.png)
Of the many digital traces we leave in daily life, location metadata may be the most revealing. Location tracking is common in many applications because it’s so useful – it can allow you to get directions from here to there, discover the closest restaurants near you, or tell you your local weather conditions. These perks, however, can come with large privacy risks.
Companies that you would never suspect needing so much of your data, are quietly collecting enormous amounts of data. For example, in 2020, an investigation was done on Tim Hortons, as the Tim Hortons app reportedly tracked an individual’s location more than 2,700 times in five months. Commissioners say Tim Hortons collected “vast amounts” of granular location data with the aim of delivering targeted advertising, to better promote its coffee and associated products, but that it never actually used the data for this purpose.
Some of the apps on our phone sell or share location data about their users with companies that analyze the data and sell their insights. There are many ways location data can be used, and the market for this data is huge – the location data industry is an estimated $12 billion market. Collectors, aggregators, marketplaces, and location intelligence firms are potential buyers interested in your location data.
Some apps genuinely need your location to work properly, but others have different motives. Many collect location data for reasons unrelated to their main function, like targeted ads or selling it to data brokers.
Once an app collects your location data, you lose control over where it goes. It can be sold repeatedly—from data providers to aggregators that combine information from multiple sources. It could end up in the hands of a “location intelligence” firm that uses the raw data to analyze foot traffic for retail shopping areas and the demographics associated with its visitors.
You might think, “I have nothing to hide.” But location data can reveal much more than you realize, such as:
Even though this data isn’t directly linked to your name, experts have shown that it’s easy to match location history with other data to identify people and their habits. In 2020, a religious publication used smartphone app data to infer the sexual orientation of a high-ranking Roman Catholic official. The publication claimed it obtained “commercially available” location data from an unnamed vendor and linked it to the priest’s phone, revealing visits to gay bars and private residences while using Grindr, a dating app popular with the LGBTQ+ community.
Privacy advocates have long cautioned that advertisers gather location and personal data, which is then compiled and sold by data brokers. This information can be used to identify individuals and is not subject to regulations requiring clear consent from those being tracked.
The quickest and easiest way to reduce tracking is to delete unnecessary apps. Both Android and Apple allow you to check which apps have access to your location and whether they track it only while in use or all the time. If you don’t use an app often, consider removing it.
Your location can be tracked through your phone, logged-in accounts, internet connection, and location services. To limit oversharing, take these steps:
Despite these precautions, location tracking can’t be completely eliminated. It’s important to support companies that provide clear and transparent privacy policies.
%20(1).png)
Richter Guardian gives you enterprise-level cybersecurity tailored for individuals, families, and executives.
Important family, financial, and legal information is increasingly stored across devices and online accounts, making a reliable backup plan an important part of protecting it. For many families, important files now exist across different devices and services, so it helps to know where those files are stored, how they can be recovered, and what their risks are.
For high-net-worth individuals, families, and executives, backups are especially important because the information they rely on is often highly valuable, private, and difficult to replace. A lost device, ransomware attack, cloud account issue, or hardware failure can quickly disrupt personal, financial, or business matters. Having a reliable backup plan helps ensure important files remain accessible, protected, and recoverable when something goes wrong.
Data can be lost in several ways, including lost or stolen devices, ransomware, or everyday backup failures such as cloud service outages, file corruption, or hardware failure.
If a device is lost, stolen, or destroyed, any files stored only on that device may be permanently lost. The best protection is to keep a backup in another place, such as a cloud account or an external hard drive.
Ransomware is another serious risk. This type of attack locks your files and demands payment to restore access. An offline backup, such as an external hard drive, protects your files since attackers cannot access it.
Backups can also fail for everyday reasons. Automatic backup settings may be turned off, an important folder missed, files become corrupted, or a cloud service may be temporarily unavailable. A helpful rule of thumb is to keep three copies of important data: one on your device, one in the cloud, and one on an external hard drive.
Cloud storage saves your data online through a service such as Google Drive, Apple iCloud, or Microsoft OneDrive. You can access files from any device with an internet connection, and many cloud services can back up your files automatically.
Since cloud backups can sync unwanted changes, including ransomware-encrypted files, cloud backup should be paired with an offline backup that is disconnected when not in use.
An external hard drive provides an extra layer of protection if something goes wrong with your device or cloud account.
To use an external hard drive, connect it to your computer, copy your important files, and disconnect it once the backup is complete.
For added safety, store the drive in a secure location away from your main devices. A safety deposit box or personal safe is the most secure option.
