MULTI-FACTOR AUTHENTICATION- Beware of MFA Fatigue Attacks

While Multi-Factor Authentication (MFA) has become a premier tool to protect your accounts from being hacked by a cybercriminal, hackers are trying to find ways to overcome its benefits and use it to enter your accounts.

One typical attack is for a cybercriminal to obtain the ID and password for one of your accounts then try to sign in. If the account is set up with MFA then it will send a code or ask for confirmation to open up the account. If you do not approve the login, the cybercriminal will continue to try to login repeatedly hoping that you will become annoyed or “fatigued” enough to give up and allow the login to continue.

Krebs on Security reports that it has received reports of criminals using this technique with a twist against Apple customers. The cybercriminals will try the classic MFA fatigue attack. But if their victim doesn’t approve a login, they will call the victim up claiming to be from Apple support. They tell the victim that they are under attack and that Apple support needs to “verify” a one-time code. Of course, the code is the standard MFA notification with a code to enter or a selection to approve or disapprove logging in.

The attack on Apple systems may take advantage of bugs unique to Apple. Krebs on Security observes that changing your account phone number to a VOIP phone number might help. Also, using an email alias could also help. See the Krebs on Security article below for details.

If you receive a notice to approve a login and you are not logging into your account, then obviously you should deny the request. Someone is trying to get into your account that you do not want in there. If the notifications are persistent and numerous, after the attack subsides (assuming that it does stop) change the password to your account to another strong password. Changing your password should prevent someone with your old password from trying to login in the near future.

 

Krebs on Security:

https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/

 

National Cybersecurity Alliance:

https://staysafeonline.org/resources/multi-factor-authentication/

 

Wikipedia:

https://en.wikipedia.org/wiki/Multi-factor_authentication_fatigue_attack

 

 

VACATION SECURITY- Is It Safe to Use a Room Safe?

Frommer’s, a web site that gives advice about travel locations, methods, and accommodations, recently posted an article about the safety of in room hotel safes.

The article noted videos going around social media showing methods that could be used by a thief to break into these common accessories that are provided by many hotels. In an effort to nail down actual statistics to show how much of a problem theft from in room safes really is, Frommer’s could not find much information from major hotel chains or law enforcement. While Frommer’s did not find much information to document justification of any major trends in the theft of hotel safe contents, it notes that the fear of theft is logical for travelers.

Frommer’s research developed the following recommendations,

·         Place your documents in the hotel safe in the hotel’s office.

·         Many hotel safes have you enter a unique numeric code each time you enter the safe. Be sure not to use an obvious code such as 0000 or 1234. If the safe has a preset code, be sure that it is not a simple code like 1234. If it is, ask hotel management if they can change the code for you.

·         Place an external lock on the safe such as from Milockie (https://www.amazon.com/Milockie-370111-Hotel-Safe-Lock/dp/B0042WWMA8?&linkCode=sl1&tag=pageviewcount-20&linkId=cde22f448fc1ed7924e0127df3ae2594&language=en_US&ref_=as_li_ss_tl). This adds a layer to enter the safe. You can remove the external lock with a code or a key that only you have, then enter the safe with the code that is programmed into the safe’s lock. This way, a third party cannot enter the safe with a house key or code.

·         Take a portable safe with you that can be made of plastic or a soft knife proof material. You can place it in your suitcase while you are away from the room, or you can attach it to an immovable object such as a bed frame with an often-supplied heavy-duty cable and a padlock.

·         Put your valuables in your suitcase and lock it. This assumes that staff will not want to rummage through your dirty laundry to find your valuables.

 

Another recommendation that Frommer’s makes is to take pictures of important documents such as your passport, credit and insurance cards, and your driver’s license then save them to your phone and save copies to your cloud account. That way, if you lose the paper copies you have photocopies that you can show to officials on your phone or if you have lost your phone, you can show them on a laptop or notebook computer.

 

  

 

Frommer’s:

https://www.frommers.com/tips/hotel-news/are-hotel-room-safes-safe-the-surprising-truth-behind-online-fears?utm_medium=flipdigest.ad.20240312&utm_source=email&utm_content=article&utm_campaign=campaign

 

 

 

 

IRS TAX SCAMS- Watching Out for IRS Impersonators

We are hot in the tax filing season. Here are some last-minute tips to ensure that you can avoid a scammer and that your personal information remains secure while you file your income taxes.

