If the post is out of character for that friend, email them and ask if it’s real.
  5. Don’t check in when you aren’t home and don’t post your travel plans. Based on social media feeds and locational check-in services alone (Foursquare), it is simple to map your whereabouts and signal thieves when you aren’t home. If you have to let friends know where you are during the holidays, send a group text or email.

No matter if you’re headin’ home for the holidays or off to Whoville, remember to post your pictures and tell those tales AFTER you’re safely home. On the sixth day of Christmas…

To review our tips from previous days, click here.


About Cybersecurity Keynote Speaker John Sileo

John Sileo is the founder and CEO of The Sileo Group, a cybersecurity think tank, in Lakewood, Colorado, and an award-winning author, keynote speaker and expert on technology, cybersecurity, and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab, and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

6 Ways Your Facebook Privacy Is Compromised | Sileo Group

One billion people worldwide use Facebook to share the details of their lives with their friends and may be unaware their Facebook Privacy could be compromised. Trouble is, they also might be unintentionally divulging matters they consider private to co-workers, clients and employers.

Worse yet, they may be sharing their privacy with marketing companies and even scammers, competitors and identity thieves. Luckily, with some Facebook privacy tips, you can help protect your account online.

Here are six ways Facebook could be compromising your private information and how to protect yourself:

 

1.  The new Timeline format brings old lapses in judgment back to light. Timeline, introduced in late 2011, makes it easy for people to search back through your old Facebook posts, something that was very difficult to do in the past. That could expose private matters and embarrassing photos that you’ve long since forgotten posting.

What to do: Review every entry on your Facebook timeline. To hide those you do not wish to be public, hold the cursor over the post, click the pencil icon that appears in the upper right corner, select “Edit or remove” then “Hide from timeline.” Being able to “revise” your history gives you a second chance to eliminate over-sharing or posts made in poor taste.

2.  Facebook third-party app providers can harvest personal details about you—even those you specifically told Facebook you wished to be private. Third-party apps are software applications available through Facebook but actually created by other companies. These include games and quizzes popular on Facebook like FarmVille and Words with Friends, plus applications like Skype, TripAdvisor and Yelp. Most Facebook apps are free—the companies that produce them make their money by harvesting personal details about users from their Facebook pages, then selling that information to advertisers. In other words, you are paying for the right to use Facebook using the currency of your personal information.

Many apps collect only fairly innocuous information—things like age, hometown and gender that are probably not secret. But others dig deep into Facebook data, even accessing information specifically designated as private.

Example: A recent study found that several Facebook quiz game apps collected religious affiliations, political leanings and sexual orientations. Many Facebook apps also dig up personal info from our friends’ Facebook pages—even if those friends don’t use the apps. There’s no guarantee that the app providers will sufficiently safeguard our personal information and there are numerous instances where they have done just the opposite.

What to do: Read user agreements and privacy policies carefully to understand what information you are agreeing to share before signing up for any app. The free Internet tool Privacyscore is one way to evaluate the privacy policies of the apps you currently use (www.facebook.com/privacyscore), but remember that it is provided by the very company that is collecting all of your data. You also can tighten privacy settings. In “Facebook Privacy Settings,” scroll down to “Ads, Apps and Websites,” then click “Edit Settings.” Find “Apps You Use” and click “Edit Settings” again to see your privacy options. And be sure to delete any apps you don’t use. While you are in the privacy settings, take a spin around to find out other data you are sharing that might compromise your privacy.

3.  Facebook “like” buttons are spying on you—even when you don’t click them. Each time you click a “like” button on a Web site, you broadcast your interest in a subject not just to your Facebook friends but also to Facebook and its advertising partners.

Example: Repeatedly “like” articles in a publication with a specific political viewpoint, and Facebook advertisers might figure out how you vote.

Not clicking “like” buttons won’t free you from this invasion of privacy. If you’re a Facebook user and you visit a Webpage that has a “like” button, Facebook will record that you visited even if you don’t click “like.” Facebook claims to keep Web browsing habits private, but once information is collected, there’s no guarantee that it won’t get out.

