Gnammarly and Cicsom | Fortnite and children's privacy
CyberInsights #74
Phishing sites delivering malware
An age old trick. But it still works.
Security researchers at Cyble reported two phishing sites that were distributing the DarkTortilla malware by impersonating two popular websites - Grammarly & Cisco. Thankfully, most ISPs have already blocked these sites.
The technical details are explained in detail here.
There are two points to note here:
Both Cisco and Grammarly have many banner ads displayed on websites. Fake ads could easily be created enticing clicks
Users still have to download and install malicious looking files on their system
This leads us to a lack of ‘situational awareness’ among internet users (something that I cover extensively in Monkey, Shakespeare, Typewriter: Cybersecurity for Everyone)
Take Action:
End user awareness trainings are dull. People know the right answers. Trainings should kick in when they really matter - like clicking on ads and downloading files. Use the examples in Chapter 8 of the book to create your own situational awareness sessions.
Fortnite fined for violating children’s privacy law
Children are an easy target. Stricter controls should be encouraged.
FTC has fined the maker of Fortnite (Epic Games) $275 million for violating the children’s privacy law.
Online gaming has enough risks without the maker of the game playing crooked. The Hacker News reports that the fine was for allowing ‘accidental’ purchases and allowing children in-game content purchases without requiring parental / card owner consent.
FTC said:
Epic games also collected data about children without adult consent. They also made it difficult to delete the data for parents.
Don’t accept cookies from strangers takes on a whole new meaning!
Take Action:
The actions are for your personal life, not professional infosec life.
Ensure that you approve every game that your children have on their phones. Use apps like Google’s ‘Family Link’ to setup controls for children.
Educate your children to the dangers of online gaming.
Enjoyed reading? Share it with someone who might like it