Social Media

Google Location Tracking, Even When Switched Off?

Posted on by Andy Miller

An Associated Press report has accused Google of recording the locations of its users via their mobile devices, even when they have requested not to be tracked by turning their “Location History” off.

Discovered

The apparent tracking without permission was discovered as part of research, when a Princeton privacy researcher noticed in his account that Google has tracked his many different locations along a route after he had been travelling for several days, despite his Location History being turned off.

Also, research has revealed that, even when Location History is paused / switched off, some Google apps store time-stamped location data without specifically asking your permission. For example, Google stores data about where you are when you simply open the Maps app, automatic daily weather updates on Android can discover roughly where you are, and some searches apparently unrelated to your location can also pinpoint your exact latitude and longitude, and save it to your Google account.

Could Affect Billions

It is thought that this could affect around two billion Android and Apple devices which use Google for maps or search.

What Is “Location History” and Why Have It Anyway?

According to Google, Location History is one of several ways to improve the experience of users, and works for features such as Google Maps e.g. if you agree to let Google Maps record your location over time, it will display that history for you in a “timeline” that maps out your daily movements.

Google says that Location History helps you to find the places you’ve been and the routes you’ve travelled. Google states that, when you choose to enable Location History, it records your location data and places in your Google Account, even when you’re not using Google Maps.

What’s The Problem?

The problem is that Google also states that “You can turn off Location History at any time. With Location History off, the places you go are no longer stored.”

Also, researchers have discovered that two things (rather than one) need to be opted-out in order to prevent tracking. Users need to disable both “Location History” and “Web & App Activity” in order to opt-out. Some commentators feel that this has not been made clear by Google.

The Issues

The issues with this are that:

– In the UK, for example, this may constitute a lack of transparency, openness and fairness under GDPR about what users are being told is happening to their data and what is actually happening.

– Users appear to have chosen to opt-out of something / not give their consent to something that relates to their privacy and the security of their personal data, and yet have not been opted-out completely by the company (possible issues of GDPR compliance).

– Some commentators have described it as ‘sneaky’ and it could certainly be an issue that affects the trust of users.

– Location data of this kind has been used by police (in the US) to track suspects, and could also potentially be used by other players e.g. cyber criminals if they had access to the user’s account. This could put users at risk.

– Location data can also be used to target people with location-based advertising. This may be something that users would like to avoid.

What Can You Do To Avoid Being Tracked In This Way?

The Associated Press has produced a guide which details what actions you can take to avoid being tracked by Google, even if your Location History on your mobile device is paused / turned off: The guide can be found here: https://www.apnews.com/b031ee35d4534f548e43b7575f4ab494/How-to-find-and-delete-where-Google-knows-you’ve-been

What Does This Mean For Your Business?

This story should be a reminder, particularly since the introduction of GDPR, that people value their privacy and security, and that businesses now have a strong legal responsibility to take this seriously. Transparency, fairness, and openness are vital when telling your customers what you’re doing /what you plan to do with their data. The issue of consent i.e. your customers choosing to withdraw consent and your business complying fully with those requests should be now be treated very seriously, and there must be consistency with what your company says it is going to do and what actually happens.

Sadly, it appears that all too often, large organisations / companies don’t appear to be handling our data in a way that we would like or have requested. For example, Facebook’s sharing of the personal data of 87 million users with Cambridge Analytica caused widespread outrage, and recently the ‘Deceived By Design’ report by the Norwegian government-funded Consumer Council has accused tech giants Microsoft, Facebook and Google of being unethical by leading users into selecting settings that do not benefit their privacy.

It may be that we have to wait a little longer and see a few more big tech companies being properly held to account before things start to really change for the better for users.

Social Mapper Can Trace Your Face

Posted on by Andy Miller

Trustwave’s SpiderLabs has created a new penetration testing tool that uses facial recognition to trace your face through all your social media profiles, link your name to it, and identify which organisation you work for.

Why?