 

·         File early. OK, it might be too late for this tip during this tax season, but you can think about filing early for next year. The idea is to file your return before cybercriminals have the time to file a fake return in your name and collect any refunds that should belong to you.

·         Use an IP PIN. An Identity Protection PIN is a unique six-digit number that the IRS issues to taxpayers that ask for one. The IP PIN acts as a second method to verify you as you. If your Social Security number has been involved in a data breach, the National Cybersecurity Alliance (NCA) recommends that you apply for an IP PIN. The pin is a number that only you and the IRS know. You should not share it with anyone, and you should guard it like you do for your other sensitive personal information.

·         Enable MFA. This is being repeated by cybersecurity professionals (for some it might be ad nauseum) but it is important to enable Multifactor Authentication for each of your online accounts. The purpose is to deter cybercriminals, who may have harvested your ID and password to any of your accounts, from gaining access to your accounts with only your password. If you did not initiate a login to one of your accounts and you receive a code through a text message or your authenticator app then you should not approve the login. Be aware that there have been cases where hackers have attempted to login to accounts multiple times within a short period of time until the legitimate account holder gives up and approves the login. Also, some scammers try to convince their victims to respond to a code. Never give anyone an MFA code!

·         Watch out for scammers. Scammers frequently impersonate IRS agents or employees. They will contact you via email, text, or phone. Sometimes scammers will also send a letter via mail claiming to be from the IRS. The IRS says that it will not initiate contact via email, text, or phone. It initially contacts taxpayers via the U.S, Mail. In instances where it contacts a taxpayer by phone or a visit at a home or business, the IRS has sent multiple notices via the mail. Also, the IRS will not demand immediate payment to be paid to any other entity than the U.S. Treasury.

 

Red flags to look out for include,

 

·         Requests for data such as bank account information, Social Security numbers, login credentials, or mailing addresses.

·         Communications that try to impose a sense of urgency by scaring you or coercing you into acting right away.

·         Attachments included in any message. Opening an attachment can endanger your computer to malware or viruses.

·         Impersonating tax preparers. Scammers also impersonate employees from TurboTax and H&R Block.  Tax preparers will not initiate contact with you through phone, email, or text message asking for your login information.

 

The danger of scammers impersonating the IRS is throughout the year, not just during the income tax filing season. Keep these tips in mind if you receive an unexpected email, text message, or phone call from someone claiming to be from the IRS.

 

 

National Cybersecurity Alliance:

https://staysafeonline.org/resources/tax-time/?utm_medium=email&_hsmi=294494209&_hsenc=p2ANqtz-8BDIU5Vp2-NZRrQmJAQPwkxZzpaP_qI5FsNzQPaxpeZ7QdlQMFT5nyCMNshIwd7dZrXVF3cybm-pea2ssBoR5xlKng8g&utm_content=294494209&utm_source=hs_email

 

NBC News:

https://www.nbcnews.com/tech/security/s-need-know-tax-season-scams-rcna139839

 

IRS:

https://www.irs.gov/newsroom/tax-scamsconsumer-alerts?s=09

https://www.irs.gov/businesses/small-businesses-self-employed/tax-scams-how-to-report-them

 

 

 

 

 

SNOHOMISH COUNTY SHERIFF’S OFFICE- Protecting Your Home While You Are Away on Vacation

The latest issue of the Snohomish County Sheriff’s Office’s crime prevention newsletter, “Partners in Crime Prevention,” is posted. This issue provides tips on how you can protect your home while you are away on vacation.

You can check it out at the following link,

Snohomish County Sheriff’s Office:

https://www.snohomishcountywa.gov/ArchiveCenter/ViewFile/Item/7128

 

 

 

SCAMS- Knowing How Government Agencies Will Communicate with You

Government agencies have specific ways that they communicate with the public. Often, however, scammers will send emails, text messages, social media messages, or phone calls in mass and see who responds. As part of National Consumer Protection Week (March 3 through March 9) and Slam the Scam Day (March 7) the Social Security Administration is conducting an education campaign about imposter scams that pretend to be from the Social Security Administration. This includes what the Social Security will do and will not do.

