A new squid species—of the Gonatidae family—was discovered. The video shows her holding a brood of very large eggs.
Research paper.
A new squid species—of the Gonatidae family—was discovered. The video shows her holding a brood of very large eggs.
Research paper.
With a record-breaking number of Americans set to travel over the July 4th holiday, most of them by car, scammers have adjusted their plans accordingly. New research reveals the top 10 U.S. destinations where scammers plant the bulk of their online travel scams.
Our McAfee Labs team kicked off this research by analyzing TripAdvisor’s Popular Domestic Destinations for US Travelers and Fastest Growing Domestic Destinations for US Travelers lists. From there, they identified the locales that generated the highest volume of risky search results.
For people researching and booking travel online, those results could lead to all manner of sketchy sites. Some host malware, others steal personal info, and yet more lead to phony booking sites that take their money and leave them with nowhere to stay.
Paired with that research, we also polled 1,000 Americans on their travel plans, including how they’re researching and booking online and the travel scams they’ve encountered over the years.
Together, they offer a view of what travel scams look like today — and insights into how you can avoid them.
Of the Americans we surveyed, 85% said they’ll travel this year. Within that mix, you’ll find both splurging and bargain-hunting as travelers do their planning and booking online.
As far as splurging goes, 65% said they’ll spend more on wining and dining, 53% on experiences like tours and sightseeing, and 48% on shopping for themselves and others.
Not so surprisingly on the bargain-hunting side, people said they’re looking for the cheapest airfare (48%), cheapest accommodations (46%), and deals on activities and excursions (34%).
To plan their travels, many Americans said they’ve turned to AI. Or that they would at least consider it.
When asked, “Have you or would you use an Artificial Intelligence (AI) tool like WhereTo, ChatGPT, or Vaca Chatbot to help you plan your next vacation?” we uncovered the following:
34% of Americans overall said they have or would use AI to help plan a vacation.
Men were more likely to say yes than women — 39% versus 29%.
Of all age groups, people aged 30 to 39 were the most likely to say yes, at 44%.
Of the age groups least likely to use an AI planner, only 28% of people over 50 said yes.
Overall, online resources lead the way when it comes time to plan and book travel. More than half of Americans say they use online reviews as a primary resource, with online travel sites close behind at just under half.
Still, traditional sources of travel research remain popular. Recommendations from family and friends weighed in at 40%, with another 36% saying they flip through travel books and guides.
As far as Americans’ concerns about travel scams, those remain high. Nearly four out of five people (79%) said they research and pay attention to travel scams as part of their planning. Which is wise, as many people said they’ve gotten burned by one.
When asked if they’d ever fallen for a scam while booking travel, 28% said yes. The top three booking scams they reported include:
Providing their credit or bank card details on a fake site, which a scammer then used to make fraudulent payments (15%).
Clicking on a link from an unknown source that was a scam or malicious (10%).
Encountering manipulated photos of their holiday destination (8%).
Yet another 28% said they’d fallen prey to a scam while traveling. The top three scams for those Americans included:
Paying a deposit on accommodations that turned out not to exist or which had no record of their registration — 13%
Paying for an event or excursion where the provider never showed up — 10%.
Putting money down on an excursion, which turned out completely unlike what was marketed — 9%.
How’d all these scams add up? In all, we found that 32% of victims said they lost between $501–1000 in a single scam. Another 24% of victims said they lost more than $1,000. Only a relatively small percentage of people – just 15% — said they lost nothing, a figure that shows just how successful travel scams can be.
This falls in line with reports from the Federal Trade Commission (FTC). As published in their 2023 Data Book, more than 55,000 Americans reported a travel scam with a median loss of nearly $1,200 per case.[i] As always with FTC statistics, this only includes reported cases of fraud. The number of actual scams more than likely climbs higher than that.
And now, our list.
Once again, these destinations return the highest volume of potential scam results in search. As always, booking any travel online calls for care (and we’ll cover that next). Yet when it comes to researching and booking travel in the U.S., scammers appear to favor the following destinations the most:
Fort Myers Beach, Florida
Sandusky, Ohio
Pocono Manor, Pennsylvania
Waimea, Hawaii
Chicago, Illinois
Mackinac Island, Michigan
Honolulu, Hawaii
Ocean City, Maryland
Yellowstone National Park, Wyoming
College Station, Texas
Our recommendations for U.S. travel fall in line with the ones we offered earlier this year when we shared the results of the top ten riskiest international destinations. Our list begins with a cornerstone piece of advice: Trust a trusted platform.
That’s your best place to start. Book your vacation rental through a reputable outlet. Vacation rental platforms like Airbnb and VRBO have policies and processes in place that protect travelers from scammers. The same goes for booking other travel needs above and beyond renting. Travel platforms such as Expedia, Priceline, Orbitz, and others also have protections in place.
From there, you have several other ways you can avoid booking scams…
Look for signs of rental scams.
Do a reverse image search on the photos used in the property’s listing and see what comes up. It might be a piece of stock photography designed to trick you into thinking it was taken at an actual property for rent. (Scammers sometimes highjack photos of actual properties not for rent too. Some now use AI-generated images as well.) Also, read the reviews for the property. Listings with no reviews are a red flag.
Only communicate and pay on the platform
The moment a host asks to communicate outside of the platform is another red flag. Scammers will try to lure you off the platform where they can request payment in forms that are difficult to recover or trace after you realize you’ve been scammed.
Moreover, paying for your rental outside the platform might also go against the terms of service, as in the case of Airbnb. Or, as with VRBO, paying outside the platform voids their “Book with Confidence Guarantee,” which offers you certain protections. Use the platform to pay and use a credit card when you do. In the U.S., the Fair Credit Billing Act allows you to dispute charges. Additionally, some credit cards offer their own anti-fraud protections that can help you dispute a billing.
Never pay with cryptocurrency, wire transfers, or gift cards
If someone asks you to pay for your trip one of these ways, it’s a scam. Travel scammers prefer these payment methods because they’re exceptionally tough to track. Once that money gets sent, it’s likewise exceptionally tough to get back.
Keep an eye out for phishing attacks
Scammers use phishing emails and messages to trick travelers into revealing sensitive info or downloading malware onto their devices. As you book, look for unsolicited messages claiming to be from airlines, hotels, or financial institutions. Particularly if they ask for personal info or prompt you to click on suspicious links. When in question, contact the sender directly using official contact info from their official website.
Also, look into McAfee Scam Protection, included with our McAfee+ plans. It blocks links to scam sites that crop up in emails, messages, and texts. AI technology automatically scans the links and alerts you if it might send you to a scam site.
Let your bank and credit card companies know you’re traveling
Give your bank and credit card companies a call before you head out. They have anti-fraud measures in place that look for unusual activity, such as when your card is used in a location other than somewhere relatively near your home. This can trigger a freeze, which can put you in a lurch if you’re looking to withdraw cash or make a payment. Contacting your bank and credit card companies before you travel can help prevent this.
Have an easy way to keep tabs on your accounts and credit
Fraud can happen at any time, even when you’re out of town. A couple of things can help you nip it quickly before it takes a big bite out of your credit card or bank accounts. Transaction monitoring notifies you of any questionable activity in your credit cards or bank accounts. It can further alert you to any other questionable activity in your 401(k) plans, investments, and loans.
So say that your debit card info got skimmed in a sketchy ATM or point-of-sale machine — you’ll get an alert if thieves try to make a purchase with it. From there, you can contact your bank and take the extra step of putting a security freeze in place to prevent further fraud. You can security freeze and transaction monitoring features in our McAfee+ plans as well.
Protect your identity
Before you hop on a plane, train, or automobile, consider investing in identity protection. This way, you can head off any issues that might crop up when you should be enjoying yourself. For example, imagine losing your wallet. Immediately, a dark cloud of “what ifs” rolls in. What if someone’s running up charges on your cards? What if someone used your ID or insurance cards to impersonate you online? Not a great feeling any time, especially on vacation.
With identity theft coverage and restoration in place, you can recoup your losses and restore your identity if a thief damaged it in any way. Ours provides up to $2 million in coverage, along with lost wallet protection that cancels and replaces lost cards with little effort from you.
[i] https://www.ftc.gov/system/files/ftc_gov/pdf/CSN-Annual-Data-Book-2023.pdf
The post The Top 10 Online Booking Scam Hotspots in the U.S. Revealed appeared first on McAfee Blog.
USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of
a regression in netplan which caused systemctl enable to fail on systems where
systemd is not running. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Andreas Hasenack discovered that netplan incorrectly handled the permissions
for netdev files containing wireguard configuration. An attacker could use
this to obtain wireguard secret keys.
It was discovered that netplan configuration could be manipulated into injecting
arbitrary commands while setting up network interfaces. An attacker could
use this to execute arbitrary commands or escalate privileges.
More of Microsoft’s clients are being warned that emails they exchanged with the company were accessed by Russian hackers who broke into its systems and spied on staff inboxes.
Read more in my article on the Hot for Security blog.
Car dealerships have been brought to a standstill across the United States after a software provider was hit by a ransomware attack.
The attack, believed to be by the BlackSuit ransomware gang, forced CDK Global, makers of a platform widely used by car dealerships to conduct their everyday business, to down its IT systems and data centers.
Read more in my article on the Exponential-e blog.
It’s been almost two years since OpenAI launched ChatGPT, driving increased mainstream awareness of and access to Generative AI tools. In that time, new tools and solutions seem to be launching daily. There is also a growing trend of building bigger models that consume larger quantities of training data, often with mixed results ranging from hallucinations or categorically incorrect facts to the regurgitation of opinions as universal truth, proving the old adage that sometimes “less is more”.
So, if using more data doesn’t translate into better results… what does? It comes down to another tried and true saying – “quality over quantity.”
At McAfee, we maniacally focus on data quality. A well-developed Generative AI model is nothing without high-quality, curated datasets to fuel them. When the quantity of data is prioritized over quality, the results are often disappointing.
How do we produce quality data? Using millions of worldwide sensors, our AI engineers and AI data specialists focus on clues that point to threats. But that’s just the first step. Our teams then curate the data to improve the quality and maximize data diversity, reducing sources of bias, cross-pollinating data sources, and enriching and standardizing samples, just to name a few of the dozens of operations conducted to ensure we’re building datasets of the highest and purest quality.
All of this translates into the most comprehensive and robust AI-based protection for our customers: more than 1.5M threat detections per week across malware, scams, phishing, smashing, and more than half a billion web categorizations to help ensure a safe digital journey while browsing the Internet.
As the capabilities of AI tools increase, so does the conversation around how technology removes humans from the equation. The reality is that humans are still an integral part of the process and key to any successful Generative AI strategy. AI is only as good as the data it’s trained on, and in McAfee’s case, the guidance provided by cybersecurity experts. Thus, Cybersecurity AI specialists curating data is crucial to the development of all of our AI systems as it mitigates potential sources of error, resulting in accurate and trusted AI solutions, and allowing us to scale and share human expertise to better protect millions of customers worldwide.
Tackling cyber threats is a tall order that comes with intrinsic challenges. For example, modern scams are more subtle and less obvious even to experts, and quite often it is just the implicit intent that sets it apart from genuine (non-scam) content. Being context-aware can help navigate this landscape to more effectively detect and stop threats before they reach customers. What is more, we believe transparency and education are paramount for building a safer digital world. This is why we also invest in building explainable AI that helps users understand why a threat has been flagged and provides clues they can use to identify future threats.
The GenAI journey has only just begun. There is still a lot of work to do and a lot to look forward to as this technology continues to evolve. While it’s easy, as developers, to get caught up in the excitement, it’s also important to identify and focus on an ultimate goal and the responsible and safe steps to get there. At McAfee, we pledge to protect our customers, and we believe in the synergistic interaction between AI and Human Threat Intelligence. Together, we can deliver a trusted, world-class AI protection experience.
The post Quality Over Quantity: the Counter-Intuitive GenAI Key appeared first on McAfee Blog.
USN-6844-1 fixed vulnerabilities in the CUPS package. The update
lead to the discovery of a regression in CUPS with regards to
how the cupsd daemon handles Listen configuration directive.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Rory McNamara discovered that when starting the cupsd server with a
Listen configuration item, the cupsd process fails to validate if
bind call passed. An attacker could possibly trick cupsd to perform
an arbitrary chmod of the provided argument, providing world-writable
access to the target.
Remote software provider TeamViewer has revealed it has been hit by a cyber-attack that it attributes to Russian state actor Midnight Blizzard
From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone
Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA).