An old saying goes, “When it rains, it pours” which is another way of saying bad things seem to happen in bunches. The people at Facebook probably feel that way right about now.
To illustrate the accuracy of the saying, the BBC reported earlier this week that scammers have been “abusing” the Facebook telephone number search function and capturing users’ personal information for years. The “malicious actors” would search using phone numbers, link them to profiles, collect names and other personal information, and then act on the data.
Some ways the scammers were able to use the information collected was to call people and address them by name, pretending to be from a bank, company, or some other organization. By knowing personal information, the scammer could build trust, present a believable image to the victim, and steal money, passwords, account information, and so forth.
Evidently, Facebook was advised of the possible security risk in 2015 but responded that it did not see it as posing a danger to any user. Unfortunately they have been proven wrong on this and anyone who followed Facebook’s advice to include a phone number to make it easier for people to find them needs to change their privacy settings and assume that their personal information has been collected. In the meantime, Facebook has disabled this particular search feature.
This has come to light now because of the other bad press the company has gotten (see our blog post here) regarding how lax it has been with the security of user data and how much detailed data they actually have. Facebook seems to represent the bad aspects of data collection and sales (see our related post here). Termed “surveillance capitalism” by a Harvard University professor, it is apparent privacy is going out the window in the digital age.
So, what are we supposed to do in this environment to ensure security of communications and privacy of data and identity? One approach is to revert back to hand written letters (do not type them on a PC) and dial telephones connected to a physical telephone line. They are not risk free but most bad actors won’t take the time to compromise either of these communication methods.
But what if you don’t want to “surrender” the convenience, flexibility, and interactivity of digital communications? Here are some suggestions from CRIP.TO. You can also check out other posts for more ideas here.
- Always think twice about what you put online. Some examples to exclude:
- Family schedules, vacation plans, or being away from home even if just for dinner or a show
- Details about family members, especially children (names, hobbies, pets, birthdays, etc.)
- Set app and account security settings to higher levels
- Use two-factor identification
- Change passwords more often
- Encrypt data and communications
Trust your encryption and communication security to CRIP.TO Black and Shield. These CRIP.TO products coupled with our comprehensive stack of services will provide you with the best end-to-end encryption and most secure communication method available to individuals and companies. Even should a bad actor intercept a CRIP.TO encrypted communication or data file, they could not unlock it and read the contents.