Social Security says that it will never:

 

·         Threaten you with arrest or legal action because you don’t agree to pay money immediately.

·         Suspend your Social Security number.

·         Claim to need personal information or payment to activate a cost-of-living adjustment (COLA) or other benefit increase.

·         Pressure you to take immediate action, including sharing personal information.

·         Ask you to pay with gift cards, prepaid debit cards, wire transfers, cryptocurrency, or by mailing cash.

·         Threaten to seize your bank account.

·         Offer to move your money to a “protected” bank account.

·         Demand secrecy.

·         Direct message you on social media.

 

Social Security also points out that scammers are known to:

 

·         Use legitimate names of Office of Inspector General or Social Security Administration employees.

·         “Spoof” official government phone numbers, or even numbers for local police departments.

·         Send official-looking documents by U.S. mail or attachments through email, text, or social media message.

 

Most governmental agencies will not make initial contact with you through email, text, social media, or with a phone call. And they will not ask for money or your personal information. No matter how dire the person claims your situation is, don’t click on links or return an email, text, or social media message and if they call you hang up. If you want to talk to the agency look up their contact information with a web search.

  

For more information on Social Security imposter scams check out this link,

Social Security Administration:

https://www.ssa.gov/scam/

 

Here is more information about government impersonation scams,

Federal Trade Commission:

https://consumer.ftc.gov/articles/how-avoid-government-impersonation-scam

 

Here is some general information about National Consumer Protection Week from the Better Business Bureau,

Better Business Bureau:

https://www.bbb.org/all/national-consumer-protection-week-partnership

 

 

 

 

UTILITY SCAMS- Beware of Ads

Most scams that we hear about warn of scammers pushing messages to us through email, text messages, and phone calls where the scammers are actively searching for someone to victimize. Malwarebytes Labs, a company that provides products that secure business and personal computer systems from intrusion, says that it has found a trend of fraudsters using online ads to scam people who are looking for help with their utility bills.

The assumption is that the fraudsters will have an easier time of tricking a potential victim if the victim is searching for help instead of receiving a call out of the blue.

The fraudsters will buy ads that show up on search engines such as Google. So far, the ads are only showing up on mobile phone searches. Malwarebytes found ads taken out by fraudsters masquerading as companies providing a legitimate service and ads by legitimate US entities that have been hacked. When someone clicks on a link in the ads, instead of sending them to a website it prompts them to call a phone number.

By calling the number, the scammer has a chance to control the interaction in their favor. Often, they will threaten the caller and try to scare them into making poor decisions, especially if the scammer is offering help with paying an overdue bill. They can also offer a deal that is too good to be true in paying your utility bill. But to get out of trouble, or receive your deal, you need to act right away.

Malwarebytes lists several domains that appear to be promoting utility scam ads (see the Malwarebytes article below).

Malwarebytes recommends,

 

·         Avoiding any ad that you see in your search results. Most ads are marked as “Sponsored” or “Ad” or similar marking. Malwarebytes claims that malicious ads outnumber legitimate ads.

·         Watch out for ads or people you are talking to on the phone, etc. who try to give you a sense of urgency, such as threatening to cut off your power in a few days or a few hours.

·         Never disclose personal details over the phone.

·         Beware of requests for payment by money transfers or prepaid cards.

·         Contact your bank immediately if you realize that you paid a scammer by wire transfer to see if you can stop the payment.

·         Report the scam to the Federal Trade Commission at https://reportfraud.ftc.gov/#/.

 

If you have been victimized by a utility scam, the AARP also recommends that in addition to notifying your bank and the FTC, that you,

 

·         Contact the Washington State Attorney General’s Office, Consumer Protection Office at https://www.atg.wa.gov/file-complaint.

·         Contact that Washington Utilities and Transportation Commission at https://www.utc.wa.gov/consumers/consumer-complaints.

