Tag: google

The Google Photos Scam

This is a simple phishing scam.

The title of the email is “Your photo takes first place”.

It has a Google photos logo and specifies that you have 2 albums and 9 photos on Google Photos.

Then it offers a further 1GB of space on Google Photos free of charge.

Sounds good but it’s a scam of course.

If you click the link then it asks you to confirm your login and password first, but that’s on a fake login page and it sends your details to the criminal behind this scam.

It should be obvious that this is a scam message from the fact that the email is sent from an address that cannot be Google, such as ddgre5f2avf @dconneltw.com

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Google Fined 1.5 Billion Euros by the EU

The European Union has levied a third antitrust fine against Google.

EU antitrust commissioner Margrethe Vestager said that the technology giant had abused its dominant position by forcing customers of its AdSense service to sign contracts stating they would not accept advertising from rival search engines. “The misconduct lasted over 10 years and denied other companies the possibility to compete on the merits and to innovate.”

This brings the total in fines against Google by the EU to 8.2 billion Euros, but it’s also ends the last of the investigations that were in progress.

The third fine is lower than the previous two as Google actively worked with the European Commission to change its AdSense policies after the EU announced its case in 2016.

In 2006, Google started selling its AdSense for Search product. This let companies place a Google search box on their website. When a search is entered Google shows the results but also its adverts.

Google made customers sign contracts banning them from including rival search engines on their sites. In 2009, Google allowed the inclusion of rival search engines as long as Google’s was more prominent. In 2016, around the time the EU announced its case, the company removed these terms altogether.

Possibly, to avoid further anti-trust cases On Android phones, Google used to automatically install its own services (including Google search) but has recently switched to allowing users which services they want.

Today’s fine brings an end to EU’s current trilogy of open probes, the organization is still looking at a number of other areas of Google’s business and could open new cases in future.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Data Sharing by APPS Out of Control

Oxford researchers looked at nearly one million APPS on Google Play Store and found that almost 90% of free APPS collect data and send it to Google, plus almost 40% collect data and send it to companies owned by Facebook.

Some of this is legitimate and necessary e.g. collecting and sending data on APP failures which helps the software maker to improve their product and Google Analytics data enables website owners to track their online usage via Google and so on.

But it does seem that a lot is to do with advertising.

The concept of free APPS is of course a tricky one as the APP makers have to make money somehow and passing data to potential advertisers is one way that many users won’t mind. But some of us do mind that our data is shared without our permission and this should not be allowed.

The sort of data collected can include age, gender, location, list of other installed APPS etc.

The research also found that 33% of the APPS send data to Twitter, 26% to Verizon (Yahoo, Tumblr etc.), 22% to Microsoft, 18% to Amazon etc.

These third-party trackers were mostly prevalent in news apps and apps aimed at children and young adults. By tracking user data – which includes information like age, location, gender, buying habits, and other miscellaneous information- companies can form a profile of users. This can then be used to send target specific ads, influence a user’s buying habits or even send political campaign messages.

Used in this manner, profiling of children without attempting to obtain parental consent, is illegal.

Do review the privacy settings on your APPS and delete any APPS you believe are sharing your data without your consent.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Google and Google+

Google has said that it found a software glitch in its Google+ social network in March 2018 that could have exposed the personal data of as many as half a million users, but decided not to tell the public until months later.

Google found the flaw in March during an extensive privacy and security review according to Ben Smith, Google vice president of engineering. An internal committee decided not to disclose the potential breach of Google+ because there wasn’t evidence of any misuse of the exposed data, which included names, email addresses, ages and occupations. The bug was immediately fixed at the time, he said.

The Federal Trade Commission, as the nation’s chief privacy watchdog, has the authority to investigate data breaches. The FTC can fine companies when they violate terms of a consent decree.

Google has said it plans to shut down Google+ for consumers (but leave it running for businesses) and introduce new privacy tools restricting how developers can use information on products ranging from email to file storage.

Google+ was never anywhere near as successful as Facebook and social media networks. Even so, many users still have a profile that has personal information on it. Google will shut it down over the coming months for consumers, but keep the version built for businesses open and operating.

The other changes Google is making include requiring apps to ask separately for each type of information they want from a user, such as access to calendars or address books. On Gmail, Google’s ubiquitous email service, only apps that improve email functionality will be allowed to request access.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Google Advanced Protection Programme

Google’s Advanced Protection Program safeguards the personal Google Accounts of anyone at risk of targeted attacks – such as journalists, activists, business leaders and political campaign teams.

Google say that it’s not needed for everyone, but if you feel you are a target then maybe this is a necessary safeguard for you.

Basic security for a Google account is just a password. Two factor authentication is the next step and it means you have to identify yourself using two items such as a password and a PIN sent to you by text message.

The third stage of security is the use of a physical security key.

Q. What is phishing?

Phishing is a common technique used by fraudsters to trick you into giving away your login details for example. The phishing attack may be via email, text message phone call, website or in an APP.

Q. How does Advanced Protection defend against phishing?

Even if you do fall for a phishing attack that discloses your username and password, an unauthorised user won’t be able to access your account without one of your physical Security Keys.

To enrol, you’ll need to purchase two Security Keys — one wireless-enabled key to act as your main key, and one backup key. After you enrol, other authentication factors you might be used to, like codes sent via SMS or the Google Authenticator app, will no longer work.

Safeguard your data by limiting access to it

When you sign up for new apps or services, you are sometimes asked to give access to data in your Google Account. Usually this doesn’t pose a risk, but sophisticated attackers could compromise or impersonate an app or service to gain access to your personal data. To help protect you, Advanced Protection allows only Google apps and select third-party apps to access your emails and Drive files.

As a trade-off for this tightened security, the functionality of some of your apps may be affected. Most third-party apps that require access to your Gmail or Drive data, such as travel tracking apps, will no longer have permission. And you will only be able to use Chrome and Firefox to access your signed-in Google services like Gmail or Photos.

Apple’s Mail, Calendar, and Contacts apps will continue to be able to access your Google data as normal.

A common way that hackers try to access your account is by impersonating you and pretending they have been locked out of your account. To give you the strongest protection against this type of fraudulent account access, Advanced Protection adds extra steps to verify your identity during the account recovery process.

Go to https://landing.google.com/advancedprotection/ if you want to know more about Google Advanced Security.

If you’ve enjoyed this post or found it useful then do share – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature