Monday, November 27, 2023

Cyber Security Alert: Apple device operating system iOS17, how to turn off "Name Drop"

 Consumers who have Apple iPhones and other devices that can upgrade the operating system on their devices are being encouraged to turn off the "Namedrop" feature in the upgrade. See how to below. 






Tuesday, October 10, 2023

The National Retail Federation & K2 Integrity, '23, report: " Organized Retail Theft - An Assessment of a persistent and growing threat"

We've all seen the recent "mop" thefts occurring in stores and shopping centers, creating a challenge for retail outlets. There is also a growing threat of "organized retail fraud" that is being reported by the industry. This report from the National Retail Federation and K2 Intergrity provides insight into how it is occurring and where the items are being resold. 

This is an opportunity for our CPAM organization and members to assist at the local level by hosting meetings with Loss Prevention personnel learning how they are addressing the issue and clarifying how our local ordinances work with retail fraud complaints.  

A PDF of this report published in an article with Home Depot's CEO has been sent out to members. 



Here is a link to the National Retail Federation with additional informational surveys and reports:

National Retail Federation Website

R. Coleman, PSCC, Pittsfield Twp. DPS /CPAM Blog host

Monday, September 25, 2023

Department of Homeland Security: September 25th, '23, "See Something Say Something" Day

Year-round, the “If You See Something, Say Something®” campaign works to empower and educate the public on the importance of recognizing the signs of terrorism-related suspicious activity and how to report it to law enforcement. However, the U.S. Department of Homeland Security has designated September 25 as “If You See Something, Say Something®” Awareness Day, also known as #SeeSayDay

On this day, DHS and its campaign partners across the country come together to remind the public to be aware of suspicious activity and how to report it to law enforcement.


  • Today is #SeeSayDay! Take a pledge to protect your community by learning the signs of suspicious activity and how to report it ➡️ https://go.dhs.gov/opJ


Contact your local law enforcement agency for more information on you can participate in being the "eyes and ears" to report suspicious activity .



Monday, June 26, 2023

New distracted driving law takes effect June 30, 2023


New distracted driving law takes effect June 30, 2023

 How did we get here?

In early May, the Michigan House and Senate passed House Bills 42504251, and 4252 to amend parts of the Michigan Vehicle Code in an effort to reduce distracted-driving crashes and fatalities. 

Texting while driving is already illegal in Michigan, but that law was instituted years ago, when cell phones and their capabilities were much different. The new law now makes all cell phone usage illegal while driving.

What’s in the new law?
The bill amends Michigan law to make it illegal to “use a mobile electronic device to do any task, including, but not limited to” the following:

  • Send or receive a telephone call.
  • Send, receive, or read a text message.
  • View, record, or transmit a video.
  • Access, read, or post to a social networking site. 

The law makes holding or using a cell phone while driving a primary offense -- meaning an officer could pull someone over and ticket them for this offense. The new legislation specifically states, however, that police would not be allowed to search a driver solely because of this violation.

The legislation defines holding a cell phone or electronic device as physically supporting it with “any part of the hands, arms or shoulders.”

Potential fines
Drivers caught violating the rules would face fines and/or be required to perform community service.

If a person is caught holding or using a cell phone, or mobile electronic device, while driving a regular motor vehicle, they would face the following fines:

  • First violation: $100 fine or 16 hours of community service, or both.
  • Second or subsequent violation: $250 fine or 24 hours of community service, or both.
  • If 3 violations occur within a 3-year period: The driver would be ordered by the court to complete a drive-improvement course.

If a person driving a commercial vehicle or a school bus is caught holding or using a cell phone, they would face the following fines:

  • First violation: $200 fine or 32 hours of community service, or both.
  • Second or subsequent violation: $500 fine or 48 hours of community service, or both.

Under the legislation, if a crash were to occur and the at-fault driver was holding or using a cell phone while driving, any civil fines would be doubled.

Law exceptions
There are a few exceptions to the rules.

  • Law enforcement, first responders, and other emergency workers would not be prohibited from using a cell phone while performing official duties.
  • The same exception goes for anyone calling or texting 911 to report an emergency or seek help.
  • Drivers will still be allowed to use their GPS, but only if it's hands-free. Phones could be used as navigation systems so long as it is in a hands-free fashion, such as mounting it to the dashboard or using voice commands to control it.
  • Generally, using voice commands or hands-free modes to use mobile electronic devices is allowed.

____________________________________________________________________________

WHAT IS DISTRACTED DRIVING?
Driver inattention is the leading factor in most crashes and near-crashes, according to the National Highway Traffic Safety Administration and Virginia Tech Transportation Institute.

Driving is a visual task and non-driving activities that draw the driver's eyes away from the roadway should always be avoided.