 

 

 

Malwarebytes:

https://www.malwarebytes.com/blog/threat-intelligence/2024/02/massive-utility-scam-campaign-spreads-via-online-ads

  

The following article from AARP lists several ploys that utility scammers use to steal your money,

AARP:

https://www.aarp.org/money/scams-fraud/info-2019/utility.html?intcmp=AE-FWN-LIB4-POS13

 

 

 

 

LYNNWOOD POLICE DEPARTMENT- Concerns About Carjackings

In a video released on Facebook and YouTube, Lynnwood Police Chief Cole Langdon has encouraged community members to be aware of their surroundings to curb carjackings. He noted that the police department has received messages of concern from the public about carjackings in the city. He also noted that the department has seen an uptick in carjackings lately.

Chief Cole recommended that as you go about our day, when you are driving, that you remain aware of your surroundings and be on the lookout for any activity that appears unusual. One activity that you can look for is if someone is intentionally following you. He recommended that if someone appears to be following you, to turn down a different street to see if they continue to be behind you.

If you feel you are being followed by a suspicious vehicle, go to a public place, and call 911. Tell the call taker where you are, what your concern is, and ask for an officer to meet you. The officer can check out the area. Chief Cole also emphasized not to feel embarrassed in calling 911. It’s better to ask for help and find out it is a false alarm than to be a carjacking victim.

A final bit of advice from the chief is not to confront the other vehicle but to extricate yourself from the situation.

Note: Carjackings have made the press in the Puget Sound region lately indicating that they are a growing problem in the area. While Chief Cole’s remarks are targeted at the citizens of Lynnwood, his advice is relevant to all of Snohomish County.

  

 

Lynnwood Police Department:

https://www.youtube.com/watch?v=KngZjmed10w

 

Lynnwood Times:

https://lynnwoodtimes.com/2024/02/18/lynnwood-violent-crime-2024/?s=09

SCAMS- Taking Care of Your Mental Health

Being victimized by any crime is not great for a person’s mental health. There often is a feeling of violation and loss when you are victimized by any crime. This is also true with fraud or a scam. But there has not been attention made to the mental negative effects of fraud until recently.

More organizations have been focusing on the mental health effects of scams on victims and have been voicing concerns that society needs to pay attention to scam victims to help them in their recovery from the crime. For example, the Identity Theft Resource Center (ITRC) in its 2023 Consumer Impact Report noted that respondents who said that they have contemplated committing suicide as a result of a fraud/scam has doubled between 2020 and 2022 from 8% in 2020 to 16% in 2022. The ITRC notes that as a national average, U.S. citizens who say that have contemplated taking their own lives for any reason is 5%.

AARP through its Fraud Watch Network program has published articles and podcasts that have emphasized the mental health aspects of fraud, their effects on individuals and how to cope.

Part of the problem comes from how society often regards victims of scams. We refer to victimhood as “falling for a scam,” people might say that someone was “duped” by a scammer, or someone might claim that they would not fall victim to a scam. This puts the victim down as not being as smart or intelligent to avoid “falling for” a scam. When in reality, very bright, well-educated people are victimized by scammers.

This thinking does not consider that scammers are in their own way psychologists who use their understanding of human nature to manipulate a victim to give over their money or their identity. The scammer usually plays on the emotions, both positive and negative, of the potential victim to get them to act without thinking. Evidence is mounting that most modern scammers are not individuals pursuing their criminal trade but are part of organizations, some fairly large, that can hand off victims amongst several people playing roles in a sometimes-complicated script.

A 2015 survey conducted by FINRA (Financial Industry Regulatory Authority) found that nearly 2/3 of fraud victims experience at least one non-financial serious cost to a fraud that included either severe stress, anxiety, difficulty sleeping or depression.

The difference with scams is that victims often blame themselves with thoughts that they don’t have good judgment, are too trusting, are embarrassed, and self-blame, and shame themselves. And that is without prompting from the scammer, family, or friends. If their family or friends are not supportive, then the victim can continue a downward spiral, potentially concluding that suicide is the only out. A supportive family can at least help the victim regain confidence and respect. No wonder scammers frequently try to isolate the victim from family in some scams.

A way to recover is to simply let someone know what happened to you if you have been scammed. You can have a sense of relief in letting a close friend or family member know that you were victimized. Also, your story can act as a warning that the scam is being perpetrated in your community. And, that includes reporting to your local police department or sheriff's office, and to federal agencies such as the Federal Trade Commission (FTC) at  https://reportfraud.ftc.gov/#/ and the FBI at https://www.ic3.gov/.