According to its (ethical) creators, Trustwave’s SpiderLabs, Social Mapper has been designed to help penetration testers (those tasked with conducting simulated attacks on a computer systems to aid security) and red teamers (ethical hackers) to save time and expand target lists in the intelligence gathering phase of creating the social media phishing scenarios that are ultimately used to test an organisation’s cyber defences.

What Does It Do?

Social Mapper is an open source intelligence tool that employs facial recognition to correlate social media profiles across a number of different sites on a large scale. The software automates the process of searching the most popular social media sites for names and pictures of individuals in order to accurately detect and group a person’s presence. The results are then compiled in a report that can be quickly viewed and understood by a human operator.

How Does It Work?

Social Mapper works in 3 phases. Firstly, it is provided with names and pictures of people. e.g. via links in a csv file, images in a folder or via people registered to a company on LinkedIn.

Secondly, in a time-consuming phase, it uses a Firefox browser to log in to social media sites and search for its targets by name. When it finds the top results, it downloads profile pictures and uses facial recognition checks to try and find a match. The social media sites it searches are LinkedIn, Facebook, Twitter, Google+, Instagram, VKontakte, Weibo, and Douban.

Finally, it generates a report of the results.

What’s The Report Used For?

The report is designed to give the user a starting point to target individuals on social media for phishing, link-sharing, and password-snooping attacks.

For example, a user can create fake social media profiles to ‘friend’ targets and send them links to credential capturing landing pages or downloadable malware, trick users into disclosing their emails and phone numbers e.g. using vouchers and offers to tempt them into phishing traps, create custom phishing campaigns for each social media site, or even to physically look at photos of employees to find access card badges or to study aspects of building interiors.

What Does This Mean For Your Business?

In the right hands, Social Mapper sounds as though it could ultimately help businesses to improve their online security because it helps to create much better quality and more realistic testing scenarios on a larger scale that could uncover loopholes and shortcomings that current testing may not be able to fund.

The worry, however, is that in the wrong hands it could be used by cyber-criminals to quickly gather information about a target business and its employees, thereby enabling potentially very effective phishing and password-snooping campaigns to be created. This detailed information could also be shared among and sold to other criminals which could mean that individuals could be subjected to a number of attacks over time through multiple channels.

The obvious hope is, therefore, that enough checks and security measures will be put in place by its creators thereby not allowing the software to fall into the wrong hands in the first place and be used by criminals against the businesses and organisations that it was designed to help.

Facebook Favours Free Speech Over Fake News Removal

Posted on by Andy Miller

In a recent Facebook media presentation in Manhattan, and despite the threat of social media regulation e.g. from Ofcom, Facebook said that removing fabricated posts would be “contrary to the basic principles of free speech”.

Fake News

The term ‘fake news’ has become synonymous with the 2016 US general election and accusations that Facebook was a platform for fake political news to be spread e.g. by Russia. Also, fake news is a term that has become synonymous with President Trump, who frequently uses the term, often (some would say) to act as a catch-all term to discredit/counter critical stories in the media.

In essence, fake news refers to deliberate misinformation or hoaxes, manipulated to resemble credible journalism and attract maximum attention, and it is spread mainly by social media. Facebook has tried to be seen to flag up and clean up obvious fake news ever since its reputation was tarnished by the election news scandals.

What About InfoWars?

The point was made to Facebook at the media presentation by a CNN reporter that the fact that InfoWars, a site having been known to have published false information and conspiracy theories, has been allowed to remain on the platform may be evidence that Facebook is not tackling fake news as well as it could.

A Matter of Perspective

To counter this and other similar accusations, Facebook has stated that it sees pages on both the left and the right side of politics distributing what they consider to be opinion or analysis but what others, from a different perspective, may call fake news.

Facebook also tweeted that banning those kinds of pages e.g. InfoWars, would be contrary to the basic principles of free speech.

