THE DEEPENING DANGERS OF DEEPFAKE AI

THE DEEPENING DANGERS OF DEEPFAKE AI

THE DEEPENING DANGERS OF DEEPFAKE AI

Wednesday, April 17, 2024

In recent years, the rise of deepfake technology has sparked widespread concern and fascination. Deepfake AI, powered by advanced machine learning algorithms, can manipulate digital content, including images, videos, and audio, to create convincingly realistic but entirely fabricated media. While technology presents numerous potential applications, from entertainment to artistic expression, its misuse poses significant risks to individuals, organizations, and society. Here, we explore the risks associated with deepfake AI and strategies to mitigate its harmful effects.

Misinformation and Fake News Epidemic

Deepfake AI has the potential to exacerbate the already rampant issue of misinformation and fake news. With the ability to create highly realistic videos of public figures saying or doing things they never actually did, malicious actors can manipulate public opinion, incite unrest, and damage reputations. Such content can spread rapidly across social media platforms, further blurring the lines between fact and fiction.

Political Manipulation & Election Interference

The use of deepfake technology in political contexts poses a significant threat to the integrity of democratic processes. Imagine a scenario where a deepfake video surfaces just days before an election, depicting a candidate engaging in illegal or immoral behavior. The repercussions could be devastating, potentially swaying public opinion, and altering the outcome of an election. Moreover, foreign adversaries could exploit deepfake AI to sow discord, undermine trust in institutions, and destabilize democracies.

Identity Theft & Fraud

Deepfake AI can also be leveraged for more personal and targeted attacks, such as identity theft and financial fraud. By superimposing someone’s face onto another person’s body in a video or using their voice in an audio recording, cybercriminals can deceive individuals or even sophisticated security systems. This opens the door to various malicious activities, including impersonation scams, unauthorized access to sensitive information, and extortion.

Erosion of Trust & Authenticity

As deepfake technology advances and becomes more accessible, there’s a growing risk of widespread erosion of trust and authenticity in media. With the prevalence of

manipulated videos and audio recordings, distinguishing between what’s real and what’s fake becomes increasingly challenging. This erosion of trust not only undermines the credibility of traditional media sources but also undermines public discourse and diminishes the shared reality upon which democratic societies depend.

Privacy Concerns & Consent

Deepfake AI raises profound privacy concerns, particularly regarding the unauthorized use of individuals’ likeness and voice. The ability to generate hyper-realistic simulations of people without their consent blurs the boundaries between public and private life, potentially exposing individuals to exploitation, harassment, or emotional distress. Moreover, the proliferation of deepfake content complicates the process of verifying the authenticity of consent in various contexts, such as in intimate relationships or legal disputes.

Steps You Can Take to Protect Yourself

Protecting oneself against the threats posed by Deepfake AI requires a combination of vigilance, technological measures, and awareness of potential risks. Here are some practical steps you can take to mitigate the impact of deepfake technology.

  1. Verify the Source

Before sharing or believing any content, especially if it seems sensational or controversial, verify the source. Check if the content is coming from reputable and trustworthy sources. Be cautious of content shared on social media platforms or websites with unknown credibility.

  1. Scrutinize the Content

Pay close attention to details within media content, such as inconsistencies in lighting, shadows, or unnatural movements, which may indicate manipulation. While deepfake technology is becoming increasingly sophisticated, there are often subtle signs that distinguish fabricated content from genuine material.

  1. Stay Informed

Stay informed about the latest developments in deepfake technology and the potential risks associated with it. Regularly consume news from reliable sources to understand how deepfakes are being used and the implications for society.

  1. Use Reverse Image Search

If you suspect that an image or video may be a deepfake, use reverse image search tools such as Google Images to see if the content has been circulated elsewhere

online. This can help determine the authenticity of the content and identify any instances of manipulation.

  1. Enable Two-Factor Authentication

Protect your online accounts, especially social media, and email accounts, by enabling two-factor authentication (2FA). This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.

  1. Be mindful of Personal Information

Be cautious about sharing personal information, such as photos or videos, on public platforms or with unfamiliar individuals. The more content available online, the greater the risk of it being manipulated or misused by malicious actors.

  1. Use Trusted Software

When downloading apps or software, stick to reputable sources such as official app stores or the websites of well-known companies. Avoid downloading apps from third-party sources, as they may contain malicious software designed to exploit vulnerabilities in your device.

  1. Educate Others

Spread awareness about the dangers of deepfake technology among friends, family, and colleagues. Encourage them to be cautious when consuming media content online and to adopt best practices for protecting themselves against potential threats.