You may need help getting back to normal life, or something close to it. Even if you have stopped communication with the scammer, some of the repercussions of the scammer’s actions can cause difficulty in getting loans, jobs, or bring bill collectors calling on you to pay for purchases that you did not make. Dealing with these issues puts stress on your life.

Places where you can get help include,

 

·         FTC- for basic online help at https://www.identitytheft.gov/#/ for a basic recovery plan that you can follow.

·         Identity Theft Resource Center- ITRC provides the public with information on how to prevent identity theft, and issues reports on data breaches and identity theft trends. It also has a free help line, (888) 400-5530, where you can call to ask a question about identity theft or receive assistance if you are a victim of identity theft. For more information you can go to https://www.idtheftcenter.org/help-center/.

·         AARP Fraud Watch Network- AARP in addition to offering information about current scams, has a hotline, 877-908-3360, that can assist you if you are caught up in a scam. The hotline is open to people of all ages. For information on preventing a scam go to https://www.aarp.org/money/scams-fraud/.

·         AARP ReST- AARP in conjunction with the Volunteers of America have a Rest (Resilience, Strength and Time) program that can give emotional support for victims of a scam. For more information about ReST go to https://www.aarp.org/money/scams-fraud/voa-rest-program/?cmp=RDRCT-62f39e08-20210528.

·         988 Suicide and Crisis Lifeline- 988 provides 24-hour, 7 day a week support for people in distress and prevention and crisis resources for anyone having a mental crisis or their families. For more information go to https://988lifeline.org/.

 

Not all encounters with a scammer will cause extreme mental distress. Most will probably elicit disgust or annoyance. But you can get into a situation deep enough where you have been manipulated well enough or the signs of a scam are masked well enough that you do not realize you are scammed until you have lost a lot of money. That is the time to seek help from family or friends you trust or one of the above organizations. Your well-being will be better for it in the long run.

 

 

Identity Theft Resource Center- Consumer Impact Report:

The ITRC will send you a free copy via email-

https://www.idtheftcenter.org/publication/2023-consumer-impact-report/

 

The Record:

https://therecord.media/small-business-ransomware-attacks-mental-health-rusi-study

 

AARP:

https://www.aarp.org/money/scams-fraud/info-2022/mental-health-impact.html

 

AARP: The Perfect Scam Podcast:

The following episodes tell stories of scam victims, the effects of the scams on their mental health, and how they coped with their situations.

 

One Woman’s Story of Attempted Suicide and Survival After a Scam Part 1-

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/words-with-friends-scammer.html

One Woman’s Story of Attempted Suicide and Survival After a Scam Part 2-

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/words-with-friends-scammer-part-2.html

Scam Victim Turns Movie Star:

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/jerry-hsu-scam-victim-movie.html

A Veteran Rebuilds His Life After a Scam Takes Everything:

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/veteran-targeted-on-dating-app.html

 

Psychology Today:

This article from 2021 places an emphasis on scams affecting the elderly. However, scams affect people of all ages and economic levels, and the impacts discussed in this article should be applicable to any scam victim.

https://www.psychologytoday.com/us/blog/the-fraud-crisis/202101/how-does-fraud-impact-emotional-well-being

 

The Washington Post:

https://www.washingtonpost.com/technology/2022/07/13/scam-fraud-fatigue/

 

 

VALENTINES DAY- Romance Scams

With Valentines Day coming, we think of love, roses, and candy. But other people think about how to use your emotions to steal your money with a romance scam.

Romance scammers lurk in dating apps and social media ready to quickly profess affection for you. After a while they may come up with a reason to ask for some financial help with a situation or emergency. Or, lately, might offer to help you make a killing in cryptocurrency. Romance scammers have been so successful that in 2022 Americans lost $1.3 billion to romance scams according to the Federal Trade Commission. The median amount lost was $4,400 in 2022.

Romance scammers are not individuals causing havoc in people’s lives. They are organized, sophisticated crime rings that know how to manipulate their prey and rake in millions of dollars a year.

There are red flags that you can be on the lookout for that can give you a warning as you search for companionship,

 

·         The other person tries to move the relationship along quickly, professing their love in short order.

·         The other person wants to move communications quickly away to another messaging platform.

·         The other person claims to live overseas in an isolated area.

·         The other person asks for monetary help for an urgent matter such as medical expenses.

·         They want payment in a hard-to-track form such as gift cards, or cryptocurrency. Should you encounter this red flag, DO NOT GIVE MONEY TO ANYONE THAT YOU HAVE NOT MET IN PERSON!!!

·         They pull out or do not show for a planned meeting in person.

 

If you run across any of these red flags, CUT OFF COMMUNICATIONS IMMEDIATELY!!!!!

Also, report this person,

 

·         To your local police department.

·         To the FBI at www.ic3.gov

·         To the FTC at www.reportfraud.ftc.gov

 

 

 

 

 

National Cybersecurity Alliance:

https://staysafeonline.org/online-safety-privacy-basics/romance-scams/?utm_campaign=Online%20Romance%20Scams&utm_medium=email&_hsmi=292192456&_hsenc=p2ANqtz-_Ai6iDKjETd3aH3Ap9ahL5h_FqFtuylsg8PthUnHAFSIIx19leImGe2_lVcAeOzDG4pwUlz8JYzefSxYeLrQ-gWKB9PJwGghe8c0uhj-d7kVkdqws&utm_content=292192456&utm_source=hs_automation

 

 

Federal Trade Commission:

https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2023/02/romance-scammers-favorite-lies-exposed

 

 

SOCIAL MEDIA – Congress and Others Point to Failings in Protecting the Public

U.S. Senate Judiciary Committee’s hearing on Online Child Sexual Exploitation highlighted the need for action to protect children from predators and the committee and public’s frustration at the lack of response from social media companies. Despite assurances from 5 CEOs of major social media companies that they were doing all that they could to protect children from predatory behavior, committee members pressed them for more action and to support a variety of legislative bills that have been proposed for passage in Congress.

As reported in the Seattle Times, Senate Majority Whip, and chairman of the Judiciary Committee Dick Durbin, Democrat, Illinois, pointed out in his opening remarks that,

“They’re responsible for many of the dangers our children face online. Their design choices, their failures to adequately invest in trust and safety, their constant pursuit of engagement and profit over basic safety have all put our kids and grandkids at risk.”

The comments of the chairman and committee members point to their frustration that the social media companies such as Meta (Facebook, Instagram), TikTok, Twitter (also known as X), Discord, and SNAP have not met the challenge to keep children safe or to give a good faith effort to work with Congress to draft legislation that would take measures to help protect children. Senator Lindsey Graham, Republican, South Carolina, and the Republican ranking member on the committee, even said that the social media companies have “blood on their hands.”

The hearing pointed to the need for social media companies to devote more resources to keeping their member’s safety and for legislation that makes sure social media is adhering to a set of rules that truly ensure the safety of social media users.

Multiple committee members pressed the CEO’s on whether they would give their support to several proposed pieces of legislation that have been introduced to Congress with few takers. Legislation mentioned during the hearing included,

·         Stop CSAM (Child Sexual Abuse Material) Act. The Stop CSAM Act includes mandatory child abuse reporting, expansion of protections for child victims and witnesses in federal court, facilitates restitution for victims of child exploitation, human trafficking, sexual assault, and crimes of violence, empowers victims by making it easier to ask tech companies to remove child sexual abuse material from their platforms.

·         Earn It Act. Creates targeted exceptions to Section 230* of the Communications Decency Act of 1996 to remove blanket immunity from civil and criminal liability under child sexual abuse material laws and establishes a National Commission on Online Child Sexual Exploitation Prevention.

·         Shield Act. This New York law, passed in 2019, imposes stronger obligations on businesses that handle personal and private information to mitigate threats that contribute to identity theft, such as data breaches and data leaks.

·         Cooper Davis Act. Requires social media companies and other communication service providers to report to the DEA when they have actual knowledge that illicit drugs are being distributed on their platforms or when someone who is not a practitioner or online pharmacy is distributing prescription pain medications and stimulants.

·         Protect Act. Would raise the mandatory minimum for possession of child pornography to the same level as for its receipt (that is five years imprisonment).