A Matter of Trust

Ofcom research has suggested that people have relatively little trust in what they read in social media content anyway. The research showed that only 39% consider social media to be a trustworthy news source, compared to 63% for newspapers and 70% for TV.

Age Plays A Part

Other research from Stanford’s Graduate School of Education, involving more than 7,800 responses from middle school, high school and college students in 12 US states focused on their ability to assess information sources. The results showed a shocking lack of ability to evaluate information at even as basic a level as distinguishing advertisements from articles. When you consider that many young people get their news from social media, this shows that they may be more vulnerable and receptive to fake stories, and their wide networks of friends could mean that fake stories could be quickly and widely spread among other potentially vulnerable recipients.

Although Facebook is known to have an older demographic now, many young people still use it, Facebook has tried to launch a kind of Facebook for children to attract more young users, and Facebook owns Instagram, partly as a means to try and mop up young users who leave Facebook. It could be argued, therefore, that Facebook, and other social media platforms have a responsibility to regulate some content in order to protect users.

What Does This Mean For Your Business?

Fake news stories are not exclusive to social media platforms as the number of retractions and apologies in newspapers over the years are a testament. The real concern has arisen about social media, and Facebook particularly, because of what appears (allegedly) to have been the ability of actors from a foreign power being able to use fake news on Facebook to actually influence the election of a President. Which party and President is in power in the US can, in turn, have a dramatic effect on businesses and markets around the world, and the opportunities that other foreign powers think they have.

Facebook is also busy fighting another crisis in trust that has arisen from news of its sharing of users’ personal data with Cambridge Analytica, and the company is focusing much of its PR effort not on talking specifically about fake news, but about how Facebook has changed, why we should trust it again, and how much it cares about our privacy.

Meanwhile in the UK, Ofcom chief executive Sharon White, has clearly stated that she believes that media platforms need to be “more accountable” in their policing of content. While this may be understandable, many rights and privacy campaigners would not like the idea that free speech could be influenced and curbed by governments, perhaps to suit their own agenda. The arguments continue.

Microsoft Launches Free Version of Collaborative Chat App ‘Teams’

Posted on by Andy Miller

Microsoft has announced the launch of a free version of its collaborative chat app ‘Teams’ which doesn’t require an Office 365 subscription.

What Is Teams?

Introduced back in November 2016, ‘Teams’ (as the name suggests) is a platform designed to help collaborative working, and combines features such as workplace chat, meetings, notes, and attachments. Described by Microsoft as a “complete chat and online meetings solution”, it normally integrates with the company’s Office 365 subscription office productivity suite, and Teams is widely considered to be Microsoft’s answer to ‘Slack’.

Slack is a popular, multi-channel collaborative working hub that offers chat channels with companies and businesses you regularly work with, direct voice or video calls and screen-sharing, integrated drag-and-drop file sharing, and an App Directory with over 1,500 apps that can be integrated into Slack.

Teams is now believed to be used by around 200,000 organizations.

Free Version

The free version of Teams, which does not require an Office 365 account, offers the same basic features as regular Teams to anyone who wants to try it out. The hope is, of course, that this will increase user numbers, and tempt users away from Slack. Microsoft is also extending 365 cloud suite with the free version of Teams to try and bridge Microsoft 365 with Office 365.

Space and Features

The free version of Teams offers 10GB of team storage plus an additional 2GB for each user, with up to 300 people supported. Also, users have unlimited messages and search, there is guest access, as well as audio and video calls and screen sharing.

Within the Teams app, users can collaborate with colleagues on Word, Excel and PowerPoint documents.

What’s Missing?

Even though the free version offers quite a lot of storage space, the full version would offer users a massive 1TB. Also, unlike the full version, the free version doesn’t come with Yammer, Planner, SharePoint and OneDrive, plus the free version lacks some of the security features of the full version. This could make it less attractive to enterprises that are also looking to maximise compliance.

