Current Events in August 2019

On the heels of a recent Wall Street Journal investigation which found that Amazon had more than 4,000 listings for items that had been declared unsafe by federal regulators, three U.S. senators are calling on Jeff Bezos to launch an internal investigation into the issue. 

“Unquestionably, Amazon is falling short of its commitment to keeping safe those consumers who use its massive platform,” wrote Sen. Richard Blumenthal (D-Conn.), Sen. Bob Menendez, (D-N.J.), and Sen. Ed Markey (D-Mass) in a letter to Amazon CEO Jeff Bezo.

“We call on you to immediately remove from the platform all the problematic products examined in the recent WSJ report; explain how you are going about this process; conduct a sweeping internal investigation of your enforcement and consumer safety policies; and institute changes that will continue to keep unsafe products off your platform.”

Senators want answers from Amazon

Last week, the Journal found that thousands of items listed on Amazon’s marketplace had either been “declared unsafe” or outright banned by federal agencies. About half of these items were toys or medications without proper risk warnings; at least 157 items were items Amazon had said it banned; and some items were even labeled as “Amazon’s choice.” 

Earlier this month, Menendez and Blumenthal sent a separate letter to Bezos asking for more information about the “Amazon’s Choice” program. Specifically, the senators wanted to find out if consumers are being duped into buying “products of inferior quality.” 

“We are concerned the badge is assigned in an arbitrary manner, or worse, based on fraudulent product reviews,” Menendez and Blumenthal said in the letter.

In their most recent letter, the two senators -- joined by Ed Markey -- asked Amazon to shed light on why its current safety protocols allowed numerous unsafe products to slip through the cracks and end up for sale on the site. Additionally, the senators want to know what Amazon plans to do to keep problematic listings from infiltrating the marketplace in the future.

Amazon says ‘safety is a top priority’

Following the WSJ report, Amazon quickly removed or changed the wording of more than half of the listings in question. 

“Safety is a top priority at Amazon,” an Amazon spokesperson said. “When a concern arises, we move quickly to protect customers and work directly with sellers, brands and government agencies.”

"Amazon offers customers hundreds of millions of items, and we have developed, and continuously refine and improve our tools that prevent suspicious, unsafe, or noncompliant products from being listed in our store," the company said in a blog post. 

In the post, the e-commerce giant didn’t mention anything about changing its existing safety policies to address the problem. The senators have given Bezos a deadline of September 29 to respond to their inquiries. 

Google has pulled an app called CamScanner from its Play store after finding that it had been injected with malware. 

The app, which creates PDFs, had been downloaded over 100 million times prior to being removed from the Google Play store. Researchers at security firm Kaspersky said in a blog post that the app had been "shipping with an advertising library containing a malicious module.” 

“Negative user reviews that have been left over the past month have indicated the presence of unwanted features,” the researchers said. 

CamScanner -- which is described by the security researchers as "a legitimate app with no malicious intentions” -- has blamed a third-party advertising company for injecting the Android app with malware in order to generate illegitimate clicks. 

The company said it plans to release an updated version of the app on the Google Play Store. The iOS version wasn’t affected. 

"Injection of any suspicious codes violates the CamScanner Security Policy," CamScanner said in a statement. "We will take immediate legal actions against Adhub! Fortunately, after rounds of security check, we have not found any evidence showing the module could cause any leak of document data."

Electric scooters, or e-scooters, have increased in popularity because they’re a fast and easy way for consumers to get around town at a reduced cost. But researchers have recently discovered how and why many riders are getting injured while using them. 

According to a new study, many riders are getting on e-scooters under the influence of drugs or alcohol, and typically without wearing helmets. That has ultimately led to a large number of accidents. 

“As the popularity of alternate modes of transportation continues to rise, eScooter related injuries are likely to increase as well,” the researchers wrote. 

Monitoring injuries

To understand the ins and outs of e-scooter-related injuries, the researchers analyzed patients who were admitted to major trauma centers due to these accidents over the course of one year. Just over one hundred people were injured in that time frame, the majority of whom were men between the ages of 20 and 40 years old. 