·         Kids Online Safety Act. Requires covered platforms (including social media sites) to design and operate their products or services that are used by minors to prevent and mitigate certain harms such as sexual exploitation and online bullying. Platforms must provide minors with certain safeguards such as settings that restrict access to minors’ personal data and provide parents or guardians with tools to supervise the minors’ use of a platform, such as control of privacy and account settings.

 

*Section 230 of the Communications Decency Act of 1996 states:

“No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”

 

AARP recently highlighted the issue of account takeovers in their podcast The Perfect Scam. While their focus was beyond children’s exploitation on social media, it pointed to a similar source of the problem- lack of action on the part of social media. The two-part episodes, “’National Geographic’ Photographer Paul Nicklen Warns About Social Media Imposters,” describe the challenges that victims of account takeovers have on social media such as Facebook, with scammers using their accounts to promote all sorts of scams include romance scams, importer scams, and celebrity scams.

Victims include celebrities and “common people” who experience problems in regaining control of their accounts. They also can have problems, whether they can regain control or not, with their reputations and with letting their friends know that they are not perpetuating the scams being used in their names. For example, Paul Nicklen, the National Geographic photographer, constantly takes down fake sites and accounts that pretend to be him and constantly reminds is followers that he is not asking for money or sending them individual emails that they are his favorite follower.

 Kevin Long is the owner of Social Imposter (https://www.socialimpostor.com/) which helps high end people remove fake accounts. He relates several of his efforts in trying to convince social media companies to improve their cybersecurity measures in favor of their users, with no success.

Social media companies, such as Facebook, provide slow or no response to complaints, do not have clear or effective procedures that help account holders to regain their accounts, and do not provide a means to talk to an actual person in a cybersecurity or fraud department.

Comment: Fighting and preventing crime takes all of us. Not only in physical crimes, but also in cybercrime. Over recent years many elements of our society have been forming to fight one form or another of cybercrime including government, non-profit and profit-making organizations, and we the public. There is much work to be done to improve what we do now. But we need all elements of our society to work on this problem; government, the public, non-profits, and business. Hopefully together.

Consensus may be growing that social media businesses need to step up to do more to protect their users from cybercrime. That consensus certainly resides in the Senate Judiciary Committee and at AARP. Failing action from social media, Congress needs to coalesce together to form an effective strategy, and if necessary, require social media companies to join the team.

 

 

 

 

 

 

 

The Seattle Times:

https://www.seattletimes.com/business/meta-tiktok-and-other-social-media-ceos-to-testify-before-senate-committee-on-child-exploitation/

 

CSPAN:

https://www.c-span.org/video/?532641-101/short-take-recap-social-media-executives-testimony-child-sexual-exploitation

https://www.c-span.org/video/?532641-1/social-media-company-ceos-testify-online-child-sexual-exploitation-part-1

 

AARP:

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/paul-nicklen-part-1.html

https://www.aarp.org/podcasts/the-perfect-scam/info-2023/paul-nicklen-part-2.html

 

Ask Leo:

https://askleo.com/what-to-do-when-your-account-is-hacked/

 

Security.org:

https://www.security.org/digital-safety/account-takeover-annual-report/

https://www.security.org/digital-safety/account-takeover-prevention/

 

 

SNOHOMISH COUNTY 911 – Nurse Navigation Program

This week, Snohomish County 911 and the Snohomish County fire districts announced the implementation of a new feature that will help free up fire district medical aid and transport assets for truly emergency medical situations. Last year Snohomish County 911 received almost 111,500 fire and emergency medical calls. Up to 17,000 of those calls were for non-emergency situations. Often, the only solution for non-emergency medical situations is to send a fire district aid vehicle or an ambulance for transport to an emergency room.

The answer is the Nurse Navigation Program. With the Nurse Navigation Program, if a call taker determines that a medical emergency is not life-threatening, they can forward the call to a remote team of nurses who will make their own determination of the seriousness of the situation and will either have an ambulance dispatched for transport to an emergency room or recommend to the patient to go to a medical clinic, to their primary care provider, or to schedule a telehealth visit. If needed, the nurse can help coordinate rideshare transportation to and from an appointment, free of charge. Nurses are licensed to practice in the State of Washington.