Warning To Help With Team Etiquette

One interesting aspect of Microsoft’s approach to the collaborative working platform is to build-on features that warn a user when they are doing something that goes against good practice and etiquette within teams. One key example of this is, with MyAnalytics, which works as an intelligent collaboration assistant in Outlook, is where users are warned / alerted if they are sending emails to co-workers outside their normal working hours.

What Does This Mean For Your Business?

One good way to increase user numbers quickly, gain some ground in a battle with competitors, and to entice people to try and perhaps switch to a new service is to offer a good, usable, value-adding version of that service for free. That’s exactly what Microsoft is doing with its version of Teams.

Although larger enterprises may already be a long way down the road with their chosen collaborative working platform, and might be a bit put off by the idea of using a free version of a platform that is not quite on a par with the full version in terms of security features, a free version of Teams may be very attractive to SMEs looking to move into collaborative working with a low risk, trusted, scalable solution.

Cambridge Analytica Re-Born

Posted on by Andy Miller

A new offshoot of Cambridge Analytica, the disgraced data analysis company at the heart of the Facebook personal data sharing scandal, has been set up by former members of staff under the name ‘Auspex’.

Old Version Shut Down

After news of the scandal, which saw the details of an estimated 87 million Facebook users (mostly in the US) being shared with CA, and then used by CA to target people with political messages in relation to the last US presidential elections, CA was shut down by its parent company SCL Elections. CA is widely reported to have ceased operations and filed for bankruptcy in the wake of the scandal.

Ethical This Time

Auspex, which (it should be stressed) is not just another version of CA, but is likely to carry on the same kind of data analysis work, has been set up by Ahmed Al-Khatib, a former director of Emerdata which was also set up after the Cambridge Analytica scandal. Mr Al-Khatib has been reported as saying that Auspex will use ethically based, data-driven communications with a focus on improving the lives of people in the developing world.

Middle East and Africa

The markets in the developing world that Auspex will initially be focusing on are the Middle East and Africa, and the kinds of ethical work that it will be doing, according Auspex’s own communications, are health campaigning and tackling the spread of extremist ideology among a disenfranchised youth.

Compliant

Auspex has been quick to state that it has made changes and that it will be fully compliant from the outset, thereby hoping to further distance itself from its murky origins in CA.

Personnel

One thing that is likely to attract the attention of critics is that, not only is Mark Turnbull, the former head of CA’s political division the new Auspex Managing Director, but that the listed directors of the new company include Alastair Harris, who is reported to have worked at CA, and Omar Al-Khatib is listed as a citizen of the Seychelles.

What Does This Mean For Your Business?

The Cambridge Analytica and Facebook scandal is relatively recent, and the ICO have only just presented their report about the incident. For many people, it may not feel right that personnel from Cambridge Analytica can appear to simply set up under another name and start again. Critics can be forgiven for perhaps not trusting statements about a new ethical approach, especially since Mark Turnbull appeared alongside former CA chief executive Alexander Nix in an undercover film by Channel 4, where Nix gave examples of how his company could discredit politicians e.g. by setting up encounters with prostitutes.

The introduction of GDPR has brought the matters of data security and privacy into sharp focus for businesses in the UK, and businesses will be all too aware of the possible penalties if they get on the wrong side of the ICO.

In the case of the Facebook / Cambridge Analytica scandal, the ICO has recently announced that Facebook will be fined £500,000 for data breaches, and that it is still considering taking legal action against CA’s company’s directors. If successful, a prosecution of this kind could result in convictions and an unlimited fine.

12 Russian Intelligence Officers Charged With Election Hacking

Posted on by Andy Miller

Even though, in an interview this week, President Trump appeared to absolve Russia of election interference (since retracted), the US Department of Justice has now charged 12 Russian intelligence officers with hacking Democratic officials in the 2016 US elections.

The Allegations

It is alleged by the US Justice Department that, back in March 2016, on the run-up to the presidential election campaign which saw Republican Donald Trump elected as president, the Russian intelligence officers were responsible for cyber-attacks on the email accounts of staff for Hillary Clinton’s Democrat presidential campaign.

