Archive for the ‘Cyber Security’ Category

Service of What’s Mine is Not Yours

Thursday, August 24th, 2023

There have been countless news features about people breaking windows and display cases and wholesale robbing jewelry and handbags from high fashion stores as well as swooping items off drugstore shelves and goods from the ground floor of department stores.

Many of us have been impacted as well by cybertheft.

Some theft is subtler than what happens when thieves break into stores and smash display cases. Manufacturers of luxury goods and foods have long fought counterfeiters who charge a few hundred dollars for fake $5,000 handbags or palm off cheap versions of pricey cheese or wine as the real thing.

Is this “real” Parmesan?

The Parmesan cheese people in Italy have come up with a new way to fight the makers of fake parmesan by putting a chip in the skin of their wheels wrote Joanna Partridge in The Guardian. When I heard about the embedded microtransponders I thought of jars of pitted olives or cherries and how even with the pitted claim, I’m careful as it’s so easy to munch on a rogue pit and crack a tooth.

I don’t think we need to worry about swallowing or chomping into these teensy chips—she says that are about the size of a grain of salt inserted in the label—because neither I, nor most others, eats parmesan’s hard outer skin and certainly not the label.

Partridge reported that parmesan, which she noted was first made by Benedictine and Cistercian monks over 1,000 years ago, “is one of the most counterfeited cheeses in the world.”

She continued: “The cheese, which can trace its history back to the middle ages, gained the EU’s prized protected designation of origin (PDO) status in 1996. Under those rules parmigiano reggiano – the only kind which can be called parmesan within Europe – must be made in a small part of northern Italy, including in the provinces of Parma and Reggio Emilia.”

The extensive PDO list is fascinating. It ranges from brands I’ve never heard of such as Dons wine from Southern Denmark and Lapin Puikula, a potato from Lapland to Abondance, a cheese from Haute Savoie, and the better-known Champagne and Camembert de Normandie. 

The chip should help to confirm that stores, where PDO rules prevail***, are buying and paying for the right 88lb wheel of parm but I’m not sure how consumers will know whether the chunks they purchase are knockoffs or real. Partridge reported that “Last year, the PRC was successful in blocking the US food giant Kraft Heinz from registering the ‘Kraft parmesan cheese’ trademark in Ecuador, and hailed this as a notable victory, given that the EU’s PDO status is not recognised everywhere outside Europe.”

***The United States does not recognize it. Should it? Do you wonder, when paying a lot or a little for well-known products, such as parmesan, that you may not be buying the real thing?

Do you think that the chip will help discourage faux parmesan sellers in the EU and UK and effectively protect the brand? Have you seen other ways luxury brands protect their goods? Can you think of more effective steps food and wine producers and manufacturers can take?

Coach on Fifth Avenue, Manhattan
Ferragamo on Fifth Avenue, Manhattan
5 Comments »

Service of a Fresh Crop of Spam & Cyber Threats

Thursday, April 28th, 2022

It’s spring and with it comes a fresh crop of SPAM texts and emails–some annuals, others perennials–most of which contain links to potential cyber threats, bank and credit card invasions. We’ve come a long way from the days of “your friend has been robbed during a trip to Europe and has no money so please send some ASAP.”

So to begin: Did you know that my account was closed? What account, you ask? Good question. The email doesn’t say.

Citi wannabes text me frequently telling me that they’d limited my account due to “unusual activity.” That would be troubling except I don’t maintain an account at that bank, the action as described makes little sense and the sender is clearly a hoax [photo above].

I’m regularly asked to review my resume which I’d not sent anyone to edit.

A subject line in a recurring email is in response to my job application. Since I opened my agency 26 years ago I’ve not applied for a job. But so many have so what a nasty trick to get some to open an email.

Friends report getting the same announcement from the Geek Squad thanking for renewing a contract with them and saying they’ve charged my bank account $347. I get this periodically. Even though I count on a miracle-working IT man to sort out my computer woes, the first time I saw it I checked to confirm that my bank account was intact.

A relatively new unsolicited email sends me my payroll review. I’ve never subscribed to such a service so that’s another easy one to skip, [photo below].

Have you noticed an uptick in attempts to trip you up, pry into your private information or seen any new and clever scams?

13 Comments »

Service of Fingers Crossed: When to Believe Thieves

Thursday, September 10th, 2020

When you comply to a ransom demand you’re not in the driver’s seat. You must hope that the thieves are honorable. If you watch “Law and Order” or its offshoots,  you’re familiar with the concept even if you’ve not yourself been plagued by such a horrifying theft.

The cyberthieves Sarah Cascone wrote about on artnet.com hadn’t absconded with a relative. Her article was: “Hackers Have Stolen Private Information From Donor Lists to 200 Institutions, Including the Smithsonian and the UK’s National Trust.” The subhead was: “The Parrish Art Museum and the Corning Museum of Glass were also hit by ransomware.” In addition to museums, data from hospitals, 16 US universities and 33 UK charities was lifted.

According to Cascone, the attack on Blackbaud–“a third-party cloud software company”–happened in May. Blackbaud told its clients a month later. They said that “the compromised data was limited to demographic information such as names, addresses, phone numbers, and donation summaries, and did not include credit card information, bank account information, or social security numbers.” We hope.

Cascone reported that the Corning Museum said it doesn’t “keep credit cards, bank accounts, or social security numbers in the system hosted by Blackbaud.” One wonders where do they keep it and is it safe?

Blackbaud said it paid the cybercriminals and confirmed that they had destroyed what they’d stolen, according to Cascone. They paid in Bitcoin. “’What I find unsettling about Blackbaud’s situation is that they just took the hackers at their word that the stolen data was destroyed. In my experience, hackers almost always leave behind hard-to-find malware so that they can still access the system,’ said Wood.” Tyler Cohen Wood is a cyber-security consultant and the former cyber deputy chief of the Defense Intelligence Agency.

Cascone continued: “She advises that museums employing third-party providers familiarize themselves with the company’s procedures for handling ransomware attacks and to have secure data backups, even if that means paying extra.”

If you were notified by an organization that such a breach had occurred, would you get a new credit card or bank account number even if you were told the cybercriminals had no access to–or had destroyed–that information? Have you ever asked an organization to which you donate money how they protect your financial and personal information? Is cash the only secure way to donate?

10 Comments »
Get This Blog Emailed to You:
Enter your Email


Preview | Powered by FeedBlitz

Clicky Web Analytics