Adding Security Cameras to Apps and Site

[Cbsteffen]

There come times when somebody phishes somebody else’s online account(s) or even starts an account and pretends to be somebody else. I want every mobile app and site to include a security camera so that whoever owns or starts an account can show a valid ID and that the site or app can make sure the account only reacts to whomever is supposed to use it. How do you suppose that will be possible?

[MichelleHW101]

Honestly, what is going on in my head is even that can be hacked.  Then a whole new set of security problems can occur.  What you are basically doing is telling every mobile app/site to go ahead and use your camera.  In the same way you tell every mobile site to have access to your location.  There is a big difference between being on a security camera while at a bank or mall than allowing every site you use to give them access to your phone just so they can know it is you.  This is why I do not use mobile banking.  But there are several ways to prevent phishing that does not involve giving away your phone.  First off is the obvious one.  Do not share your bank login with anyone, even if the person claims to be a bank employee.  Second, choose an email provider that offers two-factor authentication as well as spam, malware and phishing filters and will display an alert if something look suspicious.  Third, only use your login on the official bank app (ie. N26 app link), never download the application from somewhere else. If you’re an N26 customer, never use login informations on another domain than https://app.n26.com or https://my.n26.com.  Fourth Copy and paste URLs from emails and check them before visiting.  But particularly — don’t click on a link if you received an email that asks you to perform an action that you didn’t initiate (reset password, validate your account…)  Fifth, always check a link before clicking on it. Go over it to preview the URL, and look carefully for misspelling or other irregularities.  And here's a sixth, bank websites always make use of HTTPS on their websites. If you cannot see the green lock icon in the browser or see the “https” prefix before the site’s URL, \ it’s likely that the site isn’t secure. Here is how https://app.n26.com should appear in different browsers.  All safer and much better ways of protecting yourself than opening your phone to other websites.

[countrygirl12]

There come times when somebody phishes somebody else’s online account(s) or even starts an account and pretends to be somebody else. I want every mobile app and site to include a security camera so that whoever owns or starts an account can show a valid ID and that the site or app can make sure the account only reacts to whomever is supposed to use it. How do you suppose that will be possible?

I think that is completely foolish.  YOU cannot control me or anyone else who may have apps in the app store.  If you do not want to use the apps then don't.  As far as your bank accounts you set up security measures.  Most have the ability to set up a two step log in if you wish.  As far as sites like this no I do not need bio-metrics to make sure it is really me logging in to the account.

[countrygirl12]

Honestly, what is going on in my head is even that can be hacked.  Then a whole new set of security problems can occur.  What you are basically doing is telling every mobile app/site to go ahead and use your camera.  In the same way you tell every mobile site to have access to your location.  There is a big difference between being on a security camera while at a bank or mall than allowing every site you use to give them access to your phone just so they can know it is you.  This is why I do not use mobile banking.  But there are several ways to prevent phishing that does not involve giving away your phone.  First off is the obvious one.  Do not share your bank login with anyone, even if the person claims to be a bank employee.  Second, choose an email provider that offers two-factor authentication as well as spam, malware and phishing filters and will display an alert if something look suspicious.  Third, only use your login on the official bank app (ie. N26 app link), never download the application from somewhere else. If you’re an N26 customer, never use login informations on another domain than https://app.n26.com or https://my.n26.com.  Fourth Copy and paste URLs from emails and check them before visiting.  But particularly — don’t click on a link if you received an email that asks you to perform an action that you didn’t initiate (reset password, validate your account…)  Fifth, always check a link before clicking on it. Go over it to preview the URL, and look carefully for misspelling or other irregularities.  And here's a sixth, bank websites always make use of HTTPS on their websites. If you cannot see the green lock icon in the browser or see the “https” prefix before the site’s URL, \ it’s likely that the site isn’t secure. Here is how https://app.n26.com should appear in different browsers.  All safer and much better ways of protecting yourself than opening your phone to other websites.

You do not copy and paste a link sent to you in an email.  That is the same as just clicking on the link.  If you hover over the part of where the email came from it will show a pop up of where the email really came from.  Not where it says it came from. 

If you get an email from your bank asking you to confirm you password or change it then you should either call your bank OR go directly to your bank and log in and see if it prompts you to change the password.  If not you can either forward the email to your bank IT department or just delete it and ignore it.  That is what I do.  People get too upset about ignorant things you will never be able to change.

A lot of the phishing is whether thru email, anything online like facebook or whatever, or even phone calls - It is coming from somewhere like India and apparently our government cannot do much about it.  I don't know why because I guarantee if we done the same thing to people in their country they would do something about it.

[Cbsteffen]

No, no, no! I’m trying to say that people do what I just mentioned to trick others, and some people have a tendency to fall for those actions. I just want the Internet to protect anybody who has ever fallen for that behavior and prevent that from ever happening again.

[countrygirl12]

No, no, no! I’m trying to say that people do what I just mentioned to trick others, and some people have a tendency to fall for those actions. I just want the Internet to protect anybody who has ever fallen for that behavior and prevent that from ever happening again.

Oh, I think we misunderstood.  Scammers will do anything to try to get your info and do anything to get information about you.  I don't see that happening since anybody can start a website any time they want to.