Most patients that entered the emergency room were tested for both drugs and alcohol, which turned out to be at the heart of many of these incidents. Over 50 percent tested positive for drugs, with over 30 percent having THC (a primary substance in marijuana) in their systems. Nearly 20 percent testing positive for methamphetamines. 

Alcohol was just as big a contributor to these accidents, as nearly half of all patients involved in the study had surpassed the legal alcohol limit at the time of their accidents. To make matters worse, safety precautions weren’t taken in nearly all of these incidents, as 98 percent of the patients were not wearing helmets at the time of their falls. 

While the small size of this study and its observational nature prevent the researchers from determining that drugs and alcohol lead to e-scooter accidents, these findings do highlight a trend occurring among riders and serve as a warning for anyone planning to hop on one of these vehicles during their next commute. 

Beware of head injuries

Earlier this year, researchers from Rutgers University found that head injuries related to electric scooters are increasing nationwide, primarily because helmets are hardly ever worn by riders. 

Laws surrounding helmet use are minimal for e-scooter riders, and researchers say that needs to change if injuries are going to decline.

“The United States should standardize electric scooter laws and license requirements should be considered to decrease the risky behaviors associated with motorized scooter use,” said researcher Amishav Bresler. 

Scammers who call their victims at random never know who they’re going to get on the other end of the line as they try to scare their victims into giving up money or personal information.

Sometimes it’s their misfortune to call a police officer. Recently, Police Captain Ann Stephens from Apex, North Carolina was in uniform and at her desk when a man claiming to be a police officer called her and threatened her with arrest for drug trafficking and money laundering.

Capt. Stephens decided the encounter provided a “teachable moment” and started recording the call, which was posted on Facebook and made available to various media outlets, including the syndicated TV show Inside Edition.

It’s an old scam

The scam is an old one and is designed to strike fear into the person receiving the call. The scammer takes a threatening tone and urges the victim to cooperate by either paying money or by revealing personal information.

In the case of Stephens, the scammer was after her personal information, which she was careful not to give even as she pretended to believe what the scammer was saying. As you’ll see in the video, she often had difficulty not bursting into laughter.

While the video is instructive, it may not be advisable for all consumers who get one of these calls to toy with someone who is clearly a criminal. A better course of action may be to simply hang up without saying a word and then call local law enforcement to report the incident.

Neither confirm nor deny

Anyone who chooses to engage with a scam caller should never confirm any information the scammer has or even reveal that it is wrong. Stephens’ video demonstrates, however, how you can safely deal with a scam call.

"These are scam calls," Stephens said. "Don't ever give out your information. Don't ever verify their information even if they have it."

If you have an elderly parent, especially one who lives alone, make sure they read this story and watch the video. It may save them from becoming a victim in the future.

The online service portals for hundreds of dental offices were hit with a ransomware attack earlier this week. The attack left many providers without a way to access patient data, x-rays, and schedules, CNN reports. 

PerCSoft and Digital Dental Record were targeted by the attack. The latter said the ransomware affected a “cloud management system” related to DDS Safe, a medical records retention and backup solution for dental offices.

"We worked feverishly with the software company to shut it down and remove the threat, but many of you were hit in the process prior to them removing it and locking down the system," Digital Dental Record said on Facebook.

ZDNet claims ransoms were requested by the attackers -- and paid by the companies -- to unlock the accounts. About 100 of the 400 systems affected by the attack have been restored since Monday, when the virus was first noticed. 

"Essentially the restorations are ongoing," Brenna Sadler, a spokeswoman for Digital Dental Record, told CNN. "It's a very difficult, lengthy, methodical process. So it's taking some time."

Officials noted that this was a virus attack not a data hack, meaning no client data was accessed or moved. Dental practices have simply been unable to access system data due to the infection. 

A published report claims the Federal Trade Commission (FTC) is investigating Juul, the manufacturer of a popular e-cigarette product, to determine whether it has aimed its marketing efforts at minors.

