Pete Recommends – Weekly highlights on cyber security issues, December 16, 2023

Subject: Verizon fell for fake “search warrant,” gave victim’s phone data to stalker
Source: Ars Technica

Verizon tricked by fake cop, fake search warrant despite obvious warning signs.Verizon Wireless gave a female victim’s address and phone logs to an alleged stalker who pretended to be a police officer, according to an affidavit filed by an FBI special agent. The man, Robert Michael Glauner, was later arrested near the victim’s home and found to be carrying a knife at the time, according to the affidavit submitted in court yesterday.

Glauner allegedly traveled from New Mexico to Raleigh, North Carolina, after finding out where she lived and, before arriving, sent a threatening message that said, “if I can’t have you no one can.” He also allegedly threatened to send nude photos of the victim to her family members.

Glauner was charged yesterday with stalking and fraud “in connection with obtaining confidential phone records” in US District Court for the Eastern District of North Carolina. We aren’t posting or linking directly to the court record because it seems to contain the victim’s home address. The incident was previously reported by 404 Media.

Fake cop, forged judge’s signature

An email to Verizon from [email protected] on September 26, 2023, said, “Here is the pdf file for search warrant. We are in need if the [sic] this cell phone data as soon as possible to locate and apprehend this suspect. We also need the full name of this Verizon subscriber and the new phone number that has been assigned to her. Thank you.”

+ comments


Subject: FTC Warns be skeptical about QR codes
Source: FTC via The Verge

FTC: “Scammers hide harmful links in QR codes to steal your information. QR codes seem to be everywhere. You may have scanned one to see the menu at a restaurant or pay for public parking. And you may have used one on your phone to get into a concert or sporting event, or to board a flight. There are countless other ways to use them, which explains their popularity. Unfortunately, scammers hide harmful links in QR codes to steal personal information. Here’s what to know. There are reports of scammers covering up QR codes on parking meters with a QR code of their own. And some crafty scammers might send you a QR code by text message or email and make up a reason for you to scan it. These are some of the ways they try to con you:

  • they lie and say they couldn’t deliver your package and you need to contact them to reschedule
  • they pretend like there’s a problem with your account and you need to confirm your information
  • they lie, saying they noticed suspicious activity on your account, and you need to change your password
  • These are all lies they tell you to create a sense of urgency. They want you to scan the QR code and open the URL without thinking about it…”

Other FTC Consumer Alerts:

NYT Article (sharable):

Subject: Your Smart TV Knows What You’re Watching
Source: The Markup

Here’s how to turn off “automated content recognition,” the Shazam-like software on smart TVs that tracks what you’re watchingIf you bought a new smart TV during any of the holiday sales, there’s likely to be an uninvited guest watching along with you. The most popular smart TVs sold today use automatic content recognition (ACR), a kind of ad surveillance technology that collects data on everything you view and sends it to a proprietary database to identify what you’re watching and serve you highly targeted ads. The software is largely hidden from view, and it’s complicated to opt out. Many consumers aren’t aware of ACR, let alone that it’s active on their shiny new TVs. If that’s you, and you’d like to turn it off, we’re going to show you how.

Jump to your TV

Subject: Without a Trace: How to Keep Your Phone Off the Grid
Source: The Markup

We answer the questions readers asked in response to our guide to anonymizing your phone

… a topic that sparked some serious interest after we published a guide on anonymizing your phone in October.

In the piece, Wesley Callow—The Markup’s IT specialist—and I put on our trenchcoats and gave you a behind-the-scenes look at our quest for phone anonymity. We gave you a step-by-step guide on how to set up an off-the-grid phone, and a glimpse into why, personally speaking as a journalist, having one is so important for protecting my sources and staying safe (for example: making sure my contacts are aware that they have a secure way to communicate with me—or preserving my own privacy by ensuring my private information isn’t attached to any account).

The feedback was dynamic, and I was delighted to chat with readers who share similar interests. Some of those conversations included questions and responses that could benefit a broader audience. So, tech detective Wesley and I dug a little deeper into some of the remaining questions.


RSS feed:

Subject: How QR codes work and what makes them dangerous – a computer scientist explains
Source: The Conversation

Among the many changes brought about by the pandemic is the widespread use of QR codes, graphical representations of digital data that can be printed and later scanned by a smartphone or other device, but there are some security risks. The Federal Trade Commission warned again in December 2023 about the danger of scanning a code from an unknown source.QR codes have a wide range of uses that help people avoid contact with objects and close interactions with other people, including for sharing restaurant menus, email list sign-ups, car and home sales information, and checking in and out of medical and professional appointments.

QR codes are a close cousin of the bar codes on product packaging that cashiers scan with infrared scanners to let the checkout computer know what products are being purchased. Bar codes store information along one axis, horizontally. QR codes store information in both vertical and horizontal axes, which allows them to hold significantly more data. That extra amount of data is what makes QR codes so versatile.

Are QR codes dangerous? QR codes are not inherently dangerous. They are simply a way to store data. However, just as it can be hazardous to click links in emails, visiting URLs stored in QR codes can also be risky in several ways.


* BONUS * QR code for this article on The Conversation:

Posted in: Big Data, Cybercrime, Cybersecurity, Privacy