 

The program is operated in partnership with Global Medical Response of Dallas, Texas, and the Snohomish County Fire Chiefs Association. Snohomish County 911 expects to redirect 3,000 to 5,000 emergency calls to nurse navigators in 2024. Global Medical Response operates out of 29 emergency response systems in 14 states. Most systems route 3% to 5% of their calls to navigation nurses in the first year with the percentage going up to 15% for some programs after the first year.

The program will match the right care for the patient, making the care more timely and less expensive for the patient.

During a medical situation you should call 911 when someone is experiencing,

·         trouble breathing

·         seizures

·         fainting

·         severe injuries

·         severe allergic reaction

·         chest pain, a heart attack or cardiac arrest

·         other severe pain or urgent medical issues

 

 

 

The Herald:

https://www.heraldnet.com/news/in-new-program-nurses-help-911-callers-who-dont-need-an-ambulance/

 

South County Fire:

https://www.southsnofire.org/Home/Components/News/News/1971/1372

 

Snohomish County 911:

https://sno911.org/nursenavigation/?fbclid=IwAR1Fg4DIZqUl9Rv82iaKYcZs4XEftIHJAEjQ5W_U68rxcFw738T_lpB-QeE#should-i-call-911-to-schedule-any-follow-up-or-future-appointments-at-the-medical-clinic-in-which-i-was-seen

 

 

EDMONDS – Mail Theft

Last week’s news reports that a US Postal Worker was robbed of several mailbox keys for several mail routes in Edmonds acts as a reminder that mail theft is still alive and well.

As noted last June, check washing through mail theft has been on the rise despite the migration to online shopping and payments. And according to some, mail theft has migrated from local individuals to organized groups stealing mail from homes, apartments/condominiums and even the Postal Services blue mail collection boxes. While check washing received much attention last year, you can assume that mail thieves are still on the lookout for opportunities for identity theft by stealing blank checks, credit cards, and bank/credit card statements with account numbers on them.

Check washing is where a criminal takes a check that someone has written, then erases the recipient in the “to” line and the amount, usually with nail polish remover, then fills in a new person as the recipient and a new amount, often more than the original amount.

Here are some tips to protect your outgoing checks and your other mail from theft,

 

·         Pay your bills online. This is the safest and quickest way to pay your bills.

·         Deliver your mail to a post office. Don’t leave your check in your own mailbox for pickup. Especially if you need to raise the red flag to let the letter carrier know you have outgoing mail. That flag is a sure sign to a mail thief to take your mail. Take your check directly to your local post office. Don’t leave it in the blue box outside but take it inside to the outgoing mail slot or box inside.

·         Use a pen with blue or black non-erasable gel ink. Gel ink is more difficult to remove than ball point ink.

·         Don’t let delivered mail sit in your mailbox. Collect the mail in your mailbox as soon as you can after delivery, at least once a day. If you are away, ask a trusted neighbor to pick up your mail or have the post office hold your mail until you return.

·         Monitor your bank account. Check your bank account online every few days.

·         Report incidents quickly. Contact your bank as soon as possible after suspicious activity; banks are generally required to replace funds stolen via fraudulent checks, but only if the scam is reported within 30 days of the date of your bank statement. Also, contact the U.S. Postal Inspection Service and credit reporting agencies.

 

 

 

 

FOX13:

https://www.fox13seattle.com/news/armed-suspect-robs-edmonds-postal-worker-steals-mailbox-keys

 

South Snohomish County Crime Watch:

https://ssnoccrimewatch.blogspot.com/2023/06/mail-theft-check-washing-is-on-rise.html

 

AARP Fraud Watch Network:

https://www.aarp.org/money/scams-fraud/info-2023/stop-check-washers.html

 

U.S. Postal Inspection Service:

https://www.uspis.gov/news/scam-article/check-washing

https://www.uspis.gov/report

 

SNOHOMISH COUNTY SHERIFF’S OFFICE- Protecting Your Devices from Theft

Protecting your PC, laptop, smartphone from theft is important, not only for the hardware, but also for the sensitive information that they contain. Check out the latest issue of the Sheriff Office’s crime prevention newsletter, “Partners in Crime Prevention,” for tips to protect your hardware.

 

 

SNOHOMISH COUNTY SHERIFF’S OFFICE:

https://www.snohomishcountywa.gov/ArchiveCenter/ViewFile/Item/7104