hack

Bill S-4 – (The not quite) Digital Privacy Act ?

I had originally wanted to wait until the Privacy Commissioner of Canada released a report on Bill S-4 before commenting but decided that I should just go ahead and post something about this senate bill.

This bill was proposed to help in the cases of security breaches, to help control identity theft. But unfortunately it may also cause individuals to have their information given to third parties without their consent or knowledge.

“an organization may disclose personal information without the knowledge or consent of the individual if

(a) the disclosure is made to the other organization, the government institution or the part of a government institution that was notified of the breach under subsection (1); and

(b) the disclosure is made solely for the purposes of reducing the risk of harm to the individual that could result from the breach or mitigating that harm.” – Bill S-4, Section 10.2 (3)

Furthermore warrants may not be required under Bill C-13 and the costs associated to the infrastructure required to keep records of your online activities would be passed onto either consumers and/or taxpayers.

Are to believe this bill is meant to improve our situation ? We would be paying more for internet and give more private information to a government that was just hacked because of the Heartbeat Bug.

I think this bill needs to be re-written. And if you do too I think you should sign the Open Media petition on Privacy.

Thank you.

Important Message For PC Users

Microsofticon will be ending their support for XP on April 8th, 2014.

This means that you have a month to upgrade to retain support for your PC.

Their will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates for this operating system so upgrading to Windows 7icon or Windows 8icon is recommended.

Please note that an upgrade to Windows 8.1icon is provided free to those upgrading from XP or Vista to Windows 8icon and that file backups are recommended prior to upgrading.

Microsoft Store

Suspended Membership Phishing/Hacking Scam

There appears to be a new Netflix scareware scam going around and I thought I’d inform you as to how it works.

Basically victims are sent a fake email directing victims to a fake Netflix site where members are asked to enter their email address and password.

Once entered this information is captured by the criminals and victims are then forwarded to another fake page claiming their account had been suspended.

This fake page then urges victims to call an 800 number to reinstate their membership which actually directs individuals to a call center in India, where fake Netflix technicians are waiting to continue their con.

When victims call this 800 number they are told that their computers have been taken over by hackers and are asked to download software to remove the hackers and/or clear their computers of viruses.

This software enables the fake Netflix technicians to access your computer and all the sensitive information found on this computer’s hard drive. But access to Netflix and your sensitive information is not the only objectives of this scam.

Victims who have gone through this process are also asked to pay for the privilege of being violated.

They are asked to pay for the clean-up, a five year membership for an anti-virus program and a five year membership for a firewall.

In exchange for payment by credit card the fake technicians offer a coupon code for a discount on Netflix membership. But not only do they request credit card information for payment but also ask their victims to send photo identification to them.

This information of course enables them to steal identities, as well as to defraud their victims through their credit card. And Netflix members will not likely be the only target because it can be adapted to target any online membership.

The best defense against this scam is to ignore the links and phone numbers provided in these emails and contact a company directly via their web site.

If there are real issues with your account at a particular company their customer service department should be able to help you.

I bookmark the sites I access the most in my internet browser and use those links instead. And using spam filters on your email also helps because some filters will keep these phishing attempts out of your inbox if enough people label it as spam.

Most webmail sites have spam filters and you can install free spam filters for your PC by clicking on the following logo :

Award-winning anti spam filter

Update On Playstation Network Breach

It appears that Playstation Network and Qriocity users can breathe more easily when it comes to their credit card information.

Sony has stated that a vital piece of information related to purchases, the card security code, was NOT stored or archived by their system.

This code, which is usually three or four digits long, is used to confirm purchases online and by phone. It is printed on the back on Visa and Mastercard credit cards, next to the signature strip, and in the front of many American Express cards, just above the credit card number.

This card verification code expires with the credit card and another code is issued whenever new cards are sent out. So if the credit card you used on the above mentioned networks was about to expire, you should have no problem.

Furthermore, with the introduction of chip cards and services like Visa‘s Verified by Visa and Mastercard‘s Securecode services, information gathered from the security breach would not likely be useable. But I would definately advise vigilance in regards to purchases, just in case.

Canada’s major credit card companies had adopted Zero Liability programs years back for unauthorized purchases so i’m guessing the issue wont cause many problems, though it should be noted that Sony will NOT be asking people to provide personal or credit card information via email or by phone.

BTW, Sony has stated that some of the services will be reactivated this week and some of their users will be eligible for a free month of Playstation Plus. Details can be found on their official blog.