FBI - Oregon
Emergency Messages as of 12:58 pm, Mon. Nov. 30
No information currently posted.
Subscribe to receive FlashAlert messages from FBI - Oregon.
Primary email address for a new account:

  
And/or follow our FlashAlerts via Twitter

About FlashAlert on Twitter:

FlashAlert utilizes the free service Twitter to distribute emergency text messages. While you are welcome to register your cell phone text message address directly into the FlashAlert system, we recommend that you simply "follow" the FlashAlert account for FBI - Oregon by clicking on the link below and logging in to (or creating) your free Twitter account. Twitter sends messages out exceptionally fast thanks to arrangements they have made with the cell phone companies.

Click here to add FBI - Oregon to your Twitter account or create one.

@FBIPortland

Hide this Message


Manage my existing Subscription

News Releases
TT - photo sharing - GRAPHIC - November 24, 2020
TT - photo sharing - GRAPHIC - November 24, 2020
Oregon FBI Tech Tuesday: Building a Digital Defense When Using Photo Sharing Sites (Photo) - 11/24/20

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense when sharing photos online… a topic of particular interest as many of us host virtual Thanksgiving dinners in a few days.

Last week we talked about EXIF data that can be embedded in your photos. EXIF data can tell you (and others) exactly where you took the photo, with what kind of camera, what kinds of settings you used, and more. This week, we will talk about some other privacy concerns you should consider when posting your pics.

There are many photo sharing sites out there, including some big ones you have likely heard of such as Google Photos, Apple’s “Photos” app, and Flickr. Beyond those options, many of us also use social networking sites such as Facebook and Twitter to post and share pictures. No matter which app or platform you are using, they all have an array of different security settings and sharing options.

Some features on these sites are purposeful and even helpful. Face recognition, for instance, helps the system sort your photos, making them easier to find. However, depending on which product you are using, some features might provide more access than you are comfortable giving. It’s up to you to decide what limits you want to set. Here are some options:

  • Limit visibility of the photos to only your account.
  • Set your account to private or “friends only.” Remember that even if you restrict your data from public view, the service may still have access to your data and may share it with third parties.
  • Avoid posting or tagging images that clearly show your face. Consider only posting pictures from a distance, at an angle, or with you wearing sunglasses or other coverings.
  • Finally, remember that no matter how good you are at setting privacy restrictions on your own account, you need to make sure family members and friends who post pictures of you are taking similar precautions.

As you sit down to Thanksgiving dinner this week, remember to stay safe, both in person and online.

If you have been victimized by a cyber fraud, be sure to file a report at the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your FBI local office.  

###

TT - EXIF - GRAPHIC - November 17, 2020
TT - EXIF - GRAPHIC - November 17, 2020
Oregon FBI Tech Tuesday: Building a Digital Defense Against Dangers of EXIF Data (Photo) - 11/17/20

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense against the dangers of EXIF data. 

What is EXIF data? EXIF stands for Exchangeable Image File Format. It is basically the metadata attached to every digital photo you take. It will include information such as the camera model and settings you used, the date and time you took the picture, and even details about exactly where you took the picture. Photographers can use this data to help organize their photos, perform searches, or re-create the exact manner in which a picture was taken. 

If you care about your privacy, though, EXIF data can be a problem. Imagine sending a photo to someone you just met online or to someone who is trying to buy something from you through an online marketplace. Beyond that, some social networks and photo-sharing sites have features that share EXIF data alongside images. Others, including Facebook, do not share EXIF data but may utilize the information internally.  

Do you really want to post or share a photo that a bad actor can use to target exactly where you live or work? Where your kids go to school? Generally, no.  

Here are some simple rules to follow regarding EXIF data and your photos: 

  • Turn off your phone or camera’s geo-location feature before ever taking the picture. Note: devices in airplane mode can still capture geo-location information.  

  • Remove EXIF data before sharing images with people or posting them online, especially when images are captured in private homes or businesses. There are free apps that you can use to do this. 

  • Use an EXIF viewer to verify that you were successful stripping the personal data from the photos before sharing. 

  • Before uploading images, use available privacy settings to limit the audience to only your close friends and family. 

  • Minimize the use of apps that automatically upload and share captured images. 

  • Even without EXIF data, the image may contain identifying information, such as associated persons or location histories. Screen content with the assumption that anyone can see, copy, or forward photos that you post online. 

When uploading or sharing photos, remember that EXIF data and image quality have no correlation. Lower quality images still contain EXIF data. 

If you have been victimized by a cyber fraud, be sure to file a report at the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your FBI local office.

### 

TT -WiFi Dangers - GRAPHIC - November 10, 2020
TT -WiFi Dangers - GRAPHIC - November 10, 2020
Oregon FBI Tech Tuesday: Building a Digital Defense Against WiFi Dangers (Photo) - 11/10/20

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense against fraudulent WiFi’s. 

Last week we talked about the dangers of “juice jacking” – charging your phone using public USB charging stations that may be infected with malware. This week, we are going to talk about how to keep your phone free from the dangers of WiFi imposters. 

Whether you are on a trip and want to save some of your data allotment by connecting to a free WiFi, or you are at your favorite coffee shop and your phone connects automatically, there are serious security concerns about that free internet service you are using. Hackers can easily gain access to your device and steal sensitive information from your phone or from connected online accounts. 

Here are some steps you can take to minimize the risk: 

  • Check the validity of available WiFi hotspots. If more than one hotspot appears for that establishment, check with the staff to avoid connecting to an imposter hotspot. 

  • Make sure all websites you exchange information with have "https" at the beginning of the web address. If so, your transmitted data will likely be encrypted. 

  • Install an app add-on that forces your web browsers to use encryption when connecting to websites. 

  • Adjust your smartphone or computer’s settings so it does not automatically connect to nearby WiFi networks.  

  • If you use public WiFi hotspots on a regular basis, consider using a virtual private network, which will encrypt all transmissions between your device and the internet.  

  • When transmitting sensitive information, using your cellphone data plan instead of WiFi may be more secure. 

If you have been victimized by a cyber fraud, be sure to file a report at the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your FBI local office.

### 

TT - Juice Jacking - GRAPHIC - November 3, 2020
TT - Juice Jacking - GRAPHIC - November 3, 2020
Oregon FBI Tech Tuesday: Building a Digital Defense Against Juice Jacking (Photo) - 11/03/20

Welcome to the Oregon FBI’s Tech Tuesday segment.  This week: building a digital defense against juice jacking. 

It sounds like a health food kick – but it can be dangerous for you and your electronics. 

Even with the pandemic, some people must travel for work or personal reasons. After a long day on the road, you finally make it to your hotel and realize your cell phone is almost dead. You are happy to see that your home-away-from-home has modern conveniences like a USB charger in the nightstand or lamp. Ah, if it were only that safe and easy.  

Our friends at the FCC warn that you should avoid using public USB power charging stations in airports, hotels, and other locations because they may contain dangerous malware. USB connections were designed to work as both data and power transfer mediums, with no strict barrier between the two. As smartphones became more popular in the past decade, bad actors figured out they could abuse USB connections to hide and deliver secret data payloads that a user might think was only transferring electrical power. This is called “juice jacking.” 

There is also "video jacking", where a bad actor could record and mirror the screen of a device that was plugged in for a charge.  

Another potential problem: that free USB cable you got as a promotional item can also be risky. Microcontrollers and electronic parts have become so small these days that criminals can hide mini-computers and malware inside a USB cable itself.  

Here’s how to protect yourself: 

  • Avoid using a USB charging station. Use an AC power outlet instead. 

  • Bring AC, car chargers, and your own USB cables with you when travelling. 

  • Carry a portable charger or external battery, and only use your own, personal cables purchased from a trusted supplier. 

  • Consider carrying a charging-only cable, which prevents data from sending or receiving while charging. 

If you have been victimized by a cyber fraud, be sure to file a report at the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your FBI local office.

###