  1. Report Suspected Deepfakes

If you come across content that you believe to be a deepfake, report it to the relevant platform or authority. Many social media platforms have mechanisms in place for reporting fake or misleading content, which can help prevent its further spread.

By following these proactive measures and staying informed about the risks associated with deepfake AI, individuals can better protect themselves and contribute to the collective effort to mitigate the negative impact of this technology on society.

Don’t forget to follow YNCUniversity on Instagram and Tik Tok for more Honest Money Talk tips and YNCU on Instagram, Facebook, and LinkedIn.

What You Need to Know About Travel Scams

What You Need to Know About Travel Scams

WHAT YOU NEED TO KNOW ABOUT TRAVEL SCAMS

Friday, March 8, 2024

Are you looking to get away from the long, cold, Canadian winter? Or maybe you are the adventurous type who wants to experience the different cultures from around the world. Without a doubt, this is a popular time of year to pack a suitcase and jet off to somewhere warm. Either way, you need to be aware and cautious while traveling the globe or even just traveling to a nearby city.  Scams targeting travelers and tourists are not uncommon. Being aware of common scams can help you avoid falling victim to them. Here are some travel and tourist scams to watch out for:

Fake Tickets & Tours

  • Scenario – Someone may approach you claiming to be a tour guide or ticket seller, offering you a great deal on tickets or tours.
  • Prevention – Purchase tickets and tours from reputable sources, such as official websites or authorized agents. Be cautious of deals that seem too good to be true.

Taxi Scams

  • Scenario – Unscrupulous taxi drivers may take longer routes to increase the fare, claim that their meter is broken, or insist on a fixed price that is much higher than the standard rate.
  • Prevention – Use reputable taxi services, agree on the fare before starting the journey, and ensure the meter is used (if applicable).

Pickpocketing & Distraction Techniques

  • Scenario – Thieves often work in crowded tourist areas, using various tactics to distract you while an accomplice steals your belongings.
  • Prevention – Stay vigilant in crowded places, secure your belongings, and be cautious of people creating distractions.

Fake Police Officers

  • ScenarioScammers may pose as police officers, asking to see your identification or accusing you of a fake crime to extort money.
  • Prevention – Ask for official documentation, and if in doubt offer to go to the nearest police station. Don’t hand over money on the spot.

ATM Skimming

  • Scenario – Criminals install skimming devices on ATMs to capture your card information and PIN.
  • Prevention – If possible, avoid using your card at all. If you must use an ATM, use ATMs in well-lit and secure areas, cover your PIN while entering it, and regularly monitor your bank statements for any unauthorized transactions. 

Overpriced Goods & Services

  • Scenario – Vendors may inflate prices for goods and services when they realize you’re a tourist.
  • Prevention – Do your research and have a good knowledge of typical prices for goods and services in the area and be prepared to haggle. Avoid establishments that seem overly pushy or dishonest.

Fake Wi-Fi Networks

  • Scenario – Cybercriminals may set up fake Wi-Fi networks in tourist areas to steal personal information from those who connect.
  • Prevention – If possible, avoid using ANY public Wi-Fi and if you must only use known, secure and reputable Wi-Fi networks, consider using a virtual private network (VPN), and avoid accessing sensitive information on public networks such as accessing online banking or shopping.

Closed Accommodation Scam

  • Scenario – Taxi drivers or locals may claim that your booked accommodation is closed or overbooked, and they may offer to take you to another, often more expensive option.
  • Prevention – Confirm the status of your accommodation directly with the hotel/hostel before accepting alternative accommodation.

These are just a small sample of the possible scams that any tourist can fall victim to. The best way to stay clear of these scams is to educate yourself – do some research on the area of the world you are traveling to and be diligent to safeguard yourself, your family, and your assets.

YNCU members, if you know, or think you have been a victim of internet scams, phishing or cyber-attacks or your banking information has been compromised, please contact our Service Excellence Centre at 1-800-413-YNCU (9628).

You can also contact the Canadian Anti-Fraud Call Center at 1-888-495-8501.

Phishing and Smishing

Phishing and Smishing

Phishing and Smishing

Think twice before you click, submit, pay, download, or reply! This type of phishing is not enjoyable.

Phishing describes fraudsters attempting to trick users into doing ‘the wrong thing’ – such as clicking a bad link that will download malware or direct them to a dodgy website.