Also, the Justice Department alleges that the accused Russians corresponded with several Americans (but not in a conspiratorial way), used fictitious online personas, released thousands of stolen emails (beginning in June 2016), and even plotted to hack into the computers of state boards of elections, secretaries of state, and voter software.

No Evidence Says Kremlin

The Kremlin is reported to have said that it believes there is no evidence for the US allegations, describing the story as an “old duck” and a conspiracy theory.

32, So Far

The latest allegations are all part of the investigation, led by Special Counsel Robert Meuller, into US intelligence findings that the Russians allegedly conspired in favour of Trump, and that some of his campaign aides may have colluded.
So far, 32 people (mostly Russians) have been indicted. 3 companies and 4 former Trump advisers have also been implicated.

Trump Says…

President Trump has dismissed allegations that the Russians help put him in the White House as a “rigged witch hunt” and “pure stupidity”.

In a press conference after his meeting with Russian President, Vladimir Putin in Helsinki, President Trump, however, caused shock and disbelief when asked whether he thought Russia had been involved in US election interference, he said “I don’t see any reason why it would be”.

He has since appeared to backtrack by saying that he meant to say “wouldn’t” rather than “would”, and that he accepts his own intelligence agency’s findings that Russia interfered in the 2016 election, and that other players may have been involved too.

What Does This Mean For Your Business?

Part of the fallout of constant struggle between states and super-powers are the cyber attacks that end up affecting many businesses in the UK. Also, if there has been interference in an election favouring one party, this, in turn, affects the political and economic decisions made in that country, and its foreign policy. These have a knock-on effect on markets, businesses and trade around the world, particularly for those businesses that export to, import from, or have other business interests in the US. Even though, in the US, one of the main results of the alleged electoral interference scandal appears to have been damaged reputations and disrupted politics, the wider effects have been felt in businesses around the world.

These matters and the links to Facebook and Cambridge Analytica have also raised awareness among the public about their data security and privacy, whether they can actually trust corporations with it, and how they could be targeted with political messages which could influence their own beliefs.

£500,000 Fine For Facebook Data Breaches

Posted on by Andy Miller

Sixteen months after the Information Commissioners Office (ICO) began its investigation into the Facebook’s sharing the personal details of users with political consulting firm Cambridge Analytica, the ICO has announced that Facebook will be fined £500,000 for data breaches.

Maximum

The amount of the fine is the maximum that can be imposed under GDPR. Although it sounds like a lot, for a corporation valued at around $500 billion, and with $11.97 billion in advertising revenue and $4.98 billion in profit for the past quarter (mostly from mobile advertising), it remains to be seen how much of an effect it will have on Facebook.

Time Before Responding

Facebook has now been given time to respond to the ICO’s verdict before a final decision is made by the ICO.

Facebook have said, however, that it acknowledges that it should have done more to investigate claims about Cambridge Analytica and taken action back in 2015.

Reminder of What Happened

The fine relates to the harvesting of the personal details of 87 million Facebook users without their explicit consent, and the sharing of that personal data with London-based political Consulting Firm Cambridge Analytica, which is alleged to have used that data to target political messages and advertising in the last US presidential election campaign.

Also, harvested Facebook user data was shared with Aggregate IQ, a Data Company which worked with the ‘Vote Leave’ campaign in the run-up to the Brexit Referendum.

The sharing of personal user data with those companies was exposed by former Cambridge Analytica employee and whistleblower Christopher Wylie. The resulting publicity caused public outrage, saw big falls in Facebook’s share value, brought apologies from its founder / owner, and saw insolvency proceedings (back in May) for Cambridge Analytica and its parent SCL Elections.

What About Cambridge Analytica?

Although Facebook has been given a £500,000 fine, Cambridge Analytica no longer exists as a company. The ICO has indicated, however, that it is still considering taking legal action against the company’s directors. If successful, a prosecution of this kind could result in convictions and an unlimited fine.

