• Categories

  • Archives

  • Pages

  • Who. What.

    For the trial law and legal community from a private investigator's perspective. The Beacon Bulletin is the weekly newsletter authored and published by our parent company, Beacon Network Investigations, LLC (BNI). We're a private investigation company. We DON'T dispense legal advice, respond to anonymous queries or black hat your enemies for you. (Internally, however, points are alloted for perfectly wordsmithed compliments.) We DO hope to inform. That's our business.
  • August 2019
    M T W T F S S
    « Jul    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • Recent Posts

How To Tell If You Are Being Tracked Via Cell Phone.

spying

Have an unshakable feeling that someone is tracking your whereabouts and conversations via your cell phone? Given the ease of use and access to spyware tools these days, coupled with your involvement in a hostile situation (divorce, child custody or partnership split), you just might be right.  Know what to look for and what to do.

Access is key

Since installing tracking apps and spyware requires physical access to your phone, the easiest way to prevent these mobile intrusions is to keep your phone secure. Obviously, though, you can’t take your phone everywhere – you have to shower sometime – make sure you set a PIN to your phone – and make it a difficult one (no birthdays, addresses, anniversaries, etc.).

Has your iPhone been “jailbroken”?

In order to install tracking or spyware to your iPhone, a process called “jailbreaking” is required to bypass Apple’s strict security.  The person tracking you may have been in a rush and they might not have deleted jailbreaking apps, the most commonly used are: Cydia, Icy, Installer, Installous and SBSettings.  Simply swipe right on your home screen to search your phone, as they won’t necessarily show up with an app icon.

Check your bills

If there’s a tracking app or spyware on your phone, it will more than likely contain a GPS aspect to it which would send your data usage through the roof.   Check your bill for a spike in this usage.

Signs you may have tracking apps or spyware installed

There are tell-tale signs that your phone might be tracking you without your knowledge, such as:

  • Does the battery run down a lot quicker than it should, and stay warm even when idle?
  • Does it stay lit when you try to turn the screen off, or light up when you’re not doing anything?
  • Is it slower running apps than normal?
  • Are there unfamiliar applications running in the background?
  • Does it take forever to shut down?

Don’t ignore odd messages

If you receive a text message full of what looks like computer code, or garbled numbers, it is possible it’s an ‘instruction’ message sent by the remote controller of the tracking software on your phone; the spyware works by receiving such messages and although they are meant to go unnoticed, may sometimes appear in your inbox.

How to remove tracking apps and spyware

Keep your phone’s software up to date, use anti-malware software and delete anything suspicious. But the only sure way is to do a full backup to your computer, reset your phone to factory settings and then reinstall everything one by one, making sure to only reinstall apps you know and trust.

If you’re using an iPhone that you suspect has been jailbroken, upgrade to the latest version of iOS as this will reverse the jailbreak and remove the malignant software – just make sure you’re backed up first.

Finally, run one of the below top five (as determined by Lifehacker) malware removal products:

  • Spybot Search & Destroy (Windows, Freeware)
  • SUPERAntiSpyware (Windows, $30)
  • ComboFix (Windows, Freeware)
  • Malwarebytes’ Anti-Malware (Windows, $25)
  • HijackThis (Windows, Freeware)

(They are found on CNet and, reviewed there as well.)

The bottom line is situational awareness.  If you are in the process of a divorce, business partnership split-up, other litigation, etc.  believe that someone will try to get an inside peek into your life.  Remain vigilant.

BNI Operatives: Situationally aware.

As always, stay safe.

The Three Biggest Security Threats We Face In 2016

hacker

 

Welcome, 2016 and here come the security threats!

Extortion Hacks

2014 brought us the Sony hack wherein millions of confidential records, including internal emails between corporate executives – that revealed the still-thriving prejudices that exist in Hollywood  – were illegal, electronically obtained and released to the public.  Because they (the hackers) could.

2015 progressed to extortion hacks; nimble-fingered computer criminals accessed private client information from Ashley Madison hack, taking down a CEO and exposed possibly millions of would-be cheaters to public ridicule and worse; and then the hack of InvestBank in the United Arab Emirates, which resulted in the exposure of customer account information.

Extortion hacks play to the deepest fears of companies and top executives everywhere.  If mishandled, company secrets run the risk of exposure, clients can file lawsuits and these very executives stand to lose their jobs. 2016 will see a massive rise in extortion hacks with astronomical demands.