If you’re a client and have questions about securing your backup accounts, multi-factor authentication, protecting your devices from ransomware, or improving your overall device backup strategy, please contact our team.
Email support@richterguardian.com, call +1 844-908-3950, or book an appointment.
Request a private consultation to find out whether Richter Guardian is a good fit for you.
Anthropic's Claude Mythos is an advanced AI model currently available only to a select group of vetted technology companies, not the general public. While it holds significant promise as a defensive tool, capable of uncovering security flaws before criminals can exploit them, the same capabilities could be misused to lower the effort needed to exploit weaknesses in email, banking, and personal accounts.
For high-net-worth individuals, families, and executives managing significant assets, this increases the risk of targeted fraud, account takeovers, and financial loss, making strong cybersecurity practices more important than ever.
Claude Mythos is an advanced artificial intelligence model developed by Anthropic, the company behind the widely used Claude AI assistant. It can be thought of as a much more powerful version of AI tools that many people already use for daily tasks. Mythos goes far beyond earlier models, especially in areas such as complex reasoning, software analysis, and, most importantly, the ability to identify weaknesses in computer systems.
At this time, Mythos is not available to the general public. It is still going through testing and review and has only been released in a highly controlled way to a small number of trusted organizations. These include major technology and security companies such as Microsoft, Apple, Amazon, Cisco, and CrowdStrike. This limited release is intentional. Anthropic has stated that Mythos is powerful enough to cause serious harm if misused, so they have chosen to share it cautiously and with careful oversight.
There are two main reasons Mythos is receiving so much attention. The first is concern within the cybersecurity community. Mythos represents a major step forward in what AI can do when applied to computer systems. Security professionals worry that existing defense tools and practices have not yet caught up. There is also concern that criminals could use tools like Mythos to make cybercrime faster, cheaper, and easier to carry out.
The second reason is business momentum. Every major AI announcement attracts investors and increases public interest. This often raises the perceived value of companies such as Anthropic, OpenAI, and Google. As a result, Mythos has become not only a security issue, but also a financial and market-driven story.
It is important to understand that Mythos is not an isolated development. Other companies, including OpenAI and Google, have already released AI models with similar cybersecurity-related capabilities, though generally at a lower level. What makes Mythos different is how quickly and efficiently it operates, as well as Anthropic’s openness in discussing both its potential benefits and its risks.
Mythos does not create entirely new types of cyber threats. Instead, it significantly lowers the level of skill, knowledge, and time needed for attackers to exploit existing weaknesses. These weaknesses exist in the everyday technology we all rely on, including phones, laptops, email systems, and banking or investment applications.
Cyberattacks that once required a team of highly skilled hackers may soon be possible for a single individual using AI tools. For individuals and families with significant financial assets, sensitive personal communications, or access to influential networks, this increases risk. The most common and serious threats remain personal email compromise, fraudulent wire transfers, and targeted account takeovers.
Make sure all important accounts, such as banking, email, and investment platforms, use strong, unique passwords, and enable multi-factor authentication wherever it is available. In addition, use credit monitoring services to help detect fraud, unauthorized accounts, or identity misuse as early as possible.
AI can now generate very realistic phishing emails, texts, and phone messages. If something seems unusual or urgent, verify it through a separate and trusted method before taking action.
Organizations that manage your assets should be reviewing and strengthening their cybersecurity controls, including how sensitive data is protected and how fraud risks are managed.
Richter Family Office supports high‑net‑worth families and executives by integrating cybersecurity and risk considerations into wealth management, governance, and operational oversight.
Richter Guardian is actively monitoring developments related to Mythos AI and other emerging cyber risks. We will continue to share updated guidance as the situation evolves.
Please contact us immediately if you notice unusual account activity, suspicious communications, or unexpected requests involving sensitive or financial information.
Email support@richterguardian.com, phone +1 844-908-3950 or book an appointment.
A recent article published by CBC news highlighted a concerning scam that involved the Bank of Montreal (BMO). The scam managed to exploit vulnerabilities associated with the two-factor authentication (2FA) system of the bank. This advisory aims to provide an overview of the issue, its implications, and recommendations.
The scam primarily targeted customers with lines of credit. Perpetrators pose as bank employees and use a combination of phishing techniques and flaws in the 2FA process to gain unauthorized access to customers’ accounts, subsequently making unauthorized transactions.
While 2FA is an essential security feature, it is not infallible. Richter Guardian clients should be proactive in understanding its limitations and continuously seek ways to enhance their security posture.
Table 1 – Levels of two-factor authentication that may be available to protect your bank account.