The Wall Street Journal reports the regulator’s wide-ranging investigation is also focused on the company’s past use of paid influencers to help promote the product.

The Journal quotes a company spokesman as saying Juul used paid influencers in a “small, short-lived pilot” program that ended last year. Juul says it paid influencers less than $10,000 to post positive reviews about the e-cigarettes.

Juul is also under investigation by the Food and Drug Administration (FDA). A year ago the FDA seized more than a thousand pages of documents from Juul during an unannounced inspection of the company’s headquarters in San Francisco.

Then-FDA Commissioner Scott Gottlieb called the growing use of e-cigarettes among teens an “epidemic” and said easy access to the products was only fueling the trend.

“E-cigs have become an almost ubiquitous ‒ and dangerous ‒ trend among teens," Gottlieb said last year. "The FDA won't tolerate a whole generation of young people becoming addicted to nicotine as a tradeoff for enabling adults to have unfettered access to these same products."

At the time, the FDA expressed concern that e-cigarette manufacturers, including Juul. were offering flavored products that appealed to teens. Since then, manufacturers have taken steps to discourage the use of their products by under-age consumers.

Smokers only

Juul has said that its products are for use by cigarette smokers to help them stop smoking. In an interview with CBS News Juul CEO Kevin Burns said people who don’t have a pre-existing  relationship with nicotine should not use his company’s products.

“Don't vape. Don't use Juul," Juul CEO Kevin Burns told the network. "Don't start using nicotine if you don't have a preexisting relationship with nicotine. Don't use the product. You're not our target consumer."

While Juul appears to be a favorite product of teens, the company says it never wanted to tap into that market. It recently introduced a bluetooth-enabled e-cigarette that requires consumers to submit a photo ID before the product can be used.

In spite of continued strong fuel demand, consumers hitting the road over the Labor Day weekend can expect to find the lowest gasoline prices in three years.

The AAA Fuel Gauge Survey shows the national average price of regular gas is $2.58 a gallon, two cents lower than last Friday. A year ago the price of gas averaged $2.83 a gallon. The average price of premium is $3.17 a gallon, two cents less than a week ago. The average price of diesel fuel is $2.93 a gallon, a penny less than last week.

Gasoline prices continue to benefit from lower oil prices, with concerns about a slowing global economy keeping crude prices low. The price of oil is around $57 a barrel, and though it’s up for the week, it’s expected to go lower in the weeks ahead.

With the U.S. economy still humming -- the latest reading on economic growth is 2 percent -- motorists haven’t cut back on their fuel purchases. The Energy Information Administration (EIA) reports gasoline demand last week nearly hit 10 million barrels a day, up sharply from the previous week. Supplies of gasoline fell by more than two million barrels.

“While demand chips away at supply, it’s not at a high enough rate to significantly impact gas prices,” AAA said in its latest market update. “In fact, the national average is cheaper week-over-week by three-cents.”

Most states saw small declines in the price of gasoline during the week. Arizona was an exception, as prices at the pump jumped by five cents a gallon within that state. 

The states with the most expensive regular gas

These states currently have the highest prices for regular gas, according to the AAA Fuel Gauge Survey:

• Hawaii ($3.66)

• California ($3.57)

• Washington ($3.20)

• Nevada ($3.12)

• Oregon ($3.04)

• Alaska ($3.01)

• Utah ($2.83)

• Idaho ($2.81)

• Arizona ($2.82)

• New York ($2.78)

The states with the cheapest regular gas

The survey found these states currently have the lowest prices for regular gas:

• Louisiana ($2.19)

• Mississippi ($2.20)

• South Carolina ($2.23)

• Alabama ($2.22)

• Arkansas ($2.26)

• Oklahoma ($2.29)

• Tennessee ($2.28)

• Texas ($2.30)

• Missouri ($2.39)

• Virginia ($2.32)

Mercedes-Benz USA (MBUSA) is recalling one model year 2019 S450.

The A, B, and C pillar covers may have been improperly installed, possibly affecting the deployment of the side curtain airbags and allowing the covers to detach in the event of a crash.

