Latest articles

INTRODUCTION​

​A wave of SMS phishing attacks targeting Canadians with lures regarding unpaid road toll fees have been rolling out since the beginning of the year. 407 ETR has been warning customers to beware of fraudulent texts impersonating the company. The message is designed to deceive people into clicking on a malicious link, which would leave people vulnerable to personal data theft. ​

HOW TO SPOT A REAL MESSAGE​

407 ETR will use specific communication methods to interact with customers that use the express toll route. If you are a customer that uses the 407, take note of these legitimate communication channels:​

• 407 ETR sends payment reminder text messages from a six-digit short code. Messages don’t contain any personal or account information and include a link to their secure payment web page. Their texts will never include a direct link to pay.​
• 407 ETR makes outbound automated payment reminder calls. These calls will not ask you for your personal information. ​
• 407 ETR will only send emails from info@407etr.com or communications@407etr.com. Ensure that the emails you receive do not have spelling errors. ​

HOW RICHTER GUARDIAN CAN HELP YOU​

• Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you are unsure. Connect with our cyber concierge to verify the legitimacy of a situation.​
  
• Transunion identity protection is included on our platform. Transunion identity protection will alert you of any unusual activity on your credit monitoring report that could indicate fraud.

INTRODUCTION​

It’s natural to want to capture the moments from your special vacations and share them on platforms like Facebook and Instagram with family and friends. However, posting these photos while you are still on your trip can expose you to various cybersecurity risks. Cybercriminals often exploit social media to gather information about your travel plans, and by sharing your vacation in real time, you may unknowingly make yourself a target.​​

HOW TO ENHANCE YOUR SECURITY ON VACATION

By following these precautions, you can enjoy your vacation while minimizing the risks associated with social media sharing:

1. Set Your Account to Private: Restrict access to your personal information by sharing only with people you know. Public settings allow anyone to view your posts, potentially putting you at risk.​
2. Decline Requests from Unfamiliar Individuals: Be cautious when receiving friend requests from strangers. Unfamiliar profiles might be cybercriminals in disguise, aiming to extract money or steal your identity.​
3. Avoid Posting Travel Details or Itineraries: Keep your travel arrangements private. Sharing confirmation numbers for hotel reservations, airline tickets, or excursions online can provide cybercriminals with valuable information they can exploit.​
4. Share Photos After Returning Home: Although it may be tempting to post in real-time, consider waiting until you’re back home. You can still share your vacation highlights, and it’s a safer approach.​
5. Educate Your Children on Social Media Safety: While you might be aware of how to stay safe online, your children might not. Ensure they understand the importance of secure sharing practices during and after the trip.

HOW RICHTER GUARDIAN CAN HELP YOU

• Richter Guardian’s concierge service can help you secure your social media accounts during setup. Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you need further guidance.

INTRODUCTION​

​PetSmart, a pet retail giant in the United States, is alerting certain customers about password resets resulting from an ongoing credential stuffing attack attempting to breach existing accounts. The company released a statement on March 6 to let customers know about the credential stuffing attack. ​

As a precaution, PetSmart reset the passwords for any accounts logged in during the credential stuffing attack. Additionally, they reassured customers that there was no evidence of compromise to petsmart.com or any of their systems during the incident.​

WHAT IS CREDENTIAL STUFFING?​

​
A credential stuffing attack is a type of cyber-attack in which threat actors use previously acquired usernames and passwords, typically obtained from data breaches, to gain unauthorized access to user accounts on various online platforms. ​

Threat actors usually automate the process of trying these login credentials across multiple websites and services. Threat actors are cognizant of the fact that people commonly reuse passwords across various accounts, making them even more inclined to exploit this widespread behavior.

HOW TO PROTECT YOURSELF AGAINST CREDENTIAL STUFFING ATTACKS​

Although cyber breaches may be unavoidable, you can still prevent breached details from being used on other websites or services by taking the following precautions:

1. Use Unique Passwords For Each Account – Minimize the impact if one account is compromised.​
   
2. Enable Multi-Factor Authentication (MFA) – Implement MFA wherever possible to add an additional layer of security.​
   
3. Update Outdated Passwords – Change your passwords periodically, especially for critical accounts like email, banking, and social media.​
   
4. Limit Access – Only use trusted devices and networks to access sensitive accounts. Avoid logging in from public computers or unsecured Wi-Fi networks to access sensitive accounts. Ensure that you are not saving your credentials on a public computer.

HOW RICHTER GUARDIAN CAN HELP YOU​

• Our dark web monitoring platform can identify compromised credentials linked to your personal and work email addresses. We’ll also provide guidance on improving your password practices.
• Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you are unsure. Connect with our cyber concierge to verify the legitimacy of a situation.

