#AxisOfEasy 252: Scammers Can Steal Your Selfies For NSFW Purposes On Instagram


Weekly Axis Of Easy #252


Last Week’s Quote was  “Even the colossal machinery of modern government has been unable to ordain the future. The crisis in two days democracy arises from The denial of that fact,” was by Martin Gurri, author of The Revolt of the Public .  No one got it.

This Week’s Quote:  “Our lives begin to end the day we remain silent about things that matter.” … by???

THE RULES:  No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.

 


This is your easyDNS #AxisOfEasy Briefing wherein our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
 

In this issue:

  • The TikTok Tapes: China accessed US user data
  • Scammers Can Steal Your Selfies for NSFW purposes on Instagram
  • Meta is Sued for Collecting Data on Medical Portals, Through Facebook Tool, Pixel
  • Worries Rise As China Wants To Regulate Online Comments
  • President Biden Signs Two Bills to Improve Government Cybersecurity
  • Retirement lifestyles advocates radio with guest Mark Jeftovic
  • Navigating Bitcoin’s Noise Parts 1 & 2 with Kane McGukin and guest Mark Jeftovic
  • Basecamp for Men with Tony Rezac: Bloody Markets and Bitcoin with Special Guest Mark Jeftovic

Elsewhere online

  • QNAP NAS Devices Are Actively Targeted by DeadBolt Ransomware
  • Russia´s President’s Speech at The Economic Forum Was Delayed due to a DDoS Attack
  • Authorities in Israel Suspected Cyber Attack After Prolonged Siren Alerts
  • Hacker Who Stole Nude Photos And Videos Has Been Sentenced to 9 Years In Prison
  • Phishing Gang Busted in Belgium and the Netherlands

 

The TikTok Tapes: China accessed US user data

Leaked recordings from the social media app’s internal meetings were leaked and confirm what many already know: China could nose around on TikTok users. There are 14 statements in the recordings from nine employees of TikTok that indicate engineers in China had access to US data between September 2021 and January 2022.

“Everything is seen in China,” said a TikTok’s Trust and Safety department member in a September 2021 meeting. In another September meeting, a director referred to one Beijing-based engineer as a “Master Admin” who “has access to everything.” The recordings are corroborated by screenshots and other documents proving that China is accessing US user data. TikTok spokesperson Maureen Shanahan said, “We know we’re among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data.”

In 2019 then-president Donald Trump shared his concerns about the security implications of TikTok’s collection of American data and threatened to ban the app. As a result, Project Texas attempted to restrict access to data from abroad and protect data from flowing out of the United States and into China: “Project Texas is key to a contract that TikTok is currently negotiating with cloud services provider Oracle and CFIUS. Under the CFIUS agreement, TikTok would hold US users’ protected private information, like phone numbers and birthdays, exclusively at a data center managed by Oracle in Texas (hence the project name).” TikTok has said in public statements that it physically stores all data about its US users in the US, with backups in Singapore, and TikTok’s Chief Information Security Officer Roland Cloutier wrote: “Our goal is to minimize data access across regions so employees would have very minimal access to user data from the EU and US.”

Read: https://www.buzzfeednews.com/article/emilybakerwhite/tiktok-tapes-us-user-data-china-bytedance-access


Scammers Can Steal Your Selfies for NSFW purposes on Instagram

A new scam is taking place on Instagram; scammers steal your profile photos and set up a Not Safe For Work (NSFW) account with your name, pictures, and followers. The accounts it designs to look like it belongs to you and tries to lure your friends into visiting them by following them. “Friends who checked out the new account saw a face they recognized in a context they didn’t: An Instagram account that promised it’s “NOT SAFE FOR WORK” and “FOR YOUR EYES ONLY.” The public account had no posts, just a story with another stolen picture and a caption urging visitors to VISIT MY PROFILE ON NAKED SITE.” 

The URL is a Wix.com website where scammers can create professional-looking websites that are used to create “burner” websites that are here today and gone tomorrow. Additionally, the site shows another stolen photo and pornographic content. 

If your curiosity has led you here, you would have found that if you click on any link, you will end up at a different domain, at an unbranded “age verification” page that asks for your email and password. However, that doesn’t say anything about how old you are. But the real deal is about tricking people into joining expensive subscription services and using a credit card. By now, scammers will have the important part of your information, like your ID number and credit card information. You will not have the NSFW content you were looking for: “Instead, you’d find yourself on a different site, entering yet another username, password, and email into a different “Secure Billing Platform.” 

If you are the victim of an ID theft like this, you should report the account and sites. If photos you own are used without your permission, then the scammer has violated your copyright. You can take action by filling in a DMCA takedown form.

Read: https://blog.malwarebytes.com/personal/scams-personal/2022/06/instagram-scam-steals-your-selfies-to-trick-your-friends/

 
Meta is Sued for Collecting Data on Medical Portals, Through Facebook Tool, Pixel

Meta has been sued for collecting data through medical portals where patients book appointments. The allegations affirm that sensitive medical data is shared secretly with Facebook. The basis of the lawsuit is Pixel, a Facebook tracking tool that redirects patients’ private data without consent, which violates state and federal laws, according to the lawsuit filed in a San Francisco federal court. The complainant is anonymous but acts on behalf of himself and all other victims.

The Complaint´s Introduction says: “Plaintiffs bring this action on behalf of themselves and millions of other Americans whose medical privacy has been violated by Facebook’s Pixel tracking tool. As explained herein, Facebook knows (or should have known) that its Pixel tracking tool is being improperly used on hospital websites resulting in the wrongful, contemporaneous re-direction to Facebook of patient communications to register as a patient, sign-in or out of a supposedly “secure” patient portal, request or set appointments.”