 

Data Change/Manipulation Attacks

From Wired:

In testimony this year, James Clapper, the director of national intelligence, told Congress that cyber operations that change or manipulate digital data in order to compromise its integrity—instead of deleting or releasing stolen data—is our next nightmare. Mike Rogers, head of the NSA and US Cyber Command said the same thing. “At the moment, most [of the serious hacks] has been theft,” Rogers said. “But what if someone gets in the system and starts manipulating and changing data, to the point where now as an operator, you no longer believe what you’re seeing in your system?”

Data sabotage can be much more difficult to detect than the kind of physical destruction caused by Stuxnet. That’s because data alterations can be so slight yet have enormous consequences and implications. Anyone remember the Lotus 1-2-3 bug back in the 90s that would produce accounting miscalculations in spreadsheets under certain conditions? That was an unintentional error. But attackers could get into financial and stock-trading systems to alter data and force stock prices to rise or fall, depending on their aim.

Certain types of data manipulation could even result in deaths. In 1991 a Patriot missile in Saudi Arabia during the first Gulf War failed to intercept an incoming Scud missile due to a software glitch in the weapon’s control computer, allowing the Scud to hit an Army barracks and kill 28 soldiers. Again, this was an unintentional bug. But Chinese spies have invaded numerous US defense contractor networks in the last decade, raising concern among US military officials that they’re not just stealing blueprints to copy weapons, but might also alter or insert code to sabotage the integrity of weapons systems and change how they operate.

 

Chip and Pin Credit Card Hacks

From Tripwire:

Over the course of the last decade, major credit card companies have begun to implement EMV or “chip and pin” technology. This system requires that a card reader retrieve the customer’s information off of their card’s magnetized chip, which is followed by the cardholder entering in their PIN number.

As a result, chip and pin essentially constitutes a method of two-factor authentication (2FA) for payment card purchases. It is an added security measure that is designed to prevent credit card fraud if a card is physically stolen, so it is natural that VISA, Mastercard and others would switch to EMV technology – even despite the fact that many companies were just recently unprepared for the transition.

I just received my credit and bank EMV-embedded cards.  As the Tripwire article mentions, many merchants are still unprepared to process these cards but that’s the least of worries.  Given that 69% of most purchases utilizing these cards now occur online, the one-time code per transaction is irrelevant as neither the card or a PIN is required for online purchases.  So we are back to cyber criminals simply stealing the card numbers.

The good news is that law enforcement agencies are hiring in record numbers those with anti-hacking experience!

Be smart:  buy via trusted online vendors or use secure purchase transaction portals such as PayPal.

BNI Operatives: Situationally aware.

As always, stay safe.

 

Can Someone Hack Your Passport? RFID Wallets and More.

scanner
As of now, most credit cards and debit cards issued within the past decade have RFID (Radio Frequency IDentification) technology embedded in them. All US passports issued since August, 2007 and later have RFID chips that track your data and photo. RFID chips are a convenient way to store and read data – instead of having to swipe your card through a reader, you can simply wave your card in front of an RFID scanner without even taking it out of your wallet.  Such comfort!

Unfortunately, RFID technology used to track sensitive data in many of today’s portable identifiers (e.g. cards) can be easily scanned without you ever knowing.

How can RFID-hacking occur and how to protect your RFID-chipped documents when traveling:

What is RFID technology?

RFID stands for Radio-Frequency IDentification. The acronym refers to small electronic devices that consist of a small chip and an antenna. 

The RFID device serves the same purpose as a bar code or a magnetic strip on the back of a credit card or ATM card; it provides a unique identifier for that object. And, just as a bar code or magnetic strip must be scanned to get the information, the RFID device must be scanned to retrieve the identifying information.

RFID Works Better Than Barcodes

A significant advantage of RFID over barcodes is that the RFID device does not need to be positioned precisely relative to the scanner. We’re all familiar with the difficulty that store checkout clerks sometimes have in ensuring that a barcode can be read. And obviously, credit cards and ATM cards must be swiped through a special reader.

In contrast, RFID devices will work within a few feet (up to 20 feet for high-frequency devices) of the scanner. For example, you could just put all of your groceries or purchases in a bag, and set the bag on the scanner. It would be able to query all of the RFID devices and total your purchase immediately.

 

It’s a scary thought to entertain and if it bothers you, keep reading to find out what you can do about it.

How can you stay safe against hacked RFID chips?

Unfortunately, the danger is that someone could build a counterfeit reader – which wouldn’t be too difficult for anyone who is experienced in that field – and pick up your RFID information without your consent or even knowledge. Counterfeit card readers existed before RFID, but you were required to physically swipe your card through a slot; counterfeit RFID readers can pull or delete data without so much as you walking by.