INTRODUCTION​

As technology rapidly advances, so do the threats to business security, underscoring the critical importance of regular software updates. Cyber-attacks are becoming increasingly sophisticated and widespread, posing significant risks to organizations of all sizes. To defend against these malicious threats, businesses must prioritize keeping their software up to date.​

Software updates not only introduce new features but also provide essential security patches to address potential vulnerabilities. Failing to update can leave individuals and businesses exposed to cyber breaches, data theft, and financial loss. Given the growing reliance on technology for daily operations, maintaining strong security measures is more important than ever.​

Regular software updates are a crucial line of defense against cyber threats, making it imperative for businesses to stay current to protect their data, customers, and reputation. ​

HOW CAN I CHECK IF MY SOFTWARE IS UP TO DATE?

You can check if your device’s software is up to date by going into the device’s settings and looking for the “software update” option. Here’s how to do it on different types of devices:

• On Apple devices (iPhone, iPad): Go to Settings > General > Software Update to see if any updates are available.
• On Android devices (like Samsung Galaxy): Go to Settings and tap on Software Update or System Update. The exact location may vary depending on the model, but it’s usually found in the main settings menu.
• On Windows devices: Go to Settings and find the Windows Update section. From there, click Check for updates to see if your system needs an update.
• On macOS (iMac, MacBook): From the Apple menu n the corner of your screen, choose System Settings. Click General in the sidebar of the window that opens, then click Software Update on the right.

Whenever possible, activate automatic updates to receive the latest patches immediately upon release.

HOW RICHTER GUARDIAN CAN HELP YOU

• Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you need further guidance on updating your devices.

Introduction

In Early November, Apple released ‘NameDrop’ as part of the iOS 17.1 operating system update. NameDrop allows users to share saved contacts between other newer iPhones or Apple Watches within an inch of each other. While the prompt must be accepted to share contact information, several law enforcement agencies recommend parents to change this feature for children.  

Summary Of the Incident

The ‘NameDrop’ feature is similar to Apple’s AirDrop functionality. When NameDrop is enabled, two iPhone users can activate the feature by holding the top ends of their iPhones together. After that, the users can tap ‘Share’ or ‘Receive Only’. The NameDrop feature is automatically enabled once a user updates to iOS 17.1.  

While the feature itself is not a threat, law enforcement agencies are concerned that the feature puts children at a bigger risk with connecting to strangers. Children may not be completely aware when accepting a new ‘Share’ or ‘Receive Only’ prompt. Police recommend turning the feature off for children once they upgrade to iOS 17.1.  

Recommendations

1. Turn the ‘NameDrop’ Feature Off for Children – It is good practice to upgrade your iPhone devices to the latest operating system update. The latest operating system update will include ‘NameDrop’ and automatically enable the feature. To turn off the NameDrop feature, complete the following:
   Navigate to iPhone Settings > General > Airdrop > Bringing Devices Together > Off.

How Richter Guardian can help you

Richter Guardian can help you determine what settings and policies you should set on your children’s device to keep them safe.  

• Richter Guardian’s mobile and endpoint platform can help your children navigate the Internet safely.  

• Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you are unsure about a situation and need assistance with disabling certain features on your devices.  

INTRODUCTION

A quick-response code (QR) is a type of barcode designed to store information in a way that digital devices can quickly read. Most modern smartphones come equipped with QR scanners, often integrated into the camera application, making scanning QR codes a breeze. The barcode is extremely versatile – it can be used as a shortcut to download applications, connect to wi-fi networks, open website links, and facilitate financial transactions. While QR codes serve many useful purposes, scammers have also found ways to exploit them.​

According to reports from the Better Business Bureau (BBB) and police departments across the country, scammers are using QR codes to trick people into visiting fake websites, fraudulent payment portals, or downloading harmful software. Often, these scams come through unsolicited messages or from QR codes posted in public places.

HOW CAN I GET SCAMMED WTIH QR CODES?

Hackers can manipulate QR codes to conduct malicious activities. Here are a few examples:​

1. Parking Meter Payments: Scammers have been placing fake QR codes on parking meters, making people think they can pay for parking through the code. These fake codes are easy to create and print. After using them, some victims return to find they’ve been fined or towed, increasing their financial losses.​
2. Phishing Scams: Scammers use QR codes to lead people to phishing websites that ask for personal information, which can lead to identity theft. These codes can come via email, text, or on public flyers, often disguised as legitimate requests to verify your identity or account.​
3. Fake Utility and Government Notices: Scammers often pose as utility companies or other government agencies, claiming there’s an unpaid bill that needs immediate attention. They ask for payment through a QR code, which takes victims to a convincing fake website. Business owners have also reported receiving letters with QR codes, asking them to complete fake filing requirements.​
4. False Sense of Security: Scammers sometimes use real QR codes to make their schemes more convincing. For example, they might link to a legitimate website or fake employee profiles, using official logos and details to trick victims into trusting them.

