Information Technology

Ed Bott / Elyse Betters Picaro / ZDNETI’m not a sucker, but I played one on the internet last month — purely in the interest of science, of course. My text messages and email spam folder are filled with the usual assortment of shady stuff from online crooks. As a public service, I decided to play along with the bad guys to see what happens.Also: The best VPN services (and how to choose the right one for you)Before we get started, let me stress one thing: Don’t try this yourself. I did my experimentation in virtual machines and sandboxed environments where I knew my personal data wasn’t exposed. You might be tempted to click a link, just to see what happens. That’s a very bad idea, because what happens can sometimes be catastrophic. So, a little bit louder now: Don’t try this at home.The scams and online attempted attacks I encountered were all depressingly common. You’ve probably run across similar examples on your own devices. None of these crooks are criminal masterminds; for the most part, they’re petty thieves trying to get you to do something that will give them access to your identity or money. Here’s what I found. 1. The fake security upgrade We’ve all been trained to pay attention to security alerts, so when I received an email telling me that “suspicious activity” had been detected on my Wells Fargo Securities account, I was alarmed. Mostly because I don’t have an account with that institution, but these crooks are playing a numbers game: Some percentage of the people they reach with this mass mail will have one of those accounts. So, on behalf of Wells Fargo customers everywhere, I clicked that link, which took me first to a page that simulated a Captcha, and then to this scary-looking dialog: More

Kingston IronKey D500S. Adrian Kingsley-Hughes/ZDNETThe Kingston Ironkey D500S More

bigtunaonline/Getty Images If you find your personal information in a Google Search, like your phone number, address, or email, Google just made it easier to make sure it doesn’t show up again. Several years ago, Google introduced a “Results about you” tool that lets you track your personal information online and remove it from search […] More

Elyse Betters Picaro / ZDNETHigh-profile officials, including national security adviser Mike Waltz, have inadvertently exposed their networks through public Venmo accounts, according to WIRED. This serves as an important reminder for all Venmo users to review their privacy settings.Also: Did you get paid through Venmo, CashApp, or PayPal in 2024? The IRS will knowIf you haven’t checked your Venmo settings, your entire friends list and transaction history may be visible to the public. While it might seem harmless if someone sees that you sent a friend $10 for a shared pizza last month, your account could be revealing far more sensitive information than you realize. What people can see on Venmo By default, Venmo makes every payment and description public. The amount is hidden, but just by browsing through a few random friends’ accounts, I was able to see the location of their kids’ sports leagues, the name of a wedding venue for an upcoming ceremony, the name of a child’s classmate at elementary school, and even restaurants they frequent.Also: This new tool lets you see how much of your data is exposed online – and it’s freeJust as concerning is that your friends list is also public by default. Looking at my friends’ contact lists, it wasn’t hard to find their family members, coworkers, children’s teachers, daycare workers, and more. This information could be exploited by anyone — online trolls, stalkers, ex-spouses, law enforcement (in 2019, federal prosecutors used Venmo transactions as evidence in the case against a man involved in rapper Mac Miller’s death), or criminals.A few years ago, BuzzFeed was able to find former President Joe Biden’s Venmo account. The issue wasn’t that the public could see he sent money to his grandchildren for their birthdays, but that it exposed an entire web of contacts, including family members and senior White House officials (and their networks).Also: The best data removal services: Delete yourself from the internetNow, WIRED has reported that the US’s national security adviser, along with other senior officials, left their Venmo accounts public, exposing their extensive network of personal and professional connections. Waltz’s account, for instance, displayed a list of 328 people, including figures like White House chief of staff Susie Wiles and several prominent media figures. This kind of exposure could be exploited by foreign intelligence services, posing a potential national security risk.While researching for this article, I found several public profiles for local politicians, athletes from pro sports teams in my area, heads of local law enforcement organizations, local TV reporters, and more. By looking at each of their profiles, I got a clear picture of the people they interact with and the places they visit. More

WhataWin/Getty Images On March 10, X experienced multiple outages, with tens of thousands of users reporting the social site was down for them. Later that day, after multiple failures, X came back online. What caused this? While the pro-Palestinian hacking collective known as Dark Storm Team claimed responsibility on Telegram for a distributed denial of […] More

Dgwildlife/Getty Images Once upon a time, I was hired by a client, but I wasn’t sure if they could be trusted. I couldn’t ignore this suspicion, but they offered to pay me rates I’d never been paid before.  I accepted the gig, knowing I’d have to take extra precautions to keep my information safe. Instead […] More

ZDNETMessaging app Signal is in the news, and not for anything positive. Defense Secretary and former Fox News contributor Pete Hegseth recently demonstrated how not to use a secure communications channel to share sensitive and classified information. A reporter for The Atlantic found himself inadvertently included in a text conversation among senior administration officials discussing plans for military strikes in Yemen. The situation is a major problem for a few key reasons, as described by BBC News. Also: WhatsApp vs. Signal vs. Telegram vs. Facebook: What data do they have about you?However, Signal itself is not to blame. Rather, the onus falls on the government officials who failed to take the proper precautions. In the right hands, Signal can be an effective tool for keeping your chats private and secure. So, what is Signal, and why might you opt to use it instead of another messaging app? Here are seven reasons. 1. End-to-end encryption By default, Signal secures your texts (and your phone calls) with advanced end-to-end encryption. This means that no one, including the Signal Foundation, can read your messages or listen to your calls. For this, Signal uses its own built-in open-source encryption protocol. Not all messaging apps and formats encrypt your texts by default. And when compared with the ones that do, Signal’s protocol is still considered among the best.2. No ads or trackers With Signal, you won’t see any ads or marketing messages, and you won’t be tracked. The Signal Foundation is a non-profit organization focused on privacy and security. This contrasts with other messaging apps such as Facebook Messenger, iMessage, and even WhatsApp, all of which can collect certain metadata about your texts. More

rob dobi/Getty Images A widespread “smishing scam” is targeting people for their personal information under the guise of unpaid tolls. In recent months, the American public has been hit with waves of texts claiming they owe unpaid tolls or E-ZPass bills. The FBI’s Internet Crime Complaint Center has logged more than 60,000 reports of the […] More