Phishing can be conducted via text message, social media, or by phone, but the term ‘phishing’ is mainly used to describe attacks that arrive by email. Phishing emails can reach millions of users directly and hide amongst the huge number of benign emails that busy users receive. Attacks can install malware (such as ransomware), sabotage systems, or steal intellectual property and money. Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. You might get an unexpected email or text message that looks like it’s from a company you know or trust, like a bank, a credit card or utility company, or even an online payment website or app.

Smishing is a type of phishing scam where cyber criminals try to trick you by sending fraudulent SMS or text messages. They often pretend to be a real business (such as a bank or delivery company), a government department, or a person you know. During the COVID-19 pandemic, scammers have even pretended to be from assistance programs, like the Canada Emergency Response Benefit (CERB) and the Canada Recovery Benefit (CRB), to target vulnerable Canadians. Smishing messages will often try to get you to click on a link, which may contain malware or lead to a spoofed website. If you click on the link, cybercriminals can then steal your data, your money, or even your identity.

The message could be from a scammer who might:

  • Say they’ve noticed some suspicious activity or log-in attempts — they haven’t.
  • Claim there’s a problem with your account or your payment information — there isn’t.
  • Say you need to confirm some personal or financial information — you don’t.
  • Include an invoice you don’t recognize — it’s fake. Want you to click on a link to make a payment — but the link has malware.
  • Say you’re eligible to register for a government refund — it’s a scam.
  • Offer a coupon for free stuff — it’s not real.

Most phishing/smishing attacks create a sense of urgency in the message and encourage you to respond right away. They may send threats, like claiming they’ll close your account, or offer a time-sensitive reward, such as a prize for a contest you didn’t enter. But no text is ever that urgent — take your time when evaluating a potential smishing message.

Many phishing/smishing messages appear to be from a trustworthy and reliable source, like your bank or another business you know. Always be cautious, even if you think you recognize the business that the message is from.

To protect yourself from Phishing and Smishing use the SHADY? approach:

SECRET – Always keep your personal information secret, especially over email. Check with the sender by contacting them through another medium, like telephone, to confirm that they did in fact send you that email/text.

HOVER OVER A LINK BEFORE CLICKING IT – Hovering over a link lets you see where it points. Never click a link to any financial website, type in the address each time.

ATTACHMENTS SHOULD NOT BE CLICKED – Do not click on attachments if you are not expecting them. Even documents may contain a virus that can do damage to your device, track keystrokes, and compromise your information.

DIFFICULT PASSWORDS – Complex passwords help prevent people from hacking your accounts. Passwords should be strong, difficult to guess, and different for each system.

YOU SHOULD ASK YOURSELF WHENEVER YOU GET AN EMAIL/MESSAGE: Was I expecting this? If not proceed with caution or delete immediately.

? QUESTION – Always question electronic messages, especially if it is making promises or threatening action.

YNCU members, if you know, or think you have been a victim of phishing or smishing and your banking information has been compromised, please contact our Service Excellence Centre at 1-800-413-YNCU (9628).

You can also contact the Canadian Anti-Fraud Call Center at 1-888-495-8501. Check out this video for more information on How The “SHADY?” Technique Can Help Prevent Phishing and Smishing

Are you under A.T.T.A.C.K?

Are you under A.T.T.A.C.K?

Are you under A.T.T.A.C.K?

Social manipulation, in the context of fraud, is the art of manipulating end users into providing personal or confidential information. Personal cyber-attacks come in many forms. Here are a few tips that can help you to spot them.

A – An Email

Phishing emails may look legitimate, but you should always question links, attachments, threads, or emails from someone unexpected.

T – Trick Websites

These are made to look like trusted websites but often have spelling or grammar errors or a slightly different URL. Farming the data from these trick websites allows criminals to gather personal details and record your keystrokes.

T -Text Messages

Social engineers will send you a text message about an urgent bill payment or some type of attractive offer. Also, beware of fake messages that appear to be from the government asking you to click a link to receive your rebate, return or payment. If you click these links on a mobile device message it could put your mobile phone at risk.

A – A Telephone Call

Fraudsters may call and say they are from Canada Revenue Agency, Canada Post or Microsoft, or maybe even your financial institution, and proceed to ask you to disclose personal information. Before going ahead with this, you need to ask yourself what valid reason would there be for you receiving the call and why would you provide those details if you didn’t initiate the call? If you still cannot determine the legitimacy of the caller, ask them to proceed via email because you cannot speak in depth at the moment.

