Security advisories

Latest articles

Covers personal devices, accounts, and online presence.

Article illustration: Authenticator Apps vs SMS for Login Security

Why Authenticator Apps Are Safer Than SMS for Login Security

Authenticator apps are more secure than SMS for two-factor authentication. We compare both methods, explain SIM swapping and interception risks, and recommend using an authenticator app for important accounts.

Introduction

One of the best ways to add extra security to your accounts is through Multi-Factor Authentication (MFA) – this means you need more than just a user ID and password to log in. We strongly recommend using MFA for your important accounts.

However, not all MFA methods are equally secure. Authenticator apps are a safer option than SMS authentication methods because they generate security codes directly on your device. SMS authentication codes, on the other hand, can be intercepted by hackers.

What is Multi-Factor Authentication and what is the benefit?

MFA adds an extra step to logging in. Instead of just entering a user ID and password, you must also provide another piece of information, like a code from an app or a text message. This extra step makes it much harder for hackers to break into your account, even if they steal your password.

MFA method #1: What is an authenticator application?

An authenticator app is a mobile app that generates security codes for logging in. These codes are called Time-Based One-Time Passwords (TOTP) and change every 30 to 60 seconds.

When you set up an authenticator app for an account, you scan a QR code or enter a secret key. This links the authenticator app to your account and allows it to generate matching codes.

To log in, you enter your username, password, and the current code displayed on your authenticator app. If the code matches the one your account server expects, you get access.

Some popular authenticator applications include:  

  • Google Authenticator
  • Microsoft Authenticator
  • Authy
  • Duo Mobile

MFA method #2: What is SMS authentication?

SMS authentication is when a security code is sent to your phone via text message. You enter this code along with your user ID and password to log in. These codes are One-Time Passwords (OTP) which are generated for one-time use. OTPs can last for a specified amount of time – users will need to generate a new OTP if they exceed the time limit.  

Sometimes, websites may also send security codes via email instead of SMS, but the process is the same.

Why authenticator applications are preferred over SMS authentication

Authenticator apps provide better security than SMS codes for several reasons:

  • Less chance of being hacked: Authenticator apps generate codes directly on your device, while SMS codes are sent over the internet and can be stolen.
  • No risk of SIM swapping: Hackers can trick your phone provider into transferring your number to a new SIM card, allowing them to receive your SMS codes.
  • No risk of interception: SMS codes can be stolen using man-in-the-middle attacks, where hackers eavesdrop on internet traffic.
  • Codes change frequently: Authenticator apps refresh their codes every 30 to 60 seconds, making them harder to steal and use.

How hackers can steal SMS codes

Here are two common ways cybercriminals can steal SMS codes:

  • Man-in-the-Middle Attacks – Hackers intercept your internet traffic when you connect to an unprotected Wi-Fi network (like public Wi-Fi at a coffee shop). This can let them steal SMS codes.
  • SIM Swapping – A hacker contacts your mobile provider pretending to be you and tricks them into activating a new SIM card with your phone number. Now, they receive all your text messages, including your security codes.

How to keep your accounts safe

  • Use an authenticator app instead of SMS authentication whenever possible.
  • Protect your phone with a strong PIN or password.
  • Avoid using public Wi-Fi when entering security codes.
  • Never share your security codes with anyone.
  • Be cautious of phishing scams that try to trick you into revealing your codes.

Ready to stay protected from digital threats, with experienced professionals overseeing your security?

Request a private consultation to find out whether Richter Guardian is a good fit for you.

Article illustration: Using AI Tools Securely

Using AI Tools Securely: ChatGPT, Gemini, and More

AI tools like ChatGPT and Gemini can train on your data. We cover risks of sharing sensitive information, why paid/enterprise plans help, and best practices for safe AI use at work with Richter Guardian’s support.

Introduction

AI-powered tools are now integrated into various platforms, from office software and operating systems to image editors and chat applications. But how can you use ChatGPT, Gemini, DeepSeek, and other AI-powered tools without compromising your digital security?

Avoid sharing sensitive information with AI chatbots

OpenAI’s privacy policy indicates that user data may be utilized to enhance AI performance. When using services like ChatGPT, Sora, or Operator, your interactions could be used to train AI models.

According to a study done by Harmonic Security, 8.5% of prompts contained sensitive information.

Never input sensitive personal information such as passwords, passport or banking details, addresses, phone numbers, names, or any confidential business data. If necessary, replace sensitive details with placeholders like asterisks or “REDACTED.”

For professionals, especially software engineers leveraging AI for code review, it’s crucial to strip out any information that could reveal company secrets and/or application structure.

Everything shared with an AI chatbot has the potential to be stored and analyzed.

Free AI services come with higher risks

Many free-tier AI tools explicitly state that they train on user data. Organizations using AI should consider investing in paid AI services like ChatGPT Enterprise, which ensures that user inputs and outputs are not utilized for training purposes.

Experts recommend paid plans as a more secure option for businesses looking to mitigate risks.

Best practices for safe AI use in the workplace

For businesses looking to integrate generative AI tools while minimizing security risks, Harmonic Security suggests shifting away from outright bans and instead implementing effective AI governance strategies. These include:

  • Establishing clear AI usage policies and enforcing workflows.
  • Monitoring AI tool usage in real time to track inputs and ensure compliance.
  • Restricting the use of free AI tools that train on input.
  • Classifying sensitive data to prevent exposure.
  • Educating employees on responsible AI use and associated risks.

Ready to stay protected from digital threats, with experienced professionals overseeing your security?

