Strangers pull you into the group, also send a red envelope?Be careful!Someone was cheated tens of thousands of yuan …
Source: CCTV Finance
Smartphone era, online social tentacles can be. \”La Group\” gradually became a lot of people’s network communication, usually, \”La Group\” is carried out between people known, but recently, Hunan, Shandong, Beijing and other places have successively \”La Group\” The situation of welfare, some users really grab the welfare in the group of strangers, but behind the \”welfare\” behind the trap.
The stranger \”La Group\” is behind the \”welfare\” is trap
In November this year, the Toyota police station in Xinning County, Hunan Province received alarm, and the reporter Xiao He is called a name. When a nail app, a stranger pulled into a \”welfare group\” and was deceived.
The victim is Xiao: I inexplicably in a staple group, did not receive any information he added to my friend or he invited me to enter the group. There is a person in that group in the red envelope, I have a look at it is true a red envelope.
Although it entered the group that did not know, the red envelope that can be grabbed is real, Xiao He asked in the group, what is the group, soon someone will reply.
The victim is: another person in the group said that you can do a brush order, he gives us a website, go to download a \”letter\” app, go to the mission, one day You can earn 100-300 yuan.
Xiao He downloaded the app in the nail group, after registration, soon someone found it up through the network, tell Xiao He, can use the recharge to enhance your level, The higher the level of the level, the higher the commission. So, what is 43,776 yuan, but did not expect the fourth recharge, and she found that this brush APP recommended in the staples has not been used normally.
Ms. Li, Shandong, also encountered the scam of Xiao He \”with the same paragraph\” in Hunan in November. The stranger pulled Ms. Li into the staple, then sent a red envelope, Ms. Li took a grabbed 3.99 yuan. Then, the red envelope of the red envelope will also have a lot of benefits, let everyone go back. Later, Ms. Li was also booted to download a so-called brush single app, which was recharged.
Ms. Li: I started to make a task according to his instructions. I have increased the balance of the account, I remember it is more than 1,000 yuan, but I can’t cash. I have a total of four times to the other part. Later, he said that the minimum task quota is more than 28,000 yuan, I started to feel unsatisfactory.
On the side, Ms. Li is really recharged. On the other side, it is unable to cash out of the empty account. After the recharge of 38,000 yuan, Ms. Li has suddenly realized the alarm. At present, the case is under further investigation.
Unauthorized social APP safe risk
can be used with network brushingThe psychology of lying, is not a new routine, but in recent cases, it reflects that criminals use social app to actively \”La Group\”, and victims are forced to be deceived. Liar Take the initiative to find the door, can be pulled into the group without the victim, such a social app, what kind of settings have been discounted, is it blocked by the criminals?
Reporter Search staples official website Afterwards, the description of the software is \”500 million users, 19 million organizations\” are all used by the smart mobile office platform. The reporter downloads the nail app and registered with the mobile phone number. In the \”staple\” app interface, the reporter saw \”\” The launch group chat \”function, the platform provides ordinary users with\” mobile phone number add \”\” Sweep \”and\” Sweep \”and\” Mobile Contact \”channels; in addition to this, the platform provides users with Due to the \”New Organization\” method.
In the \”Address Book\” menu below the staple app main interface, the reporter discovered the \”Create Enterprise / Organization / Team\” option, the reporter Randomly entered information, create a \”business organization\”, then \”Add Member\” option, the reporter is randomly entered on the two mobile phone numbers according to the platform recommended by the platform, and use the letter VV and CC to name the member, the page will The prompt group was created. And when the reporter clicked into the group, found that the two members just added were already in this group, and they did not need to solicit their consent.
No user confirmation, staple APP It provides a stranger to build a group, the function of the group, and what is the purpose of setting up? Is there any security vulnerability? The reporter tried to communicate with the nail app official, but the reporter dials its privacy announcement 2019 After the artificial customer service phone number, the prompt number was suspended.
The reporter also contacted the online customer service of the staple app in accordance with its privacy announcement, and contained the online customer service of the staple app over the network. The customer service reply, The staple app can be added to the mobile phone number, the purpose is to facilitate the addition between enterprises and employees. If the user does not accept this operation, you can choose to open the \”Team to add me to verify\” in user settings. [123
, in the further query of the reporter, the staple app allows the user to choose to open the \”team to add the functionality\” function, but the feature is closed by default. In this regard, the reporter nail Nail prisoners indicated that there was a security hazard in this setting. The other party did not give positive reply.
Expert Interpretation: Cannot sacrifice network security protection
reporter in the Apple system and Android system Download the staple app, find the \”Team Added I need to verify\” setting function to \”default shutdown\” under different operating systems, that is, once the user doesn’t know before using the staple app, open this featureIt is possible to encounter the situation of \”La Group\” by strangers. There are legal scholars that the network social platform should be the bottom line as the user information security, and it cannot sacrifice network security protection for the so-called \”convenient\”.
The reporter found when the network retrieval that some staples have been sent online, indicating that they have experienced the \”La Group\” by strangers. Xiao Chen, Sichuan Chengdu, was shortly pulled into a staple group, and she had alert after seeing someone released a single advertisement, and remind everyone in the staple group, you can mess up. It was kicked out.
Subsequently, she reflected by the online customer service to the staple app. When she asked the customer to be \”La Group\”, the other party sent a screenshot, saying that Xiao Chen can be in setting up. Open the \”Team to add my time you need to verify\”, so that the \”La Group\” is rejected. And when Xiao Chen is pleased, why didn’t this function not prompt in the app, and the default is closed? Nail APP Customer Required: \”Everyone has opened the function of this Lama needs to verify, which will seriously increase communication cost, so it is not directly opened by default.\”
In the privacy policy in the nail, the reporter also inquired such a description – \”For enterprise organization users use staples as online mobile office, communication and cooperative tools, have the right to be a representative enterprise organization Personal information handlers handle your personal information as an end user, including the commissioned nails to the administrator to open, manage, and use the staple service to implement online mobile office. \”
The default group manager can \”pull the group\” without the approval of the other party, if there is a problem with the \”Laun\” without the approval of the other party? There is legal scholar that this setting has a \”network security law\” and other laws and regulations.
In this year, the \”Civil Code\” is also clearly stipulated that any organization or individual may violate the privacy of others in spying, invading, leakage, disclosure; for reporters in \”staple\” APP personally experienced the mobile phone number of any stranger, and the \”La Group\” function can be \”La Group\” without the consent of the strange user, and there is legal scholar pointed out that the function setting of the app has been suspected, and it needs to be handled in time, avoiding more User interests are damaged.