RECOMMENDATIONS

By staying alert and verifying sources, you can protect yourself from falling victim to QR code scams. We recommend the following tips to avoid QR code scams:​

1. Verify Before Scanning: If you receive a QR code from a friend or colleague, confirm with them that they actually meant to send it. Be cautious if the message feels out of character.​
2. Be Cautious of Shortened URLs: When you hover your camera over a QR code, check the link that appears. If it’s a shortened URL, you won’t know where it leads, so proceed only if you’re confident the source is trustworthy.​
3. Look for Tampering: Scammers might alter legitimate QR codes by placing stickers over them. Keep an eye out for signs of tampering, and ask the business to verify the code if you notice anything suspicious.

HOW RICHTER GUARDIAN CAN HELP YOU

• Our mobile protection platform includes a tool that pre-scans URLs and QR codes for potential threats, whether they’re received through SMS, email, or accessed on social media. ​
• Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you need further guidance.

INTRODUCTION

In early November, the Federal Bureau of Investigation (FBI) issued a warning regarding the abuse of compromised email accounts from U.S. and foreign government entities. These compromised accounts are being exploited to execute fraudulent Emergency Data Requests (EDRs) aimed at U.S.-based service providers.  

WHAT IS AN EDR?

An EDR is a legal mechanism enabling U.S. law enforcement agencies to urgently request confidential data from service providers without a subpoena. Threat actors would take advantage of the procedure by using compromised government email addresses to submit fraudulent EDRs and obtain customer data.

For example, Verizon disclosed that it received over 127,000 law enforcement requests for customer data during the second half of 2023, with more than 36,000 classified as EDRs. The company reported fulfilling approximately 90% of these requests.

HOW DO THREAT ACTORS EXECUTE THESE SCHEMES?

Investigations into cybercrime forums reveal multiple methods used by threat actors to submit fraudulent EDRs. Some fake EDR vendors sell the capability to generate fake EDRs by targeting specific platforms, complete with counterfeit court documents. Other fake EDR vendors simply sell access to compromised government or law enforcement email accounts.

Key tactics used to compromise government or law enforcement email accounts include:

• Phishing and malware campaigns targeting email users.
• Purchase of stolen credentials from dark web marketplaces.
• Exploitation of poor cyber practices among government employees.

KEY LESSONS

The notice serves as a reminder of the dangers posed by the sophistication of scams threat actors can orchestrate once they have access to compromised credentials.  

To mitigate risks, organizations and individuals must prioritize cybersecurity hygiene:

• Establish a procedure on handling sensitive emails to avoid getting phished; approach urgent emails or emails with attachments with caution.  

• Employ unique and strong passwords for every account and use multi-factor authentication when possible. Data breaches happen often, and threat actors like to take the compromised credentials from these breaches to re-use on other websites.  

HOW CAN RICHTER GUARDIAN HELP YOU?

Richter Guardian can aid in improving your cyber hygiene so that you can lessen the risk of being compromised.

• Consult our cyber concierge if you are in a situation you are unsure of. For example, receiving a suspicious email that requires your immediate attention – we can verify its legitimacy.  

• We can walk you through best password management practices by walking you through 1Password, a password management tool.

INTRODUCTION​

TikTok’s extensive data collection, including personal information and device usage patterns, raises privacy and security concerns, particularly due to its China-based parent company, ByteDance. While some experts argue that TikTok’s data collection is not inherently malicious, others express skepticism about the transparency of its practices.

WHAT TIKTOK GATHERS FROM YOU​

TikTok collects various types of information from users:

1. Personal Data: Tiktok has access to personal data like contacts, calendars, information about which device you’re using, which operating system and your location.​
2. ​TikTok monitors the content you engage with and for how long – similar to Facebook. ​
3. Device Usage: TikTok monitors how you use your device and how it functions, including “keystroke patterns or rhythms, battery state, audio settings and connected audio devices,”.​
4. Location Data: TikTok can collect precise GPS information about its users. ​​

IMPLICATIONS OF DATA COLLECTION​

Data collection by social media platforms like TikTok can pose several risky implications for everyday users:​