AggregateIQ

As for Canadian data analytics firm AggregateIQ, the ICO is reported to still be investigating whether UK voters’ personal data provided by the Brexit referendum’s Vote Leave campaign had been transferred and accessed outside the UK and whether this amounted to a breach of the Data Protection Act. Also, the ICO is reported to be investigating to what degree AIQ and SCL Elections had shared UK personal data, and the ICO is reported to have served an enforcement notice forbidding AIQ from continuing to make use of a list of UK citizens’ email addresses and names that it still holds.

Worries About 11 Main Political Parties

The ICO is also reported to have written to the UK’s 11 main political parties, asking them to have their data protection practices audited because it is concerned that the parties may have purchased certain information about members of the public from data brokers, who might not have obtained consent.

What Does This Mean For Your Business?

When this story originally broke, it was a wake-up call about what can happen to the personal data that we trust companies / corporations with, and it undoubtedly damaged trust between Facebook and its users to a degree. It’s a good job that the ICO is there to follow things up on our behalf because, for example, a Reuters/Ipsos survey conducted back in April found that, even after all the publicity surrounding Facebook and Cambridge Analytica scandal, most users remained loyal to the social media giant.

Also, the case has raised questions about how our data is shared and used for political purposes, and how the using and sharing of our data to target messages can influence the outcome of elections, and, therefore, can influence the whole economic and business landscape. This has meant that there has now been a call for the UK government to step-in and introduce a code of practice which should limit how personal information can be used by political campaigns before the next general election.
Facebook has recently been waging a campaign, including heavy television advertising, to convince us that it has changed and is now more focused on protecting our privacy. Unfortunately, this idea has been challenged by the recent ‘Deceived By Design’ report by the government-funded Norwegian Consumer Council, which accused tech giants Microsoft, Facebook and Google of being unethical by leading users into selecting settings that do not actually benefit their privacy.

Tech Giant GDPR Privacy Settings ‘Unethical’ Says Council

Posted on by Andy Miller

The ‘Deceived By Design’ report by the government-funded Norwegian Consumer Council has accused tech giants Microsoft, Facebook and Google of being unethical by leading users into selecting settings that do not benefit their privacy.

Illusion of Control

The report alleges that, far from actually giving users more control over their personal data (as laid out by GDPR), the tech giants may simply be giving users the illusion that this is happening. The report points to the possible presence of practices such as:

– Facebook and Google making users who want the privacy-friendly option go through a significantly longer process (privacy intrusive defaults).

– Facebook, Google and Windows 10 using pop-ups that direct users away from the privacy-friendly choices.

– Google presenting users with a hard-to-use dashboard with a maze of options for their privacy and security settings. For example, on Facebook it takes 13 clicks to opt out of authorising data collection (opting in can take just one).
– Making it difficult to delete data that’s already been collected. For example, deleting data about location history requires clicking through 30 to 40 pages.

– Google not warning users about the downside of personalisation e.g. telling users they would simply see less useful ads, rather than mentioning the potential to be opted in to receive unbalanced political ad messages.

– Facebook and Google pushing consumers to accept data collection e.g. with Facebook stating how, if users keep face recognition turned off, Facebook won’t be able to stop a stranger from using the user’s photo to impersonate them, while not stating how Facebook will use the information collected.

Dark Patterns

In general, the reports criticised how the use of “dark patterns” such as misleading wording and default settings that are intrusive to privacy, settings that give users an illusion of control, hiding privacy-friendly options, and presenting “take-it-or-leave-it choices”, could be leading users to make choices that actually stop them from exercising all of their privacy rights..

Big Accept Button

The report, by Norway’s consumer protection watchdog, also notes how the GDPR-related notifications have a large button for consumers to accept the company’s current practices, which could appear to many users to be far more convenient than searching for the detail to read through.

Response

Google, Facebook and Microsoft are all reported to have responded to the report’s findings by issuing statements focusing on the progress and improvements they’ve made towards meeting the requirements of the GDPR to date.

