Wednesday, July 22, 2020
Not Swimming With the Cyber -Sharks
Just when I thought it was safe to step back into the GEDmatch waters...
Truth be told, I had been rather ambivalent about what has happened at GEDmatch over the past couple years. On one hand, I am in awe of the power of DNA to reveal information we couldn't attain in any other way. I love figuring out the identity of the missing people in my pedigree chart, of course, but because I have a husband with a lifelong career in law enforcement, it made sense to me to see how others have harnessed that power for the greater good of the community—and yet, I somehow hesitated to greet such an option as that at GEDmatch, personally, with open arms. There's something about a blank-check approach that makes me turn wary.
And so...I didn't go back to my GEDmatch accounts for a long time. But then, there was this Falvey question...
Since my husband's new-found New Zealand cousin uses GEDmatch a lot, I decided I'd be a good team player and log in again. I checked out a few details on the one small chromosome segment these Falvey matches seem to have in common, just last week. And then, decided to go back and double check what I saw, yesterday.
Only...yesterday, the website was not open for business. Something had gone terribly wrong.
I suppose by now, you have already heard the news of the security breach at GEDmatch, and the subsequent security threats being rebuffed at MyHeritage. If you haven't, and you use either of those two entities for your genealogical research, inform yourself now. Whatever you do, be aware that there may be false websites or emails, trying to pass themselves off as MyHeritage communications—only, sporting a "q" where the correct spelling with a "g" should appear.
It seems there has lately been an avalanche of intrusions upon us from all sorts of technology-related bad actors. Perhaps hackers are getting tired of quarantines as much as we are—or at least are banking on the rest of us becoming careless in our pandemic listlessness. Everything from telephone scams to intrusive texts to phishing attempts show us that there are a lot of people out there intent on separating a person from his or her money. Our top priority right now seems to be to not be made that fool in the process.
A number of genealogy bloggers have already tackled that approach with great detail, in case you seek examples of what to look for and how to respond. Debbie Kennett, who spotted the unusual activity at GEDmatch early on, provides an updated timeline of the unusual event, almost as it unfolded, as well as sharing a screen cap of GEDmatch's post to their Facebook group, acknowledging the issue and their response (which wording has also been issued via email to GEDmatch subscribers). Likewise, a timeline-tracking eyewitness report from Leah Larkin. Roberta Estes, who also provided a report of the GEDmatch issue, followed up with instructions on what to do, especially for those who may also be associated with MyHeritage or who are receiving fraudulent emails associated with this breach.
Bottom line in this avalanche of cyber-attacks? Learn how to be an impeccable proof-reader. Don't let those letter changes trick your eyes. Watch for those tiny tells. Don't click through on anything which seems suspicious. When in doubt, contact the purported issuing company by other means, not by replying directly to the current, slightly-off, means of contacting you. And share the news with others you know who are using these sites. Sharing the information may be only a small step to take, but we strengthen each other when we insure that everyone is forewarned.