Halloween is now just three days away. The prepared have already purchased the best costumes and the candy favorites coveted by trick or treaters. Americans have spent a lot of money getting ready — more than $9.1 billion in candy, costumes and Halloween decorations. According to recent reports, if you were to boycott Halloween for your entire life — keeping the porch light off and pretending not to be home when the kids come trick or treating and not spend the $168 annually most people put into it — by the age of 65, you would have added $12,000 to your savings account.
Halloween, of course, is the holiday dedicated to the fun side of fear: all the things that go bump in the night that aren’t real. But we couldn’t help but be inspired to examine some of the things bumping and thumping around in the dark of night in payments that are, in fact, real — and not fun at all.
No, we’re not talking about the persona associated with death. We’re talking about a botnet with a particularly menacing (yet appropriate for Halloween) name.
Around this time last year, large portions of the popular web went down at the hands of “Mirai,” a botnet that infected scores of routers and other wireless devices in order to launch a massive DDoS attack on a major internet infrastructure provider. The New York Times, Twitter and Netflix — to name but a few — were unreachable via their web addresses for several hours.
The “Reaper” botnet is Mirai on steroids.
At risk are a host of popular webcams and routers — and by popular we mean household names like Linksys, Netgear, and D-Link. Netgear, Linksys and D-Link have confirmed they are aware of the problem, recommending that consumers visit their support websites to make sure their software is up to date and protected against the latest threats.”
What makes Reaper stand out is that, unlike Mirai, it doesn’t just go after devices with weak or basically non-existent password protection. No, this botnet has automated basic hacking techniques that can spread it further. It has been compared by experts to the difference between entering unlocked doors and actively picking locks.
Researchers think the botnet is still in its early days of building its army of infected devices, and at this point it’s not even clear what the botnet is designed to do. Plus, although it has been detected, there is a chance it will never actually “do” anything. Reaper botnet would not be the first of its kind to fizzle before a cyberattack ever occurs.
While its gathering force is nonetheless a cause for concern, once it gets used for a specific purpose, it can be shut down.
“Having a big fat internet hate cannon is neat, and it’s hard to stop for a time, but it’s a bit of a one-trick pony, so people will just cut them off the internet eventually,” an independent security analyst told NBC News. “The way these exploits appear to work, a firmware upgrade should, in theory, fix the problem.”
“Should, in theory”?
Comforting words ... we hope that this is one of those times that theory actually plays out in fact.
The FOMOs Come for the Apple Fans
There are few fears worse than the fear of missing out — the concern that just around the bend, everyone else is doing something slightly cooler than you.
And, as of about 3:10a.m. EST this morning, the FOMOs came hard for the Apple fanboy and fangirl community as Apple’s new iPhone X quickly sold out.
It was, admittedly, not an entirely unexpected result, since at least a dozen different tech blogs dedicated column space to explaining how Apple fans could make sure they beat the back order during online ordering.
For many, however, it was all for naught, as Twitter exploded with the hue and cry of the wounded. Delivery times for the iPhone X stretched in the U.S. and around the world from Nov. 3, to two to three weeks from now, to four to five weeks, to (as of the writing of this story) Dec. 28.
Although Apple has in the past had similar issues, it’s easy to surmise the company squeezed supply a bit at the beginning of the sales cycle to really heat up demand as the buying season wore on.
Unfortunately, reports have been emerging that Apple might not be able to deliver the full crop of promised iPhone Xs expected, due to supply chain issues. Given that the phone is already sold out until the post-Christmas window, those reports are looking increasingly reliable.
Which means that this year, Apple fans will have to face the prospect that they will not be able to send their loved ones animated poop emojis singing “Jingle Bells” to celebrate the holiday season.
What If I Have an Evil Twin …
...and they are just ruining my credit?
Well, bad news: The odds of that are pretty good, ever since the Equifax hack. According to the October 2017 Global Fraud Index, a PYMNTS and Signifyd collaboration, account takeover has spiked 45 percent in Q2 2017 alone — a $3.3 billion cost to merchants — and that was before the data breach.
The fraudsters are just warming up, however.
Even when one steps back from the account takeover niche, the overall picture isn’t heartening.
Fraud increased 5.5 percent year over year (Q2 2016 to Q2 2017), and rates for fraud on transactions above $500 jumped 11.47 percent, which is 22 times the rate of fraud on transactions under $100.
While there had been some early signs that EMV had been taking a bit of a bite out of the problem at the physical point of sale — fraud levels actually declined between Q4 2015 and Q1 2106 following the mass implementation of EMV at the physical point of sale — it looks like fraudsters are starting to find their new online groove.
Fraud has been rising steadily and sharply over the last three quarters. Out of the nine industry segments covered by the Fraud Index, some $57.8 billion was lost.
In fact, the stats are such that it is probably past the point where one should fear they have an evil twin. At this point, as an American adult, you can pretty much assume you do.
Which means a lot of Americans are going to have to start actually checking their credit report frequently.
But, not quite the spookiest thing yet.
What if AI Doesn’t Like Me? (It’s Everywhere)
The great artificial intelligence (AI) race is on — both on the front end when it comes to consumer interactions with voice-activated AIs and chatbots of all flavors and on the back end, as it seems seven out of every 10 innovators these days are telling a compelling story about harnessing the software that “learns” and/or “thinks” and develops ever-better strategies by constantly analyzing its past “decisions.”
AI, we are told, is the door to a better future: better digital security, better supply chains, better commerce experiences and better driving experiences. And more productivity. There is almost nothing — save perhaps for sliced bread — that AI is not going to make better.
So long as it doesn’t kill us all first.
While that probably sounds a bit like the paranoid rantings of your uncle who won’t use TouchID because he’s pretty sure that is how the government is keeping tabs on people, this particular concern is not too far off from being a paraphrase of the distinctly not-technophobic Elon Musk.
Yes, that Elon Musk. The PayPal, Tesla, SpaceX, SolarCity, Hyperloop Elon Musk.
“AI is a fundamental risk to the existence of human civilization,” he warned at a meeting of the nation’s governors earlier this year. “I have access to the very most cutting-edge AI, and I think people should be really concerned about it.”
He also noted Google is creating “a fleet of artificial intelligence-enhanced robots capable of destroying mankind.”
But, you know, no biggie.
Musk does not want to see an end to AI, however; he just believes that AI and biometric technology should be more regulated. Which, given the fact that Musk is a staunch libertarian, and under normal circumstances finds government involvement scarier than the notion of trying to single-handedly terraform Mars — that is a rather surprising recommendation.
“I’m against overregulation, for sure,” Musk emphasized. “But, man, I think we’ve got to get on that with AI, pronto.”
Or, you know, build colonies on other planets — just in case the AI becomes sentient and angry at humanity before regulators do something useful.
Nope, probably nothing to be scared about at all.