Mobile Payment Fraud - a podcast by Carey Parker

from 2022-10-10T11:55

:: ::

Cold hard cash is becoming more and more rare these days. People just don't carry it around much any more. So how do you split a bill at a restaurant or buy from a street vendor? Many people today use mobile payment apps like Venmo, Apple Pay, PayPal, the Cash App, or a service promoted by many US banks called Zelle. While convenient, are these payment systems safe? Most of them actually are pretty secure (though some of them are not very private, like Venmo). But because most of these apps draw directly from your bank account, if you send money to the wrong person, either by mistake or because you were scammed, that money is pretty much gone. Ironically, this is very much like physical cash. Specifically, protections many people assume they have against fraudulent bank transactions don't really apply. You explicitly made the transfer and therefore many banks will not reimburse you for the loss.



In other news: Optus confirms massive data breach; Optus breach triggers privacy regulation review in Australia; Facebook shuts down propaganda campaigns from Russia and China; Facebook warns 1M users of potential credential theft; Google will be migrating Fitbit customers to Google accounts; Microsoft adds new protections to warn you of PC password reuse and insecure storage; the FTC is pushing for new rules around location data collection and sharing; Google releases new tool to help purge personal information from its search results.Article Links



[BleepingComputer]Optus confirms 2.1 million ID numbers exposed in data breach https://www.bleepingcomputer.com/news/security/optus-confirms-21-million-id-numbers-exposed-in-data-breach/[The Verge] Australia to overhaul privacy laws after massive data breach https://www.theverge.com/2022/9/26/23372868/australian-hack-disclosure-privacy-laws-optus-data-breach[Hacker News]Facebook Shuts Down Covert Political'Influence Operations'from Russia and China https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html[9to5mac.com] Facebook security warning for 1M users: Scam apps stole login credentials https://9to5mac.com/2022/10/07/facebook-security-warning/[Hacker News]Google to Make Account Login Mandatory for New Fitbit Users in 2023 https://thehackernews.com/2022/09/google-to-make-account-login-mandatory.html[Lifehacker] Microsoft Has a New Trick for Keeping Your Password Safe https://lifehacker.com/microsoft-has-a-new-trick-for-keeping-your-password-saf-1849580498[Bloomberg]FTC Joins Push for Rules on Trade of Smartphone Location Data https://www.bloomberg.com/news/articles/2022-09-16/location-data-rules-draw-ftc-s-attention-post-roe[The Verge] In 2023, Google can notify you if personal info pops up in search https://www.theverge.com/2022/9/28/23377208/google-results-about-you-notifications-personal-info[briankrebs]Report: Big U.S. Banks Are Stiffing Account Takeover Victims https://krebsonsecurity.com/2022/10/report-big-u-s-banks-are-stiffing-account-takeover-victims/



Further InfoNational Cybersecurity Awareness Month: https://www.cisa.gov/cybersecurity-awareness-monthConsumer Reports: payment apps: https://www.consumerreports.org/digital-payments/how-to-safely-pay-for-goods-and-services-with-someone-you-dont-know/  Send me your questions! https://fdsd.me/qna Support me! https://fdsd.me/support Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/Check out my book, Firewalls Don’t Stop Dragons: https://www.amazon.com/gp/product/1484261887 Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest Generate secure passphrases! https://d20key.com/#/ 



Table of ContentsUse these timestamps to jump to a particular section of the show.



0:00:42: News rundown0:02:49: 10 Million Optus users affected by breach0:06:04: Optus breached via open web interface0:10:28: Facebook shuts down political influence campaigns0:13:38: Facebook warns 1M users of potential credential the...

Further episodes of Firewalls Don

Further podcasts by Carey Parker

Website of Carey Parker