As of July 1, 2010, Michigan law prohibits texting while driving. For a first offense, motorists are fined $100. Subsequent offenses cost $200.

There are three main types of distraction:

  • Visual - taking your eyes off the road
  • Manual - taking your hands off the wheel
  • Cognitive - taking your mind off the drive

Texting is the most alarming distraction because it involves all three types of distraction.

Distracting activities include:

  • Texting or messaging
  • Checking social media
  • Talking on the phone, even hands-free
  • Watching videos
  • Eating, drinking, or smoking
  • Grooming
  • Looking after children or pets
  • Chatting with passengers
  • Searching or reaching for an item
  • Looking at crashes or roadside sights
  • Checking a navigation system
  • Reading anything, including maps
  • Adjusting climate or music controls
  • Listening to loud music

How not to be distracted:

  • Use your phone's Do Not Disturb feature or an app to silence calls and texts.
  • Put your phone in the glove box or elsewhere to curb the urge to look at it.
  • Avoid eating, drinking, and smoking while driving.
  • Never attempt to read while driving, including a map.
  • Do not do any personal grooming or adjust your clothing while driving.
  • Avoid a lot of interaction with passengers.
  • Emotions can interfere with driving. Do not drive when you are angry or upset.
  • Keep music at a reasonable level, and avoid using headphones or earbuds.
  • Pull over to a safe location and park your vehicle if you need to make or take a call.
  • Do not drive with a pet on your lap.
  • Ask a passenger to help navigate, change the music, or monitor your texts.
  • Pull over to a safe place to address situations involving children.
  • Do not daydream when you are behind the wheel.

Friday, June 2, 2023

FTC Says Ring Employees Illegally Surveilled Customers, Failed to Stop Hackers from Taking Control of Users' Cameras

FTC Says Ring Employees Illegally Surveilled Customers, Failed to Stop Hackers from Taking Control of Users' CamerasUnder proposed FTC order, 

May 31st, '23, ~Media Contact Julina Grusenwald-Henderson
Jhenderson2@ftc.gov 

FTC Says Ring Employees Illegally Surveilled Customers, Failed to Stop Hackers from Taking Control of Users' CamerasMay 31st, ’23 ~ Media ContactJuliana Gruenwald Henderson Office of Public Affairs202-326-2924 Under proposed FTC order, Ring will be prohibited from profiting from unlawfully accessing consumers videos, pay $5.8 million in consumer refunds The Federal Trade Commission charged home security camera company Ring with compromising its customers’ privacy by allowing any employee or contractor to access consumers’ private videos and by failing to implement basic privacy and security protections, enabling hackers to take control of consumers’ accounts, cameras, and videos.

Under a  proposed order, which must be approved by a federal court before it can go into effect, Ring will be required to delete data products such as data, models, and algorithms derived from videos it unlawfully reviewed. It also will be required to implement a privacy and security program with novel safeguards on human review of videos as well as other stringent security controls, such as multi-factor authentication for both employee and customer accounts.“Ring’s disregard for privacy and security exposed consumers to spying and harassment,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “The FTC’s order makes clear that putting profit over privacy doesn’t pay.”California-based Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, video-enabled home security cameras, doorbells, and related accessories and services. The company has marketed its products as offering greater home security and providing its users with peace of mind. For example, in promoting its indoor security cameras, which can be placed in individual rooms, Ring touts the ability of purchasers to “See your home. Away from home” alongside a picture of a Ring camera monitoring a child’s bedroom.

In a complaint, the FTC says Ring deceived its customers by failing to restrict employees’ and contractors’ access to its customers’ videos, using customer videos to train algorithms, among other purposes, without consent, and failing to implement security safeguards. According to the complaint, these failures amounted to egregious violations of users’ privacy. For example, one employee over several months viewed thousands of video recordings belonging to female users of Ring cameras that surveilled intimate spaces in their homes such as their bathrooms or bedrooms. The employee wasn’t stopped until another employee discovered the misconduct. Even after Ring imposed restrictions on who could access customers’ videos, the company wasn’t able to determine how many other employees inappropriately accessed private videos because Ring failed to implement basic measures to monitor and detect employees’ video access.

The FTC also said Ring failed to take any steps until January 2018 to adequately notify customers or obtain their consent for extensive human review of customers’ private video recordings for various purposes, including training algorithms. Ring buried information in its Terms of Service and Privacy Policy, claiming it had a right to use recordings obtained in connection with its services for “product improvement and development,” according to the complaint. Security failures according to the complaint, Ring also failed to implement standard security measures to protect consumers’ information from two well-known online threats—“credential stuffing” and “brute force” attacks—despite warnings from employees, outside security researchers and media reports. Credential stuffing involves the use of credentials, such as usernames and passwords, obtained from a consumer’s breached account to gain access to a consumer’s other accounts. In a brute force attack, a bad actor uses an automated process of password guessing—for example, by cycling through breached credentials or entering well-known passwords—hundreds or thousands of times to gain access to an account.