This week, Markup tested the websites of Newsweek’s top 100 hospitals in America, and the result shows that 33 of the hospitals use Pixel on their web. According to the lawsuit, at least 664 healthcare systems and providers use the Facebook Tool. The complainant said he is a patient in Baltimore and uses the facility’s portal to make appointments and review lab results. The lawsuit is seeking punitive damages for invasion of privacy.

Read: https://reclaimthenet.org/meta-is-sued-for-collecting-data-on-hospital-patients/

 

Worries Rise As China Wants To Regulate Online Comments

On June 17, 2022, the internet regulator Cyberspace Administration of China (CAC) published a draft on the responsibilities of platforms and content creators in managing online comments: all online comments would have to be pre-reviewed before being published. This generated worries among users about freedom of expression in China. The new changes affect Provisions on the Management of Internet Post Comments Services, a regulation that first came into effect in 2017. The Chinese Cyberspace Administration wants to update it. The provisions cover all types of comments, forum posts, replies, messages left on public message boards, and “bullet chats” and all formats: texts, GIFs, pictures, audio, and videos. 

Recently Social Media Platforms are actively removing content  before the government and other users can even see them; companies employ thousands of content reviewers or hire third parties that do the task of “censorship-for-hire.” On social media, users are worried about censorship. They are constantly asking if this practice will be expanded to every social media comment. Under one Weibo post about the change, the most liked comment says, “Is this restriction necessary? If only there’s a guarantee, it won’t be abused.”

But this would be extremely expensive, and the real intention would be to encourage companies to take more responsibility in moderating the comments section.

Read: https://www.technologyreview.com/2022/06/18/1054452/china-censors-social-media-comments/

 

President Biden Signs Two Bills to Improve Government Cybersecurity

On Tuesday, Jun 21, 2022, United States President Joe Biden signed two bipartisan bills into law that focus on improving government cybersecurity. The bill’s passage comes regarding a significant increase of cyber incidents in recent years against government entities, including the SolarWinds hack, which involved Russian agents compromising nine federal agencies and at least 100 private sector groups.

One of the bills signed into law establishes an employee rotational program within the Federal Cyber Workforce and upgrades its expertise. The Senate passed the bill in 2019 but did not receive a vote in the House until this year.

In the second bill, the State and Local Government Cybersecurity Act, the Department of Homeland Security and state and local governments will work together to improve cybersecurity. The bill passed the Senate by unanimous consent last month. 

“For hackers, state and local governments are an attractive target — we must increase support to these entities so that they can strengthen their systems and better defend themselves from harmful cyber-attack,” Rep. Joe Neguse (D-Colo.), who introduced the bill, said in a statement after the House’s passage.

Read: https://thehill.com/policy/cybersecurity/3531553-biden-signs-cyber-bills-into-law/?&web_view=true

 

Retirement lifestyles advocates radio with guest Mark Jeftovic

The Fed and central banks globally are trapped. You can’t have a soft landing out of an everything bubble. This is the culmination of flawed policies finally coming home to roost.

Listen: https://retirementlifestyleadvocates.com/podcast/episode/2022-06-26-retirement-lifestyle-advocates-radio-w-mark-jeftovic


Navigating Bitcoin’s Noise Parts 1 & 2 with Kane McGukin and guest Mark Jeftovic

If you’re looking to better understand bitcoin’s past and its future potential as an economic network, then join us and listen in.

Listen to part 1: https://podcasts.apple.com/us/podcast/ep25-part-1-mark-jeftovic-bitcoins-role-in-the/id1583424361?i=1000567632889

Listen to part 2: https://podcasts.apple.com/us/podcast/ep25-part-2-mark-jeftovic-on-bitcoins-role-in-the/id1583424361?i=1000567632917



Basecamp for Men: Bloody Markets and Bitcoin with Special Guest Mark Jeftovic

The topic of bitcoin is one that is being talked about all over the world. What is it? What possibilities does it create for humanity? How do we navigate this transition with a clear head? How do we continue to create sovereignty and freedom….for ourselves, our loved ones, and for future generations?

It is a topic that has been front and center for many and if you like to ride shotgun with people that can help frame the issues and make sense of things, check out this podcast! 

Listen: https://basecamp-podcast.com/basecamp-for-men-e143-bloody-markets-and-bitcoin/

 

Elsewhere online:

 

QNAP NAS Devices Are Actively Targeted by DeadBolt Ransomware

Read: https://www.darkreading.com/attacks-breaches/deadbolt-ransomware-actively-targets-qnap-nas-devices—-again

 

Russia´s President’s Speech at The Economic Forum Was Delayed due to a DDoS Attack

Read: https://www.hackread.com/putins-economic-forum-speech-delayed-ddos-attack/

 

Authorities in Israel Suspected Cyber Attack After Prolonged Siren Alerts

Read: https://www.hackread.com/cyber-attack-false-rocket-air-raid-sirens-israel/

 

Hacker Who Stole Nude Photos And Videos Has Been Sentenced to 9 Years In Prison

Read: https://www.hackread.com/jail-hacker-icloud-phishing-scam-steal-nude-photos/

 

Phishing Gang Busted in Belgium and the Netherlands

Read: https://www.europol.europa.eu/media-press/newsroom/news/phishing-gang-behind-several-million-euros-worth-of-losses-busted-in-belgium-and-netherlands?&web_view=true



Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:



 

 

 

 

2 thoughts on “#AxisOfEasy 252: Scammers Can Steal Your Selfies For NSFW Purposes On Instagram

  1. “”Our lives begin to end the day we remain silent about things that matter.” … by???

    Martin Luther King

Leave a Reply

Your email address will not be published. Required fields are marked *