said last week that it had opened an investigation into Clubhouse.

Clubhouse updated the app this month, addressing some of the privacy concerns. It did not immediately respond to a request for comment.

There are kinder ways than sharing your address book to find out whether your friends are using a new service — like asking them directly.

All security experts agreed on one rule of thumb: Trust no one.

When you receive an email from someone asking for your personal information, don’t click on any links and contact the sender to ask if the message is legitimate. Fraudsters can easily embed emails with malware and impersonate your bank, said Adam Kujawa, a director of the security firm Malwarebytes.

When in doubt, opt out of sharing data. Businesses and banks have experimented with fraud-detection technologies that listen to your voice to verify your identity. At some point, you may even interact with customer service representatives on video calls. The most sophisticated fraudsters could eventually use the media you post online to create a deepfake, or a computer-generated video or audio clip impersonating you, Mr. Balasubramaniyan said.

While this could sound alarmist because deepfakes are not an immediate concern, a healthy dose of skepticism will help us survive the future.

“Think about all the different ways in which you’re leaving biometric identity in your online world,” he said.

View Source

Netflix Tests a Clampdown on Password Sharing

Want to watch “The Queen’s Gambit” or “Lupin”? If you’ve been borrowing a Netflix password from a family member or friend, you may now have to pay up.

Netflix has started testing a feature that could prod users who are borrowing a password from someone outside their household to buy a subscription.

The company said the feature was being tested with a limited number of users. It may signal a broader clampdown on the common practice of sharing passwords among relatives and friends to avoid paying for the popular streaming service.

“The test is designed to help ensure that people using Netflix accounts are authorized to do so,” the company said in a statement.

began to notice the feature recently when they logged onto a shared Netflix account and saw a message on their screen that read, “If you don’t live with the owner of this account, you need your own account to keep watching.”

To continue watching, these users were asked to either verify that it was their account by entering a code that was sent to them by text or email, or join with their own account to Netflix. They also had the option to complete the verification process later.

A basic Netflix subscription, which allows customers to watch on one screen at a time, costs $8.99 a month. Customers who pay more can watch on additional screens simultaneously.

Netflix declined to discuss its new feature, previously reported by The Streamable, an industry news site, in detail. But industry analysts said it might be part of an effort to enforce Netflix’s frequently overlooked terms of use, which state that its service and content “are for your personal and noncommercial use only and may not be shared with individuals beyond your household.”

The test also appears to be more of a nudge to buy a subscription than an iron-fisted crackdown. For example, someone who was borrowing a password from a friend or family member could ask for the verification code that had been sent by Netflix.

said in January that it had added 8.5 million customers in the fourth quarter, for a total of 203.6 million paying subscribers by the end of 2020. The company has about 66 million customers in the United States and anticipated adding six million total subscribers in the first three months of this year.

Netflix had earlier hinted that it was looking at ways to stop password sharing. Gregory K. Peters, the company’s chief product officer, said during a call to review the company’s earnings in October 2019 that Netflix was “looking at the situation.”

“We’ll see, again, those consumer-friendly ways to push on the edges of that,” Mr. Peters said, adding that the company had “no big plans to announce at this point.”

Professor Smith said the company clearly loses a significant amount of revenue through people using the service but not paying for it.

two-factor authentication that is used by many social media and banking apps — makes it harder for attackers to break in.

“I’m not sure it’s a huge benefit,” Professor Cranor said, “but there is some benefit.”

View Source