Cybersafety Sentinel June 2022 Week 4
Claudiu’s Top Post
Failures to respond to and report data #breaches are the status quo in #Canada, but in the US, they carry a financial and reputational impact for companies with (what the #FTC calls) “shoddy #security practices”. While the half-million fine is just a slap on the wrist for this major merchandising brand, public knowledge of repeated #privacy failures and over-collection practices place a lasting stain on its name.
Proposed Privacy Legislation
The federal Liberals introduced privacy legislation on Thursday to give Canadians more control over how their personal data is used by commercial entities, impose fines for non-compliant organizations and introduce new rules for the use of artificial intelligence. It would create a Consumer Privacy Protection Act to increase Canadians’ control over their personal information and how it is handled by digital platforms.
Mixed Reaction to Proposed Law
The federal government’s proposed cybersecurity and mandatory reporting legislation is initially getting mixed reactions from experts in the field. However, the law doesn’t come into effect until the Cybersecurity and Infrastructure Security Agency finalizes regulations. There’s not going to be a requirement for companies to report publicly … The only people who will know is the [CSE’s] Canadian Centre for Cyber Security.
Deepfakes’ and Disinformation
Ministers have announced their intention to bring in an online harms bill which would tackle online abuse – including racist slurs, antisemitism and offensive statements aimed at members of the LGBTQ community. The expert panel, which also includes law and policy professors from across the country, said not only should a bill tackle online abuse, including child abuse, it should consider fake and misleading information online.
Facebook Phishing Campaign
Facebook is once again the launchpad for a large-scale phishing campaign, according to researchers at PIXM. This is one phishing campaign that isn’t messing around. The link takes potential victims to a variety of sites but a phishing page will be the primary destination. If you hand over your password to a phishing page, the phisher can’t do much with it while you’re protected with 2FA.
FBI says fraud on LinkedIn a ‘significant threat’ to platform and consumers
Victims interviewed by CNBC say since LinkedIn is a trusted platform for business networking, they tend to believe the investments are legitimate. Typically, the fraudster directs the user to a legitimate investment platform for crypto, but after gaining their trust over several months, tells them to move the investment to a site controlled by the fraudster.
Subscribe to our newsletter to get a monthly update on the latest and greatest in search and discovery.