Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

_92023784_thinkstockphotos-482112104

Wise words on privacy, insurance company fined for privacy breach, and secure that email

February 5, 2019

Howard Solomon Howard Solomon @howarditwc
Published: February 4th, 2019
Wise words on privacy from a Canadian expert, a U.K.insurance company fined for mixing business and politics for Brexit and how to secure that email.

Welcome to Cyber Security Today. It’s Monday February 4th. To hear the podcast click on the arrow below:
I was at a privacy conference in Toronto last week where I heard the respected Canadian expert Ann Cavoukian speak. She reminded attendees that privacy and security go together: They aren’t opposites. In fact, she said, privacy is essential to innovation. Companies that do both privacy and security will have an advantage over competitors because customers will trust them more. Is improving the control customers have over their personal information costly, including giving the ability to refuse to allow their personal data to be re-used or shipped to another firm? Maybe. But, Cavoukian adds, that’s nothing to the damage to your brand, loss of trust, and lawsuits that result from a data breach.

Speaking of privacy breaches, the U.K. information commissioner has fined a British insurance company that sent over one million emails to subscribers of the Leave EU Brexit campaign without their full consent three years ago. And the campaign was fined as well for unlawfully using the insurance company to 300,000 political marketing messages to customers. It is deeply concerning that sensitive personal data gathered for political purposes was later used for insurance purposes; and vice versa,” said the information commissioner. You can read her full report here
Fake email, where an attacker uses a phony “from” email address, a deceptive domain or a display name that impersonates a familiar company, is behind many successful data breaches. Someone clicks on a link or opens an attachment and in seconds they’re infected. If only there was a way to authenticate where email comes from. Actually, there is: It’s an open standard called DMARC. The good news is more companies are using it. The bad news, according to security vendor Vailmail, is not enough of them are doing it, nor are they configuring it right. In a study released on Friday, the company said 80 per cent of U.S. federal government domains now use DMARC. By comparison at least 50 per cent of Fortune 500 and large U.S. tech companies have adopted DMARC. Does your company have a way of authenticating email it sends? You should ask.

Finally, ever wonder how cellphone companies co-ordinate the billions of phone calls and text messages sent around the world? They do it through a protocol called SS7. This protocol has vulnerabilities. However, until recently it was thought only intelligence agencies could break into it. But last week the news site Motherboard confirmed a British bank was victimized by an SS7 hack, so it seems cybercriminals now have the capability as well. What this means is the six-digit text messages a financial institution will send you as part of a two-factor authentication login system are increasingly likely to be stolen. I’ve talked about this before: The standard text messaging app that comes with many smartphones may not be safe enough for two-factor authentication. Some cellphone companies say they have taken steps to better secure their text messaging. But if you use an email, company login or bank app that offers two-factor authentication in addition to a username and password, see if it offers the ability to get the special code through a safer messaging app. Four of them are Google Authenticator, Authy, Authenticator Plus, and Duo.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

Tags: , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
privacy-coins-and-bitcoin-dominance-guide
We’ve Stopped Talking And Searching About Privacy
April 15, 2019

Kalev Leetaru Contributor AI & Big Data I write about the broad intersection of data and soci...

Read more
private
Rebiton Allows You to Buy Bitcoin and Keep Your Privacy
April 8, 2019

by Kai Sedgwick Purchasing bitcoin ought to be quick and easy, but over the years, encroaching KY...

Read more
20190323_fbd001
Big tech faces competition and privacy concerns in Brussels
March 25, 2019

And the sector may be the better for it Print edition | Briefing Mar 23rd 2019 | PARIS Around 19 ...

Read more
telegram-3m
Telegram gets 3M new signups during Facebook apps’ outage
March 19, 2019

Natasha Lomas@riptari / 5 days ago Messaging platform Telegram claims to have had a surge in signup...

Read more
privacy-coins-and-bitcoin-dominance-guide
Apple tied to new privacy website, suggesting future security marketing
March 6, 2019

The iPhone maker, which makes privacy a selling point for its devices, appears to be gearing up for ...

Read more