Example: If an insurance company purchases this data, it might discover that someone applying for health coverage has visited Web pages about an expensive-to-treat medical disorder. The insurer might then find an excuse to deny this person coverage, or to raise their rates substantially.

What to do: One way to prevent Facebook from knowing where you go online is to set your Web browser to block all cookies. Each browser has a different procedure for doing this, and it will mean that you will have to re-enter your user ID and password each time you visit certain Web sites.

Another option is to browse the web in “InPrivate Browsing” mode (Internet Explorer), “Incognito” mode (Google Chrome) or “Private Browsing” mode (Firefox and Safari), which seems to be a less intrusive way to raise your privacy levels.

Less conveniently, you could log out of Facebook and select “delete all cookies” from your browser’s privacy settings before visiting Web sites you don’t want Facebook to know about. There are also free plug-ins available to prevent Facebook from tracking you around the Internet, such as Facebook Blocker (webgraph.com/resources/facebookblocker).

4.  Social readers” tell your Facebook friends too much about your reading habits. Some sites, including the Washington Post and England’s The Guardian, offer “Social Reader” Facebook tools. If you sign up for one, it will tell your Facebook friends what articles you read on the site, sparking interesting discussions.

The problem: excessive sharing. The tools don’t share articles with your Facebook friends only when you click a “like” button, they share everything you read on the site. Your Facebook friends likely will feel buried under a flood of shared articles, and you might be embarrassed by what the social reader tells your friends about your reading habits.

What to do: If you’ve signed up for a social reader app, delete it. In Facebook privacy settings, choose “Apps you use,” click “Edit Settings,” locate the social reader app, then click the “X” and follow the directions to delete.

5.  Photo and video tags let others see you in unflattering and unprofessional situations. If you work for a straight-laced employer, work with conservative clients or are in the job market, you may already realize that it’s unwise to post pictures of yourself in unprofessional and possibly embarrassing situations.

But you may fail to consider that pictures other people post of you can also hurt you.

A Facebook feature called photo tags has dramatically increased this risk. The tags make it easy for Facebook users to identify by name the people in photos they post—Facebook even helps make the IDs—then link these photos to the Facebook pages of all Facebook users pictured.

What to do: Untag yourself from unflattering photos by using the “remove” option on these posts. Arrange to review all future photos you’re tagged in before they appear on your Facebook Timeline by selecting “Timeline and Tagging” in Facebook’s Privacy Settings menu, clicking “Edit settings,” then enabling “Review posts friends tag you in before they appear on your timeline”. Better yet, ask your friends and family not to post pictures of you without your permission. Be sure to extend the same courtesy to them by asking whether or not they mind you tagging them in a photo.

6.  Our Facebook friends—and those friends’ friends—offer clues to our own interests and activities. Even if you’re careful not to provide sensitive information about yourself on Facebook, those details could be exposed by the company you keep.

Example: A 2009 MIT study found it was possible to determine with great accuracy whether a man was gay based on factors including the percentage of his Facebook friends who were openly gay—even if this man did not disclose his sexual orientation himself.

Sexual orientation isn’t the only potential privacy issue. If several of your Facebook friends list a potentially risky or unhealthy activity, such as motorcycling, cigar smoking or bar hopping among their interests—or include posts or pictures of themselves pursuing this interest—an insurer, college admissions officer, employer or potential employer might conclude that you likely enjoy this pursuit yourself.

What to do: Take a close look at the interests and activities mentioned by your Facebook friends on their pages. If more than a few of them discuss a dangerous hobby, glory in unprofessional behavior, or are open about matters of sexual orientation or political or religious belief that you consider private, it might be wise to either remove most or all of these people from your friends list, or at least make your friends list private. Click the “Friends” unit under the cover photo on your Facebook page, click “Edit,” then select “Only Me” from the drop-down menu.

Most of all, remember that Facebook and other social networking sites are social by nature, which means that they are designed to share information with others. The responsibility to protect your personal and private information doesn’t just fall on the social networks; it is also up to you.  Following these Facebook privacy tips can help you succeed in keeping your most personal information safe. 

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.