If a side curtain airbag does not deploy as intended, or the pillar covers detach during a crash, there is an increased risk of injury.

What to do

MBUSA will notify the owner, and a dealer will inspect the pillar covers, reinstalling them as necessary free of charge.

The recall is expected to begin October 8, 2019.

Owners may contact MBUSA customer service at (800) 367-6372.

New car shoppers who like to look for deals over the Labor Day weekend may have their work cut out for them. The deals may not be much better than they could have found last month.

Automotive publisher Edmunds reports that several trends are working against consumers this year. The average advertised discount on 2019 cars and trucks hit 6.4 percent in July, and buyers aren’t likely to do any better than that. And model-year closeouts don’t happen in September like they used to.

Edmunds analysts say manufacturers have pulled back on major advertising and incentives for the holiday weekend because they think it’s fine to have 2019s on the lot through the end of the year. They’ll hang onto those vehicles until it’s time to make last-minute end-of-the-year deals.

Labor Day isn’t what it used to be

In December 2014, just 24 percent of December sales were for 2014 models, while most of the rest were 2015s. Last December, 2018 models made up 44 percent of sales during the month.

"Automakers no longer have that 'everything must go' mentality that they used to when it comes to clearing out prior model year vehicles," said Ivan Drury, Edmunds' senior manager of insights. "Labor Day weekend historically served as a key moment in time for automakers to pile on the deals to clear out as much old inventory as possible and make room for the new, but we've seen a major shift over the last few years.”

A contributing reason for that is the recent spike in auto loan rates. That makes it more expensive for automakers to offer financing incentives.

“They’re simply not in the same rush," Drury said.

But shoppers may still find a deal

That doesn’t mean car shoppers should stay home this weekend. In fact, local deals might offer some very attractive deals if they happen to be overstocked in certain vehicles. But shoppers will need to do more careful research to find these deals.

"The fact is inventories are high and automakers are motivated to move these cars,” Drury said. “Shoppers just need to be a bit more strategic in their approach.”

Here are some tips for finding a deal this weekend:

• Check local dealer websites. You may find deals here that aren’t on TV or in the paper.

• When you're on a dealer’s website, be sure to check the inventory. If you see a lot of the same model car or truck, chances are the dealer will be more eager to make a sale.

• At the dealership, check to see how long a car has been on the lot. You may be able to do that by seeing when it was inspected. Another way is to check the sticker on the inside of the vehicle's door jamb. If a dealership has had a vehicle for more than two months, it’s more likely to make a deal.

Tesla is branching out into car insurance, insuring the cars that it produces and sells. 

The company says it will be able to offer “competitively priced” insurance because it knows its cars better than anyone else. It says Tesla owners will be able to insure their vehicles at 20 percent less cost of other insurance companies, and in some cases as much as 30 percent less.

The insurance coverage is being limited to California to start, but Tesla says it expects to expand to other states in the near future.

“Because Tesla knows its vehicles best, Tesla Insurance is able to leverage the advanced technology, safety, and serviceability of our cars to provide insurance at a lower cost,” the company said in its announcement. “This pricing reflects the benefits of Tesla's active safety and advanced driver assistance features that come standard on all new Tesla vehicles.”

Access to data

Tesla CEO Elon Musk first broached the subject of a Tesla insurance product earlier this year. He said that because Tesla has access to so much data on each car it sells, it can reduce the risk and sell insurance coverage for less.

The company may find quite a few takers for its product, especially if it can show that its rates will be much lower than traditional insurance companies. Tesla is one of the more expensive cars to insure, according to the Insurance Institute for Highway Safety (IIHS).

There’s no data to show that Tesla cars are involved in expensive accidents any more than any other brand, but they do seem to be involved in more claims than other cars.

Automotive News reported in 2017 that AAA Insurance was raising its rates for Tesla Models S and X, based on data showing the electric luxury cars have abnormally high claim frequencies. 

Because of the sophisticated electronics in the cars, Tesla has access to more data than the typical insurance company, which could put it in a better position to measure risk.

