February 24, 2017

Hunted Recap Episode 7: Poking the Bear

Did you watch this week’s episode of Hunted, “Poking the Bear?”  In this episode, the Fortalice Solutions team, along with the Command Center Investigators and Ground Hunters made another capture (David and Emiley) by capitalizing on the cyber footprint of the fugitives’ circle of trust. Now, only three of the nine teams are still on the run -- English and Stephen, Aarif and Immad and Lee and Hilmar.

If this episode had you wondering how to protect the security of your personal information, don’t worry -- we have the Fortalice Fix. At Fortalice, we help companies and individuals protect the data that matters most.  Here are some tips based on what you saw on episode 7.

Posting to Online Ads

When you post something online, you are  likely leaving digital breadcrumbs behind.  Did you see Lee and Hilmar post a Craigslist ad for a used bike. They also included Ground Hunter, Griff’s cell phone number in the ad.  That taunt gave the Command Center the cyber intelligence what we were looking for.  

When a person posts an ad online,  their login has an IP address and email address associated with it. By reverse engineering the ad and working through our processes, we received the digital breadcrumbs we needed to know where the fugitives were when they posted that ad.

Here are some privacy tips to keep in mind when posting ads online:

  1. Use an email address specifically for that ad purpose.

  2. Use a VPN and proxy server to protect the transaction and hide your traffic.

  3. Never use your REAL cell or home number online. Instead, consider signing up for a Google voice number that will hide your number but ring your phone.

The Spy In Your Pocket - Your Smart Phones

In some cases, retail stores will ping your smartphone when you are in the store, especially if you connect to their free WiFi. They may combine that data with facial recognition information they capture via surveillance cameras -- and on your future visits, they’ll present you with special targeted offers the moment you walk into the store. You may appreciate having that tailored offer, but you may wonder if there is anything you could do to maintain your privacy.

Check out some of these privacy tips:

  • Don’t connect to free WiFi unless you need to.

  • When signing up for social media accounts, create a Google voice number that’s tied to your cell phone number -- and don’t tie your cell phone to the account.

  • Go into your privacy settings and turn “location” off for apps that don’t truly need to track your location.

  • Only download apps that you need, and make sure the source of the mobile app is reputable. Only turn on location tracking services when absolutely necessary.

  • Monitor data usage to see if the mobile device sends out data, even while you’re sleeping. This could be a sign that an app is broadcasting your location and other information.

  • Stay up-to-date on the latest operating system updates so you have the latest features for privacy.

Did you see us put a trace on Emiley’s contacts?  We found many of their cellphone numbers through exhaustive online searches of websites and social media.  

The Computer On Wheels - Your Car

Your car’s GPS and telematics system are digitally tracking your habits and whereabouts for your benefit. The tracking gives you more accurate directions and sometimes traffic and accident warnings. If your car crashes, the likelihood of emergency teams knowing about it and where you are also increase to your benefit.  

However, the convenience and safety of onboard tracking systems comes at the price of your personal privacy. Law enforcement and other government agencies want to use the same technology to track you. A question often asked is, “Do they need to obtain a warrant for that data?” Yes and no. Court cases are confused, and this issue will probably be up for debate as the technology changes and morphs.

A ground setting case happened in 2011, when the U.S. Supreme Court ruled in U.S. v. Jones that, in light of the Fourth Amendment, which protects U.S. citizens from unlawful search and seizure, GPS tracking was to be considered an official search.

In 2013, the Department of Justice argued that GPS tracking without a warrant is permissible under the “automobile exception,” which allows law enforcement to search your vehicle without a warrant. This was in response to a case where brothers were suspected of taking part in several robberies and the FBI put a GPS on their car to track their whereabouts to gather evidence.

At this point, there is not much you can do about this information being gathered about you but you can ask your car dealer these questions:

  • What information does the telematics on my car record?

  • If I trade in the car, how is the car’s data wiped so my personal data and information is not mixed with the new owners’ data?

  • Do you harvest the data from my car’s telematics to use for marketing purposes or to sell to companies such as car insurance companies?

  • What  is my individual right to privacy based on the data stored in the car’s computer systems?

Your Online Privacy Health Check

Building a full profile of what your online image looks like to others will help you manage your online persona. Check the digital trail that you’ve created on the Internet: Social media profiles, online journals, dating sites, Photo collections, and video sites, location-based sites (like Yelp reviews) and music sites.

Do these sites allow you to limit access (friends or friends of friends only)? Have you signed up using a fake name or alternate email address? Have your friends and family posted information about you or tagged you in photos?

What presence have you left for others to see? Blog posts, commentary on sites, preferences (publicly displayed likes, dislikes and comments), political blogs -- is there other information exposed to everyone?

Is there information revealed by search engines? Try some specialized searches such as photos and video, and  run searches on people search sites such as Spokeo.

What information is available on third-party databases, in newspapers and other media? Have you checked government agencies such as courts for records? What other sites could hold and display information about you, for example history or genealogy sites?

It's troubling. Any time a new service like this is introduced you have to think beyond what’s described in the press release. It’s important to remember that you can provide a service that is valuable and useful and still be violating people’s privacy.” Parker Higgins, of the Electronic Frontier Foundation.

I am the Deputy Commander of Intel and my team is made up of the best of the best cyber and intel investigators. This episode highlighted some of the fabulous brains and skills of the Lenny, Andy, Ryan and the Ground Hunters as well as the great research and analysis work by Ben, Myke, Charles, Landon, Aki, Connie, Zaira, and Steven.

What are your thoughts on Hunted? We would love to hear from you! Follow Fortalice on Facebook, Twitter and Instagram, and use #Hunted to let us know your thoughts!

Watch past episodes of Hunted!