Request a private consultation to find out whether Richter Guardian is a good fit for you.

Article illustration: QR Codes and How to Stay Protected

What Are QR Codes and How Can You Stay Protected?

QR code scams are on the rise—fake parking meters, phishing, and fake utility notices. We outline common tactics and how to verify before scanning, check URLs, and spot tampering, with Richter Guardian’s scanning tools.

Introduction

A quick-response code (QR) is a type of barcode designed to store information in a way that digital devices can quickly read. Most modern smartphones come equipped with QR scanners, often integrated into the camera application, making scanning QR codes a breeze. The barcode is extremely versatile – it can be used as a shortcut to download applications, connect to wi-fi networks, open website links, and facilitate financial transactions. While QR codes serve many useful purposes, scammers have also found ways to exploit them.​

According to reports from the Better Business Bureau (BBB) and police departments across the country, scammers are using QR codes to trick people into visiting fake websites, fraudulent payment portals, or downloading harmful software. Often, these scams come through unsolicited messages or from QR codes posted in public places.

How can I get scammed with QR codes?

Hackers can manipulate QR codes to conduct malicious activities. Here are a few examples:​

  1. Parking Meter Payments: Scammers have been placing fake QR codes on parking meters, making people think they can pay for parking through the code. These fake codes are easy to create and print. After using them, some victims return to find they’ve been fined or towed, increasing their financial losses.​
  2. Phishing Scams: Scammers use QR codes to lead people to phishing websites that ask for personal information, which can lead to identity theft. These codes can come via email, text, or on public flyers, often disguised as legitimate requests to verify your identity or account.​
  3. Fake Utility and Government Notices: Scammers often pose as utility companies or other government agencies, claiming there’s an unpaid bill that needs immediate attention. They ask for payment through a QR code, which takes victims to a convincing fake website. Business owners have also reported receiving letters with QR codes, asking them to complete fake filing requirements.​
  4. False Sense of Security: Scammers sometimes use real QR codes to make their schemes more convincing. For example, they might link to a legitimate website or fake employee profiles, using official logos and details to trick victims into trusting them.

Recommendations

By staying alert and verifying sources, you can protect yourself from falling victim to QR code scams. We recommend the following tips to avoid QR code scams:​

  1. Verify Before Scanning: If you receive a QR code from a friend or colleague, confirm with them that they actually meant to send it. Be cautious if the message feels out of character.​
  2. Be Cautious of Shortened URLs: When you hover your camera over a QR code, check the link that appears. If it’s a shortened URL, you won’t know where it leads, so proceed only if you’re confident the source is trustworthy.​
  3. Look for Tampering: Scammers might alter legitimate QR codes by placing stickers over them. Keep an eye out for signs of tampering, and ask the business to verify the code if you notice anything suspicious.

Ready to stay protected from digital threats, with experienced professionals overseeing your security?

Request a private consultation to find out whether Richter Guardian is a good fit for you.

Article illustration: FBI Notice on Compromised Government Emails and Fake EDRs

FBI Notice Spike in Compromised Government Emails Conducting Fake EDRs

The FBI warned that compromised government emails are being used to send fraudulent Emergency Data Requests to service providers. We explain EDRs, how threat actors obtain access, and how to improve cyber hygiene with Richter Guardian.

Introduction

In early November, the Federal Bureau of Investigation (FBI) issued a warning regarding the abuse of compromised email accounts from U.S. and foreign government entities. These compromised accounts are being exploited to execute fraudulent Emergency Data Requests (EDRs) aimed at U.S.-based service providers.  

What is an EDR?

An EDR is a legal mechanism enabling U.S. law enforcement agencies to urgently request confidential data from service providers without a subpoena. Threat actors would take advantage of the procedure by using compromised government email addresses to submit fraudulent EDRs and obtain customer data.

For example, Verizon disclosed that it received over 127,000 law enforcement requests for customer data during the second half of 2023, with more than 36,000 classified as EDRs. The company reported fulfilling approximately 90% of these requests.

How do threat actors execute these schemes?

Investigations into cybercrime forums reveal multiple methods used by threat actors to submit fraudulent EDRs. Some fake EDR vendors sell the capability to generate fake EDRs by targeting specific platforms, complete with counterfeit court documents. Other fake EDR vendors simply sell access to compromised government or law enforcement email accounts.

Key tactics used to compromise government or law enforcement email accounts include:

  • Phishing and malware campaigns targeting email users.
  • Purchase of stolen credentials from dark web marketplaces.
  • Exploitation of poor cyber practices among government employees.

Key lessons

The notice serves as a reminder of the dangers posed by the sophistication of scams threat actors can orchestrate once they have access to compromised credentials.  

To mitigate risks, organizations and individuals must prioritize cybersecurity hygiene:

  • Establish a procedure on handling sensitive emails to avoid getting phished; approach urgent emails or emails with attachments with caution.  
  • Employ unique and strong passwords for every account and use multi-factor authentication when possible. Data breaches happen often, and threat actors like to take the compromised credentials from these breaches to re-use on other websites.  

Ready to stay protected from digital threats, with experienced professionals overseeing your security?

Request a private consultation to find out whether Richter Guardian is a good fit for you.

Have questions after reading?

If something you’ve read raises a concern, our team can help you understand how it applies to you. Richter Guardian provides ongoing monitoring and expert support for individuals, families, and leadership teams.

  • Clear visibility into personal digital risk
  • Guidance from experienced cybersecurity professionals
  • Support designed for both private clients and enterprise leadership
Have questions after reading?