Cybersecurity news headlines for 15-28 February

Cybersecurity news headlines for 15-28 February

The second half of February has been a pretty quiet two weeks in terms of cybersecurity incidents, which is why this report is a short one. We’re covering just two stories: sensitive information from 11 popular apps being sent to Facebook’s server, and a huge increase in robocalls all over the world.

11 popular apps are sending sensitive information to Facebook’s servers

The Wall Street Journal has published an alarming report revealing that popular apps are sending highly sensitive information to Facebook. According to the report, 11 popular apps (Flo Period & Ovulation Tracker, and Instant Heart Rate: HR Monitor to name a few) are sending data to Facebook’s servers, some of which is of highly sensitive nature, such as menstrual cycles, pregnancy statuses, and blood pressure.

Facebook may not be the guilty party in this situation, as the social media giant does not collect that information intentionally. If you’re wondering how Facebook ended up getting that information, the developers of those 11 apps use Facebook’s mobile software development kit (SDK) to gather certain information in order to understand how users are interacting with their apps. The collected app data is then sent to Facebook’s servers where it is stored. However, Facebook prohibits apps from sending them sensitive information related to health, finances, etc.

“We require app developers to be clear with their users about the information they are sharing with us, and we prohibit app developers from sending us sensitive data. We also take steps to detect and remove data that should not be shared with us,” a Facebook spokesperson told CNBC.

Popular period tracking app with millions of users Flo Period & Ovulation Tracker is among the 11 apps mentioned, despite the app’s Privacy Policy stating that it will not share “information regarding your marked cycles, pregnancy, symptoms, notes and other information that is entered by you and that you do not elect to share” to third parties. The company has since made changes to its Privacy Policy and claims to have stopped sharing sensitive data with Facebook’s analytics tool.

While the news of user data being shared without users’ permission is worrying, it’s not shocking. The reality is that if you give apps information related to you, even if it’s highly sensitive, it will likely be shared, despite what the apps themselves may claim.

There were 85 billion robocalls made in 2018, a 325% increase from 2017

If you’ve ever received a scam robocall, you understand the annoyance and frustration they cause. And if you’ve noticed that you received them more than usual in 2018, you’re not alone. According to Hiya, a company that provides caller ID information and offers a spam blocker app, around 85 billion robocalls were made in 2018, a 325% increase from 2017.

The most popular robocall scam campaigns in 2018 were:

• The bank account scam. Scammers call people pretending to be official bank employees and request sensitive information.
• Extortion/kidnapping. Scammers call a random phone number, demanding payment for a kidnapped friend/relative.
• Credit card scam. Similarly to a bank account scam, credit card scammers pretend to be bank employees and try to trick people into giving away their credit card information.
• Wangiri scam. Scammers leave a message asking for a call back, and when a person calls the number, they are connected to an international hotline with high per-minute fees.
• Neighbor scam. Scammers use special software to mimic the first few digits of a user’s phone number to fool people into thinking someone nearby is calling.

Spain seems to have the biggest problem with robocalls, closely followed by the UK, Italy and France. Spain has an astounding 24% spam rate, with one user receiving 9 spam robocalls per month on average. UK takes seconds place, with a spam rate of 22%, averaging 7 monthly spam calls per person.

In the US, 10% of all incoming calls are spam related, that means a person receives around 7 monthly spam calls. IRS (Internal Revenue Service) related scams are particularly common in the US, where callers pretend to be from the IRS and demand money for supposedly unpaid taxes.

These rather worrying statistics show that robocalls are becoming an increasingly bigger problem, and with so many calls made, the chances of people being scammed increase drastically. The most annoying thing about robocalls is that you personally can’t really do much about them, besides not picking up the phone. You can try special software, but even then some calls might get through.