What Does This Mean For Your Business?

GDPR was supposed to give EU citizens much more control over their data, and the perhaps naive expectation was that companies with a lot to lose (in fines for non-compliance and reputation), such as the big tech giant and social media companies would simply fall into line and afford us all of those new rights straight away.

The report by the Norwegian consumer watchdog appears to be more of a reality check that shows how our personal data is a valuable commodity to the big tech companies, and that, according to the report, the big tech companies are willing to manipulate users and give the illusion that they are following the rules without actually doing so. The report appears to indicate that these large corporations are willing to force consumers to try to fight for rights that have already been granted to them in GDPR.

1 – 0 In England Vs World Cup Hackers

Posted on by Andy Miller

It has been reported that the England football team have been briefed before flying out to their World Cup base in St Petersburg about how they and UK fans can avoid falling victim to Russian hackers.

NCSC Advice

The briefing has been delivered by The National Cyber Security Centre (NCSC), which is part of GCHQ. The advice will focus upon cyber security e.g. for mobile devices and using Wi-Fi connections safely while in Russia.

The same advice has been included in an NCSC blog post that is aimed at anyone travelling to Russia to watch any of the World Cup game, and is entitled ‘Avoid scoring a cyber security own goal this summer”.

The NCSC suggests that is it should be read alongside other UK government online advice pages such as the “FCO Travel Advice” page relating to Russia (https://www.gov.uk/foreign-travel-advice/russia), and the “Be on the Ball: World Cup 2018” pages (https://www.gov.uk/guidance/be-on-the-ball-world-cup-2018).

Why?

Many security experts and commentators have noted that sporting events have become a real target for cyber criminals in Russia in recent times. Russia-based security company, Kaspersky, reported seeing spikes in the number of phishing pages during match ticket sales for this year’s World Cup. Kaspersky reported that every time tickets went on sale, fraudsters mailed out spam and activated clones of official FIFA pages and sites offering fake giveaways, all claiming to be from partner companies.

Kaspersky says that criminals register domain names combining the words e.g. ‘world,’ ‘worldcup,’ ‘FIFA,’ ‘Russia,’ etc, and that if fans look closely they can see that the domains look unnatural and have a non-standard domain extension. The Security Company advises that fans should take a close look at the link in the email or the URL after opening the site to avoid falling victim to scammers.

The general advice from Kaspersky is to give cheap tickets a wide berth, not to buy goods from spammers in the run-up to kickoff (because the goods may not even exist), not to fall for spam about lotteries and giveaways because they may be used for phishing, not to visit dubious sites offering cheap accommodations or plane tickets, and only to watch broadcasts on official FIFA partner websites.

Kaspersky also advises visitors to use a VPN to connect to the Internet, because, in the aftermath of the government’s attempt to block Telegram, popular sites in Russia are either unavailable or unstable.

England Team’s Briefing

England team Manager, Gareth Southgate, has noted that the England team players are young people who will look for things to occupy their time while in hotel rooms e.g. playing video games, and using multiple devices such as smartphones, tablets and gaming devices. The fact that technology will play a big part in the England team’s downtime throughout the tournament is the main reason why the FA is taking cyber security so seriously.

It is understood, therefore, that the NCSC has been advising the players on the rules to follow on e.g. which devices they can safely use and where. Also, the devices belonging to players and staff will be thoroughly screened to make sure they have the right security software installed.

What Does This Mean For Your Business?

Anyone travelling abroad for business or pleasure, particularly to countries where certain cyber security threat levels are known to be high should read the UK government’s advice pages relating to cyber security while travelling.

In the case of travelling to Russia for the World Cup, some of the measures people can take before travelling are to check which network you will be using and what the costs are, to make sure all software and apps are up to date and antivirus is turned on, to turn on the ability to wipe your phone should it be lost, and to make sure all devices are password protected and use other security features e.g. fingerprint recognition.