On the market now are RFID-blocking sleeves, pouches, wallets and other such personal item carriers. A proper RFID blocker will utilize something called a “Faraday cage” (a grounded metal screen surrounding a piece of equipment to exclude electrostatic and electromagnetic influences) and the specification you want to look for is “electromagnetically opaque”. These RFID blockers will prevent illegitimate reading of your RFID-embedded objects.

Not all RFID-blocking wallets are made equal; some are more effective than others. In addition, even the most effective RFID-blocking wallets can fail, whether due to wear and tear or user error. These products will help keep you safe, nonetheless, exercise caution and common sense when traveling.

 

At Corporate Travel Safety, you can purchase RFID-reader blocking items such as wallets, full-sized/mini document holders, ladies’ clutches and handbags, neck holders, inside front pocket sleeves, etc.  We’ve bought and used several of their products and have for years with no negative incidents to date.

neck pouch

BNI Operatives: Situationally Aware.

As always, stay safe.

8 Sure Signs That Your Computer Has Been Hacked (Owned) & A Free Email Tester

hacked

I’m not going to go into a long-winded definition of hacking.  We all know what it is and have all experienced malware in some form or to some degree with our computing experiences.

Cutting to the chase then,  below are eight clear signs that your system is compromised, followed by a free online tool that tells you immediately if your email has been compromised.

No. 1: Fake antivirus messages

Fake antivirus warning messages are among the surest signs that your system has been compromised.  (By the time you see this warning, the damage has been done.  Clicking No or Cancel will do nothing to stop the virus.  The malicious software has already corrupted your PC – often through the Java Runtime Environment or an Adobe product,)

What to do: As soon as you notice the fake antivirus warning message, power down your computer. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed malware (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other malware remnants left behind.

No. 2: Unwanted browser toolbars

This is probably the second most common sign of system corruption: Your browser has multiple new toolbars.

What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages.

No. 3: Redirected Internet searches

You can often spot this type of malware by typing a few related, very common words (for example, “puppy” or “goldfish”) into Internet search engines and checking to see whether the same websites appear in the results — almost always with no actual relevance to your terms.
What to do: Follow the same instructions as above. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.

No. 4: Frequent random popups

This popular sign that you’ve been hacked is also one of the more annoying ones. When you’re getting random browser pop-ups from websites that don’t normally generate them, your system has been compromised.  Even legitimate websites, can bypass your browser’s anti-pop-up mechanisms.

What to do: Once again, typically, random pop-ups are generated by one of the three previous malicious mechanisms noted above. You’ll need to get rid of bogus toolbars and other programs if you even hope to get rid of the pop-ups.

No. 5: Your contacts receive fake emails from your email account

This is the one scenario where you might be OK. It’s fairly common for our email contacts to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

These days it’s more common for malicious emails to be sent to some of your contacts, but not everyone in your email address book. If it’s just a few contacts and not everyone in your email list, then more than likely your computer hasn’t been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts’ email addresses. Although not always the case, the bogus emails they send to your contacts often don’t have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.

What to do: If one or more contacts reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it’s nothing to worry about, but a check-up can’t hurt.

No. 6: Unexpected software installs

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked.

In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, “But we are a legitimate software company.” Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I’ll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can’t.

What to do: There are many free programs that show you all your installed programs and let you selectively disable them. One favorite is Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn’t legitimate. When in doubt, disable the unrecognized program, reboot the PC, and re-enable the program only if some needed functionality is no longer working.

No. 7: Your mouse moves between programs and makes correct selections

If your mouse pointer moves itself while making selections that work, you’ve definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved.

Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load.

What to do: If your computer “comes alive” one night, take a minute before turning it off to determine what the intruders are interested in. Don’t let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you’re going to need expert help.

Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you’ve been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you’ve lost any money, make sure to let the forensics team make a copy first. If you’ve suffered a loss, call law enforcement and file a case. You’ll need this information to best recover your real money losses, if any.

No. 8: Your antimalware software, Task Manager, or Registry Editor is disabled and can’t be restarted

This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn’t do it, you’re probably exploited — especially if you try to start Task Manager or Registry Editor and they won’t start, start and disappear, or start in a reduced state. This is very common for malware to do.

What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say “hard work” because usually it isn’t easy or quick.

HAS YOUR EMAIL BEEN HACKED?

A major concern we all have is whether our email accounts have been hacked/owned and that we might experience data leaks if that is the case.  I use this one very reliable digital tool to test for any emails breaches:

PWNEDLIST.COM

(Most legit email testers or anti-hacking sites substitute the “O” in “owned” with a “p” to lessen the confusion between the letter and the numeral zero.)

General rule of thumb regarding online security: If it feels weird, it is.

BNI Operatives: Situationally aware.

As always, stay safe.

%d bloggers like this: