Hey there, it’s time for episode 107 of the UNSECURITY Podcast!
Just when you think you can’t get any busier…
You get busier.
Maybe if I learned to say “no” a little more often. My dilemma is 1) mostly brought on by myself and 2) is a blessing. It’s better to be busy than to have nothing to do, especially when you’re helping people. I’m grateful.
Short introduction today. Too much going on to elaborate much (for now).
On to the show notes…
This is Evan, I’ll lead the discussion today, and these are my notes…
SHOW NOTES – Episode 107
Date: Tuesday November 24th, 2020
Episode 107 Topics
- Opening
- Catching Up
- What’s new?
- “Information Security @ Home”
- Happy Thanksgiving
- What are your grateful for?
- What’s different this year?
- What’s the same?
- Holiday shopping tips for EVERYONE
- News
- Wrapping Up – Shout outs
Opening
[Evan] Hey there! Thank you for tuning in to this episode the UNSECURITY Podcast. This is episode 107, the date is November 24th 2020, and I’m your host, Evan Francen. Sadly, Brad won’t be joining me today. He’s out of commission fighting a bout of labyrinthitis. The prognosis is good, so we expect him to be back soon!
So, this means you’re all stuck with me. I’ll do my best to provide some value for your ears and brain.
Quick Catchup
[Evan] The catchup time is a little different without Brad, so I’ll just give you a quick recap of what I’ve been up to.
Topics:
- 4th quarter is notoriously busy, like VERY busy, for us. Everyone is running at 100% capacity right now, which is good, but also stressful.
- Security Sh*t Show – this is live on YouTube every week; Thursday nights at 10pm CST.
- Last week Chris Roberts and I did the Paqui One Chip Challenge online with a couple fans.
- We also unveiled a new sticker (see below). If you’d like one, just subscribe to the Sh*t Show YouTube channel and let us know.
- Information security hobbies – I’ve been working on a Raspberry Pi home network security device, including Kismet, pfsense, and Pi-hole. More to come on this next week.
- Maybe another thing or two.
Transition
Happy Thanksgiving!
[Evan] Originally, Brad and I were going to continue our discussion about information security at home, then I realized that this is Thanksgiving week! Instead of talking about our original topic, I’m going to talk about protecting yourself (and your family) from holiday shopping scams. For many Americans, Friday marks the beginning of the holiday shopping season, and it’s important for all of us to be careful! Lots of things have changed this year, it is 2020, but some things haven’t. The scammers are still scamming, and a most of the scams are the same this year as they’ve been in years past.
Some interesting stats/information:
- 61% of Americans have already started holiday shopping (before Thanksgiving)
- 22% of Americans start their holiday shopping on (or after) Thanksgiving
- 15% of Americans start their holiday shopping in December
- 2% of Americans start their holiday shopping in January (hopefully for next year)
- Last year:
- $730 billion was spent on holiday shopping
- $135.5 billion was spent holiday shopping online
- $71.3 billion was spent holiday shopping using a mobile device
- Online holiday shopping (in terms of dollars spent) is expected to increase by 35.8%
More online shopping coupled with the fact that most of us are more distracted (than ever), means attackers could have a heyday.
Opportunity + Distraction = Success (for scammers)
Tips to protect yourself and your loved ones (we will make this into a checklist soon):
Most important – situational awareness. It’s the umbrella for all other protection activities/behaviors.
- Ship to a secure location – avoid shipping to places where merchandise could sit unattended and insecure for long periods.
- If you decide to use a mobile app for shopping, use official retailer apps only.
- Don’t save payment card (debit or credit) information in any shopping accounts
- Using Apple Pay or Google Pay for payments wherever it’s available.
- If you’re unfamiliar with a retailer, do your research before buying. Make sure the site and retailer are legitimate.
- Don’t rush to purchase at the lowest price. Slow down and think about security risks first.
- Never make purchases on public Wi-Fi – Never.
- Use a VPN when shopping (or doing anything sensitive) online.
- Always use strong passwords and a password manager.
- Check security and/or privacy policies, especially for retailers you’re unfamiliar with.
- A legitimate retailers will NEVER ask for your Social Security number, so don’t give it out.
- Make purchases with credit cards over debit cards.
- Make purchases with prepaid debit cards over credit cards or regular debit cards.
- Review all your accounts and bank statements regularly. You should be doing this all year.
Please be careful this holiday season. DO NOT let scammers steal ANY of your joy or hope!
Transition
[Evan] Alright. That’s that. On to some news…
News
[Evan] Always plenty of interesting things going on in our industry. Here’s a few stories that caught my attention recently:
- Tesla Model X hacked and stolen in minutes using new key fob hack – https://www.zdnet.com/article/tesla-model-x-hacked-and-stolen-in-minutes-using-new-key-fob-hack/
- Botnets have been silently mass-scanning the internet for unsecured ENV files – https://www.zdnet.com/article/botnets-have-been-silently-mass-scanning-the-internet-for-unsecured-env-files/
- Senate Passes IoT Cybersecurity Improvement Act – https://www.bankinfosecurity.com/senate-passes-iot-cybersecurity-improvement-act-a-15399
- Firing Christopher Krebs Crosses a Line—Even for Trump – https://www.wired.com/story/trump-fires-christopher-krebs-cisa/
Wrapping Up – Shout outs
[Evan] That’s it for episode 107. Gonna give my shout outs…
[Evan] Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.
Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.
That’s it! Talk to you all again next week!