On arriving in Russia, the advice is to remember that public and hotel Wi-Fi connections may not be safe and to be very careful about what information you share over these connections e.g. banking. Also, don’t share phones, laptops or USBs with anyone and be cautious with any IT related gifts e.g. USB sticks, and to keep your devices with you at all times if possible rather than leave them unattended.

The full UK government advice can be found here https://www.ncsc.gov.uk/blog-post/avoid-scoring-cyber-security-own-goal-summer.

Facebook Losing the Battle For Teenage Attention

Posted on by Andy Miller

A study by Pew in the US has found that Facebook is now lagging behind YouTube, Instagram and Snapchat, as a platform where teenagers spend their time.

Down To 4th Place

The study, which involved 750 teens in one month earlier this year, found that Facebook has experienced a 20% point drop since 2015 in its usage by teenagers. Even though 51% use Facebook, this is still a long way behind the 85% preferring YouTube (Google-owned), 72% preferring Instagram (which is owned by Facebook anyway), and the 69% preferring Snapchat.

What’s Been Happening?

An eMarketer report illustrates what’s been happening. The report predicts that in 2018, 2.2 million 12 to 17-year-olds and 4.5 million 18 to 24-year-olds will regularly use Facebook in the UK, but this is 700,000 fewer than in 2017. Most of the young defectors appear to be going instead to Snapchat.

The same report shows that there has been a surge in older users of Facebook, and over-55s will become the second-biggest demographic of Facebook users this year. For example, 500,000 new over-55s are expected to join Facebook in 2018, and this will bring the number of 55- to 65-year-old-plus regular Facebook users this year to 6.4 million.

Passing Over Instagram For Snapchat

One of the reasons why Facebook bought Instagram was so that it could at least keep some of the young people who were deserting Facebook as customers as of one of its services.

Unfortunately, what’s been happening is that young people appear to have been leaving Facebook, and going to Snapchat instead of Instagram. For example, in the last 3 years Snapchat has more than doubled its take-up rate among UK users of social networking sites and apps to 43%.

Why?

It is an age-old feature of teenagers and young people, because of a need for independence and privacy, they would prefer not to go to the same places as their parents, and this is what has been happening on Facebook to some extent.

Also, many more young people have smartphones, and they use them to go where other members of their age / peer group go i.e. on Snapchat. It doesn’t help also that Facebook has received a lot of bad publicity recently over its involvement with the sharing of user data with Cambridge Analytica, and the part it played in allegedly being used by representatives of certain foreign powers to help sway the election result towards Trump.

Facebook has also proved particularly attractive in recent years to older people who have found that its video and photo features are easy to use, and enable them to keep up with the social lives of their older children, and grandchildren,

Facebook For Kids

Facebook has long known that it has been attracting an older demographic, and that young people have been leaving the platform in pursuit of a new experience, and to stay in touch with other members of their peer group.

Attracting a new, young group of Facebook users looks likely, therefore, to be one of the main reasons why, back in December 2017, Facebook announced that it was launching a kind of Facebook for children the form of ‘Messenger Kids’. Some commentators said at the time that it appeared to be a way for Facebook to recruit its next generation of users, and to capture the attention of 6 to 12-year-olds before Snapchat or a similar social network competitor

What Does This Mean For Your Business?

For Facebook, even though it recognises (and is trying to solve) the problem that it faces in attracting teenage users, it still remains the most popular social networking sites in the UK by a long way, boasting 32.6 million total regular users this year. Also, Facebook’s Instagram is looks likely to grow its user base from 15.7 million to 18.4 million this year, although it also appears to be losing young users to Snapchat.

For businesses wishing to advertise, Facebook is likely, therefore, to be a way to advertise to older age groups e.g. those in their 40,s, 50s, and above. In fact, Facebook has also announced an overhaul of its news feed algorithm to prioritise what friends and family share, and to reduce the amount of non-advertising content from publishers and brands.

Businesses with older customer demographics may also want to keep making the most of their company Facebook business page.