Despite experiencing multiple credential-stuffing attacks in 2017 and 2018, Ring failed, according to the complaint, to implement common tactics—such as multifactor authentication—until 2019. Even then, Ring’s sloppy implementation of the additional security measures hampered their effectiveness, the FTC said.As a result, hackers continued to exploit account vulnerabilities to access stored videos, live video streams, and account profiles of approximately 55,000 U.S. customers, according to the complaint. Bad actors not only viewed some customers’ videos but also used Ring cameras’ two-way functionality to harass, threaten, and insult consumers—including elderly individuals and children—whose rooms were monitored by Ring cameras, and to change important device settings, the FTC said. For example, hackers taunted several children with racist slurs, sexually propositioned individuals, and threatened a family with physical harm if they didn’t pay a ransom.

In addition to the mandated privacy and security program, the proposed order requires Ring to pay $5.8 million, which will be used for consumer refunds. The company also will be required to delete any customer videos and face embeddings, data collected from an individual’s face, that it obtained prior to 2018, and delete any work products it derived from these videos. The proposed order also will require Ring to alert the FTC about incidents of unauthorized access or exposure of its customers’ videos and to notify consumers about the FTC’s action.

The Commission voted 3-0 to authorize the staff to file the complaint and stipulated final order. The FTC filed the complaint and final order in the U.S. District Court for the District of the District of Columbia.NOTE: The Commission files a complaint when it has “reason to believe” that the named defendants are violating or are about to violate the law and it appears to the Commission that a proceeding is in the public interest. Stipulated final orders have the force of law when approved and signed by the District Court judge.

The lead staff attorneys on this matter are Elisa Jillson, Andy Hasty, and Julia Horwitz from the FTC’s Bureau of Consumer Protection. The Federal Trade Commission works to promote competition and protect and educate consumers. 

Learn more about consumer topics at consumer.ftc.gov, or report fraud, scams, and bad business practices at ReportFraud.ftc.gov. Follow the FTC on social media, read consumer alerts and the business blog, and sign up to get the latest FTC news and alerts. 

Saturday, May 6, 2023

FTC : Grandparent' Scams Get More Sophisticated March 9th, ‘23

FTC : Grandparent' Scams Get More Sophisticated

March 9th, ‘23

 Español   한국어   繁體中文  Tagalog  Tiếng Việt

 Related Content Consumer Guide: Spoofing and Caller ID - Consumer Guide: Unwanted Calls and Texts

Grandparents often have a hard time saying no to their grandchildren, which is something scam artists know all too well.

 Scammers who gain access to consumers' personal information – by mining social media or purchasing data from cyber thieves – can create storylines to prey on the fears of grandparents. The scammers call and impersonate a grandchild – or another close relative – in a crisis situation, asking for immediate financial assistance. Sometimes these callers “spoof” the caller ID to make an incoming call appear to be coming from a trusted source.

Often the imposter claims to have been in an accident or arrested. The scammer may ask the grandparent “please don’t let mom and dad know,” and may hand the phone over to someone posing as a lawyer seeking immediate payment.

Unfortunately, bad actors can now use artificial intelligence technology “to mimic voices, convincing people, often the elderly, that their loved ones are in distress,” according to a recent Washington Post article.

The article reports that scammers can replicate a voice from just a short audio sample, then use AI tools to hold a conversation in that voice, which “speaks” whatever the imposter types.

Several variations of the grandparent scam have surfaced over the years. A U.S. Postal Inspection Service webpage about grandparent scams includes videos of victims sharing their stories to help raise awareness of this criminal tactic.

 Be Vigilant About Scam Calls

Always use caution if you are being pressured for information or to send money quickly. Scammers often try to bully victims into transferring money through a mobile payment app, by wiring money, or by purchasing gift cards or money orders. Some may even request to meet to receive money in person. If you get a call like this, hang up and report it immediately to local law enforcement.

To ease your mind, you can also call or text your family members directly to make sure they’re not in trouble.

 More Tips to Help You Avoid Being Scammed

One of the best deterrents against scam artists is awareness. Check out FCC consumer guides on spoofed caller ID and illegal robocalls, with additional tips and web resources for call-blocking apps and services.

 You can also check out consumer awareness articles about scams targeting older Americans on the Better Business Bureau website, or find out about scams near where you live using the AARP Fraud Watch Network Scam-Tracking Map.

 File a Complaint

You can file complaints with the FCC about unwanted calls and spoofing. You can also find information on imposter scams and file a consumer complaint with the Federal Trade Commission.

Please share this information with family and friends.