C – Contest Winner

“Congratulations! You’ve won a big contest!” This message can come to you via email, text or phone. But did you even enter a contest? If not, it is more than likely an attempt by a fraudster to gather personal information from you. Do not fall for it!

K – Key Loggers

You’re browsing a familiar website and receive a pop-up of an offer that looks too good to be true! If you click the pop-up that social engineer may be trying to capture sensitive information.

When in doubt……..Hang up! Delete! Exit!

Social Engineering is on the rise. Watch for these signs of an attack and take these steps to protect yourself. Ask questions. Do not feel pressured into providing any information you may not be comfortable providing. Never share your ID, passwords, or any answers to your security questions. Use caution when entering sensitive information with websites that don’t begin with HTTPS or when something arrives that you were not expecting. Always remember to report anything suspicious.

YNCU members, if you know, or think you have been ATTACKED please contact our Service Excellence Centre at 1-800-413-YNCU (9628).

You can also contact the Canadian Anti-Fraud Call Center at 1-888-495-8501. Check out this video for more information on protecting yourself against a cyber-attack.

THE FOUR CORNERSTONES OF INTERNET SECURITY

THE FOUR CORNERSTONES OF INTERNET SECURITY

THE FOUR CORNERSTONES OF INTERNET SECURITY

Friday, December 1, 2023

While the internet offers incredible opportunities and convenience, it also comes with its fair share of security dangers. These four cornerstones of internet safety can help you keep your information secure online.

Secure passwords

Always use secure passwords and never reuse old passwords. If criminals obtain your username and passwords from one site, they will try the same information on other popular sites using the same credentials. Never share your PIN and never share your online banking details.

Always type website log in addresses manually or use a safe bookmark

Never follow an email link to a log in page. It may be a phishing email page tricking you into logging into spoofed login page. It may look real but it’s not.

Financial information should be shared on secured home Wi-Fi Only

Assume that everything you do over public Wi-Fi is being watched, especially on mobile devices. If you need to conduct online financial transactions in a public setting always turn off Wi-Fi and turn on Cellular Data. Always assume that public Wi-Fi networks could be recording your actions.

Enable and install all updates and patches

Patches are software and operating system updates that address security vulnerabilities within a program or product. Updates for your mobile device and computer remove vulnerabilities and keep your identity and passwords protected.

Navigating the internet safely requires constant vigilance, adopting security best practices and staying informed about emerging threats.

If you know, or think you have been a victim of internet scams, phishing or cyber-attacks or your banking information has been compromised, contact your financial institution immediately and report it to local authorities.

You can also contact the Canadian Anti-Fraud Call Center at 1-888-495-8501.

Ransomware: You’ve been hacked!!

Ransomware: You’ve been hacked!!

Ransomware: You’ve been hacked!!

What is Ransomware?

Ransomware is software designed to deny or restrict access to your device or files until you pay. The general rule is don’t pay the ransom! There is no guarantee you will get access back, and paying increases the likelihood that you will be targeted again.

This tactic has been around for years and is on the rise. Often Ransomware targets places where the most sensitive data is stored – computer, network files, cloud or other storage locations etc

So what does it look like and how do you know you’ve been hacked??

There are two basic types of Ransomware:

Locker ransomware – completely locks out the device. The victim will receive a pop up indicating that they were caught doing something illegal and you have to pay a fine to regain access.

Crypto ransomware – encrypts files to restrict access. These encryptions are almost impossible to break.

If you have been hacked, what do you do?

Shut down your computer, disconnect any external media (phones, tablets, external hard drives) and bring it in to an authorized support center.

You can restore your files – as long as you’ve taken the correct steps to prepare ahead of time!

– perform regular updates – you can set up auto updates to run in the evenings/during the day when you aren’t using your device.

R – require virus scan of external devices before using them

E – execute software only if its reputable

V – verify all emails/ texts etc before clicking links

E – external storage to back up!

– never be without malware protection software & keep it up to date

T – trust your instincts and do a little online research if something feels off – often other victims may provide useful info online

Some interesting statistics:

On average, only about 65% stolen data is returned after the ransom is paid.

Nearly 30% of targets had less than HALF of their data returned.

Less than 10% of victims get all of the files returned.

Approximately 80% of Ransomware targets that paid the ransom were targeted a second time!

In 68% of cases that paid, that second hit occurred within the first month after paying, for a higher ransom.

North America saw an increase in ransomware attacks of 180% in 2021.

If you have been targeted by Ransomware Please reach out out to your YNCU branch team so we can help to protect you.

We will always be here to assist you! 1-800-413-YNCU (9628)