Latest news with #JosephSteinberg


The Hill
05-07-2025
- The Hill
Are you susceptible to a ‘social engineering' attack?
(NEXSTAR) – The Federal Bureau of Investigations on Friday issued an alert concerning Scattered Spider, a cybercriminal organization currently targeting the airline industry. The group, which is also said to be behind cyberattacks on multiple Las Vegas casinos in 2023, is said to rely heavily on 'social engineering' techniques for its attacks, a tactic used to gain trust with victims. 'In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems,' the Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) explains of these types of scams. Attackers may then use that information to pose as a trusted figure working at, or with, the victim's company in order to gain access, CISA says. Specific examples of Scattered Spider's social engineering tactics include 'impersonating employees or contractors to deceive IT help desks into granting access,' or 'convincing help desk services to add unauthorized [multi-factor identification] devices to compromised accounts,' according to the FBI. But social engineering can take many forms — and target everyday individuals, rather than just corporations. 'Typically, the elderly are the most vulnerable to social engineering, but they're not the only victims,' said John Young, a cybersecurity expert and the COO of encryption company Quantum eMotion America. 'Lonely people fall prey to romance scams; those who want instant gratification are vulnerable to get-rich-quick ploys; and otherwise savvy people who have a fear of missing out can get taken by investment scams.' These types of attacks are also incredibly common. Scammers often contact potential victims through emails and texts (aka phishing and smishing scams) or sometimes over the phone, perhaps posing as a bank or an e-commerce company, and asking the victim to verify their personal information or account passwords. Joseph Steinberg, a cybersecurity expert and the author of 'Cybersecurity for Dummies,' says these attacks exploit a weakness in the human brain. 'We're not wired to perceive threats from far away. … To survive, for most of history, we didn't have to worry about threats from someone invisible, 3,000 miles away,' Steinberg told Nexstar. 'But people have a tendency to trust technology more than other people,' he added. 'If I walk up to you in the street, and I told you your banker told me you need to reset your password, you'd never trust me. But if you get an email from what looks like [a bank]? That could be different.' It's also getting harder and harder to differentiate social engineering attacks from legitimate interactions. Artificial intelligence has made it easier for hackers to both gather information on targets and carry out the attacks, as noted by the cybersecurity teams at such organizations as CrowdStrike, IBM and Yale University. AI can even make it possible for bad actors to create deepfakes (i.e., synthetic photos, video or audio clips that appear nearly indistinguishable from authentic ones) to try and trick victims. Steinberg says he's seen this tactic demonstrated over the phone, with scammers using deepfake audio to mimic the voice of a victim's loved one asking for money or sensitive information. 'Every time I've seen it demonstrated it works,' he said. 'The AIs are that good.' CISA offers a number of tips for preventing the likelihood of becoming a victim of social engineering attacks, including limiting the amount of personal information you share online, or contacting a bank/company directly (using a phone number provided by the company's official channels) after getting a suspicious email or text, to verify its authenticity. Now that AI is in the mix, Steinberg also suggests coming up with a plan to verify the identity of their own family members — and most importantly their children — if they get a suspicious call from a person claiming to be a loved one. 'I'm … going to ask them some piece of information that only my child would know,' Steinberg said. By understanding these tools, the likelihood of becoming a victim is at least minimized, if never completely eliminated. 'The most important thing is to internalize the fact that you're a target,' Steinberg said. 'If you believe that people may be trying to scam you, you just behave differently.' Young, too, said a skeptical mindset is especially helpful for the vulnerable populations to adopt. 'I teach volunteer classes for AARP to older citizens, and when I explain that in the old days scammers were known as con artists, something clicks for them,' he said. 'It's true; the scammers of today are just another name for con artists who have been using persuasion and their social engineering skills since the beginning of time.'


Daily Mail
01-07-2025
- Daily Mail
Now experts u-turn and say you SHOULDN'T blur your house on Google Maps - and warn doing so could actually encourage burglars to pay a visit
Whether it's a fancy new lock or an expensive security camera, people will go to extreme lengths to protect their homes. Recently, a security advisor suggested that blurring your home on Google Maps could help to deter burglars who use the tool to learn about entryways, security measures and possible possessions. However, experts have now u-turned - and warn that this popular trick might actually put you at a greater risk of a break-in. Cybersecurity consultant Joseph Steinberg says that your security will be 'worse off' if you decide to blur your home. The motivation for obscuring your home is that criminals will no longer be able to use Google Maps to plan a potential robbery. But Mr Steinberg says that hiding your home is likely to draw even more attention. He says: 'If you blur your house … that's interesting to me as a criminal, and I may drive by. 'My personal feeling is that you should not blur your house, in general.' Mr Steinberg points out that blurring your home could draw more attention to you in something called the 'Streisand Effect'. This refers to Barbra Streisand's attempt to sue a photographer who inadvertently took a photo of her California home in 2002. Ms Streisand claimed a violation of her privacy, but the case, which was thrown out the next year, ultimately drew widespread attention to the location of her home. In the same way, blurring your home on Google Maps might give criminals the idea that you have something worth hiding. A quick look along some of the UK's most expensive streets reveals that certain homeowners have already taken this step. For example, London properties in Phillimore Gardens in Kensington, Grosvenor Square in Mayfair and Knightsbridge have all been blurred out. However, Mr Steinberg says that trying to obscure your home is simply a way to 'draw attention to yourself for no reason'. He adds: 'This is a classic example of people not looking at the big picture and having a knee-jerk reaction.' Likewise, unless you are an exceptionally high-profile individual, criminals are unlikely to be actively scouting your house. Burglary, Mr Steinberg points out, is a crime that 'has to be done locally', 'They can come before and take [their own] pictures, if they want,' he says. According to the City of London Police, burglaries are largely opportunistic rather than carefully planned in advance. Criminals will typically drive or walk around to look for signs that homes contain valuables, such as packaging from expensive items left outside the door. Likewise, criminals often break into homes because they've spotted a vehicle they want to steal and believe the keys are inside the house. Open windows or doors with vulnerable features are also key signs that burglars will look for. City of London Police also points out that burglars often return to the same area multiple times, either to rob the same home or to break into a nearby house spotted during earlier crimes. That means blurring your house on Google Maps doesn't prevent criminals from spotting an opportunity to break in. There are also some concerns that blurring your home on Google Maps might not be as effective as many people believe. According to Google, anyone can request to blur their house if they prefer that it appear that way on Google Street View. 'Google Street View cars capture images from public roads, which might include your home,' their website reads. 'If an image contains inappropriate content, or you prefer your home not be shown, you can request it to be blurred.' However, on Reddit, users have complained that their homes were still visible when viewed from different angles or from above. One user complained that they were still able to see their blurred address by simply moving further down the road on Street View. On the other hand, many users also complained that Google's approach to blurring is too heavy-handed. Once the blur has been requested by the homeowner, it can never be undone at any point in the future, even after the original owner has moved out. In a post on Reddit, one user complained that their entire street was still blurred 16 years after they requested to hide their home, despite having moved out after a single year. The user wrote: 'Since I was somewhat responsible, I tried contacting Google multiple times. However, their response was always that the blurring was permanent. 'I wouldn't feel so bad since I moved away, but I still have a couple of good friends who still live on that street.' If you do still want to blur your address for any reason, you must first find it on Google Maps using your smartphone or computer. Open the Street View image that you want to blur, and in the bottom right, click 'Report a problem'. Complete this form and then submit. 'We'll review your report as fast as we can,' Google says. 'If you entered your email address in the form, we may contact you to get additional information or to update you on the status of your report.'