I currently maintain a website for an organization.  I set up the site for them and maintain it.  They, we, can do whatever we want on the site.  Of course we don't have people's info unless they fill out the contact form and give it to us.  But my point is if you pay for the space you can do anything on a site and it is up to each person to use their head and not hand over personal info.

It is like the surveys we do.  I am careful about what info I give in a survey.  You really have no idea who is behind it and FC nor any of these other sites care who is behind it.  As long as they get paid.

[Cbsteffen]

No, no, no! I’m trying to say that people do what I just mentioned to trick others, and some people have a tendency to fall for those actions. I just want the Internet to protect anybody who has ever fallen for that behavior and prevent that from ever happening again.

Oh, I think we misunderstood.  Scammers will do anything to try to get your info and do anything to get information about you.  I don't see that happening since anybody can start a website any time they want to.

I currently maintain a website for an organization.  I set up the site for them and maintain it.  They, we, can do whatever we want on the site.  Of course we don't have people's info unless they fill out the contact form and give it to us.  But my point is if you pay for the space you can do anything on a site and it is up to each person to use their head and not hand over personal info.

It is like the surveys we do.  I am careful about what info I give in a survey.  You really have no idea who is behind it and FC nor any of these other sites care who is behind it.  As long as they get paid.

That basically sounds fair.

[countrygirl12]

No, no, no! I’m trying to say that people do what I just mentioned to trick others, and some people have a tendency to fall for those actions. I just want the Internet to protect anybody who has ever fallen for that behavior and prevent that from ever happening again.

Oh, I think we misunderstood.  Scammers will do anything to try to get your info and do anything to get information about you.  I don't see that happening since anybody can start a website any time they want to.

I currently maintain a website for an organization.  I set up the site for them and maintain it.  They, we, can do whatever we want on the site.  Of course we don't have people's info unless they fill out the contact form and give it to us.  But my point is if you pay for the space you can do anything on a site and it is up to each person to use their head and not hand over personal info.

It is like the surveys we do.  I am careful about what info I give in a survey.  You really have no idea who is behind it and FC nor any of these other sites care who is behind it.  As long as they get paid.

That basically sounds fair.

You have to be careful.  I received an email from someone I had an account with that said we understand you want to close your account.  blah blah blah  If you change your mind or did not ask to do this then click this link to re-instate your account.  Stupid me clicks the link.  I immediately receive another email saying to confirm you want to re-instate your account please respond to this email with your password. 

I went back and done what I have suggested to others to do and hovered over the FROM in the original email and realized the email did not come from who it said it did.  This shows WHO actually is sending the email not who they are masked as.  So I immediately go in and change the password to my account.  Block the email that came from.  Clear all cookies and run a scan on my computer.  And forwarded the email to the company the account is with.

I was scared and could not believe I fell for that.

I thought you meant in order for me to log in to any of my accounts that I would need to verify it is me with a picture of myself.  I am not interested in that.  Besides that there could be a time when you need a family member to log in to your accounts.  What if you are sick and in the hospital or something like that.  One of my credit cards to log in to my account I always have to verify it is me even though I have the user name and password with a code that is sent to my phone.  I find this annoying and unnecessary.  Just log me in.  If somebody else wants to pay my bill -- LET THEM.

[Cbsteffen]

No, no, no! I’m trying to say that people do what I just mentioned to trick others, and some people have a tendency to fall for those actions. I just want the Internet to protect anybody who has ever fallen for that behavior and prevent that from ever happening again.

Oh, I think we misunderstood.  Scammers will do anything to try to get your info and do anything to get information about you.  I don't see that happening since anybody can start a website any time they want to.

I currently maintain a website for an organization.  I set up the site for them and maintain it.  They, we, can do whatever we want on the site.  Of course we don't have people's info unless they fill out the contact form and give it to us.  But my point is if you pay for the space you can do anything on a site and it is up to each person to use their head and not hand over personal info.

It is like the surveys we do.  I am careful about what info I give in a survey.  You really have no idea who is behind it and FC nor any of these other sites care who is behind it.  As long as they get paid.

That basically sounds fair.

You have to be careful.  I received an email from someone I had an account with that said we understand you want to close your account.  blah blah blah  If you change your mind or did not ask to do this then click this link to re-instate your account.  Stupid me clicks the link.  I immediately receive another email saying to confirm you want to re-instate your account please respond to this email with your password. 

I went back and done what I have suggested to others to do and hovered over the FROM in the original email and realized the email did not come from who it said it did.  This shows WHO actually is sending the email not who they are masked as.  So I immediately go in and change the password to my account.  Block the email that came from.  Clear all cookies and run a scan on my computer.  And forwarded the email to the company the account is with.

I was scared and could not believe I fell for that.

I thought you meant in order for me to log in to any of my accounts that I would need to verify it is me with a picture of myself.  I am not interested in that.  Besides that there could be a time when you need a family member to log in to your accounts.  What if you are sick and in the hospital or something like that.  One of my credit cards to log in to my account I always have to verify it is me even though I have the user name and password with a code that is sent to my phone.  I find this annoying and unnecessary.  Just log me in.  If somebody else wants to pay my bill -- LET THEM.

Well, if anybody has to borrow something of yours, and you know that person, either he or she has to be able to verify consent, or you should have the right to let technology know that you are lending him or her that thing whenever applicable.