1. Privacy Concerns: Social media platforms often collect extensive personal data, including contacts, location, and browsing habits. This raises concerns about user privacy, especially if this data is shared or sold to third parties without consent.​
2. ​Targeted Advertising: User data is often used to create targeted advertising campaigns. While some users may find this convenient, others may feel uncomfortable with the level of personalization and the potential manipulation of their preferences and behaviors.​
3. Data Breaches: Storing large amounts of personal data increases the risk of data breaches. If a platform’s security measures are breached, users‘ sensitive information could be exposed, leading to identity theft, financial fraud, or other forms of cybercrime.​
4. Surveillance and Tracking: Social media platforms track users‘ online activities across different websites and devices to create comprehensive profiles. This surveillance can infringe on user privacy and autonomy, as individuals may feel constantly monitored and manipulated by algorithms.​
5. Political Manipulation: Social media platforms have been implicated in spreading misinformation, propaganda, and divisive content. By collecting user data and targeting specific demographics, malicious actors can exploit social media for political manipulation and influence campaigns.

HOW RICHTER GUARDIAN CAN HELP YOU​

Call us or send us an email at: +1 844-908-3950 or support@richterguardian.com if you are unsure. Connect with our cyber concierge to verify the legitimacy of a situation.

INTRODUCTION

AI-powered tools are now integrated into various platforms, from office software and operating systems to image editors and chat applications. But how can you use ChatGPT, Gemini, DeepSeek, and other AI-powered tools without compromising your digital security?

AVOID SHARING SENSITIVE INFORMATION WITH AI CHATBOTS

OpenAI’s privacy policy indicates that user data may be utilized to enhance AI performance. When using services like ChatGPT, Sora, or Operator, your interactions could be used to train AI models.

According to a study done by Harmonic Security, 8.5% of prompts contained sensitive information.

Never input sensitive personal information such as passwords, passport or banking details, addresses, phone numbers, names, or any confidential business data. If necessary, replace sensitive details with placeholders like asterisks or “REDACTED.”

For professionals, especially software engineers leveraging AI for code review, it’s crucial to strip out any information that could reveal company secrets and/or application structure.

Everything shared with an AI chatbot has the potential to be stored and analyzed.

FREE AI SERVICES COME WITH HIGHER RISKS

Many free-tier AI tools explicitly state that they train on user data. Organizations using AI should consider investing in paid AI services like ChatGPT Enterprise, which ensures that user inputs and outputs are not utilized for training purposes.

Experts recommend paid plans as a more secure option for businesses looking to mitigate risks.

BEST PRACTICES FOR SAFE AI USE IN THE WORKPLACE

For businesses looking to integrate generative AI tools while minimizing security risks, Harmonic Security suggests shifting away from outright bans and instead implementing effective AI governance strategies. These include:

• Establishing clear AI usage policies and enforcing workflows.
• Monitoring AI tool usage in real time to track inputs and ensure compliance.
• Restricting the use of free AI tools that train on input.
• Classifying sensitive data to prevent exposure.
• Educating employees on responsible AI use and associated risks.

HOW CAN RICHTER GUARDIAN HELP YOU?

Richter Guardian can provide solutions to enhance your cyber hygiene, reducing the risk of data breaches and security threats when using AI tools. By following our recommended practices, individuals and organizations can leverage AI safely while protecting their sensitive data.

INTRODUCTION

On February 16, 2024, Wyze Labs encountered a service outage, resulting in connectivity issues for numerous users. The disruption persisted for almost nine hours, with the cameras remaining offline during this period. Wyze Labs identified Amazon Web Services (AWS), their partner, as the source of the security outage.

While working to restore camera functionality, Wyze faced an additional security concern. Some users reported encountering incorrect thumbnails and Event Videos in their Events tab. Disturbingly, unauthorized individuals could enlarge images or view videos from strangers’ Wyze cameras. 13,000 users inadvertently gained surveillance access to other homes.

Although the company released a statement that over 99.75 percent of Wyze’s user base remained unaffected by the breach, 0.25 percent still experienced a serious violation of their privacy.

In response to this incident, Wyze has implemented an additional layer of verification for users seeking access to video content via the Events tab, aiming to prevent such privacy breaches in the future.

RECOMMENDATIONS

Major professionally monitored security systems, like Wyze, are not perfect. Home security cameras are understandably used in many homes to enhance safety and security. If you own and/or use a security camera, it’s important to be aware of the risks associated with these devices. Follow these steps to ensure you are protected:

1. Regularly update camera firmware as home security cameras can be vulnerable to hacking, which may lead to unauthorized access to your device.
2. Use strong and unique passwords and enable two-factor authentication. Many cameras come with default passwords that are easily guessable, making them vulnerable to hacking. Change the default password to something strong and unique.
3. Avoid placing cameras in sensitive areas like bedrooms and bathrooms.