In a move intended to cut down on plastic waste, Marriott International has announced that it will no longer be stocking its rooms with travel-sized toiletries. 

The hotel chain said on Wednesday that tiny bottles of shampoo, conditioner, and bath gel will be replaced with larger, pump-topped bottles or wall-mounted dispensers. 

Marriott said it tested the swap in some of its North American locations last year. Now, the company says most of its 7,000 locations across the globe will see the change implemented by December 2020. 

With wider implementation, the chain expects to reduce its plastic disposal by 30 percent. Almost two million pounds of plastic will be diverted from landfills as a result of the change, according to Marriott.

"Our guests are looking to us to make changes that will create a meaningful difference for the environment while not sacrificing the quality service and experience they expect from our hotels," Marriott CEO Arne Sorenson said in a statement.

Others in the industry have also announced efforts to minimize their impact on the environment. Last month, IHG (which owns Holiday Inn) said it planned to eliminate tiny tubes of toiletries and replace them with larger-sized bottles. The Walt Disney Co. has also said it’s in the process of eliminating individual toiletries from its hotel rooms.  

Juul Labs, which has been accused of fueling the teen vaping epidemic through its marketing campaign, has announced a new POS age-verification system that it hopes will reduce youth use of its products. 

“Today, we are implementing a series of new measures to combat the serious problem of youth access, appeal, and use of vapor products,” Juul said in a statement.

Juul says it’s partnering with retailers to implement the Retail Access Control Standards program (or RACS) -- “the strictest age-verification system ever required for age-restricted products,” said CEO Kevin Burns.

Under the new set of guidelines: 

• ID scanning to verify age is required

• Bulk purchasing is blocked to prevent social sourcing 

• Clerks can’t override the system manually 

Retailers who sell Juul must implement the new system by May 2021. More than 50 chains (totaling about 40,000 stores) have pledged to make the switch so far, and more than half of those outlets say they will comply with the system before the end of this year. 

Taking steps to curb youth use

Juul’s new plan to prevent youth use of its products comes about a month after CEO Kevin Burns apologized to parents whose children are addicted to the company’s e-cigarettes. 

“First of all, I’d tell them that I’m sorry that their child’s using the product,” Burns said in a documentary called “Vaporized: America’s E-cigarette Addiction.” 

“It’s not intended for them. I hope there was nothing that we did that made it appealing to them. As a parent of a 16-year-old, I’m sorry for them, and I have empathy for them, in terms of what the challenges they’re going through,” Burns said. 

In the RACS release, Juul said it’s aware that youth vaping in the U.S. has become a “serious and urgent problem” over the past few years. “At JUUL Labs, we have no higher priority than combating youth use,” the company said. 

If you see a suspicious email that appears to be the Internal Revenue Service (IRS) over the next few weeks, leave it alone.

At a recent Security Summit, the IRS sent out another warning to both taxpayers and tax professionals about a new imposter scam unfolding across the U.S. That warning is nothing new --  the IRS does not send unsolicited emails and never emails taxpayers about the status of refunds. The warnings are nothing new; ConsumerAffairs sees similar IRS scams several times a year.

What to be on the lookout for

The subject line varies from email to email, but most are a variation of "Automatic Income Tax Reminder" or "Electronic Tax Return Reminder."

Inside the email are links that show a website link that “looks” like it could be IRS.gov. It usually contains verbiage that includes "temporary password" or "one-time password" to "access" files to submit a refund. But when a taxpayer clicks on one of those links, guess what? Say hello to a malicious file!

"The IRS does not send emails about your tax refund or sensitive financial information," said IRS Commissioner Chuck Rettig. "This latest scheme is yet another reminder that tax scams are a year-round business for thieves. We urge you to be on-guard at all times."

Once the posers get their malware inside a user’s computer, all bets are off. The cyber-phishers can take control of a person’s computer and clandestinely install software that tracks every keystroke, which then opens up a Pandora’s box of passwords to personally classified accounts, such as bank and investment accounts. 

Despite the agency’s perception of being the bogeyman, the IRS is doing everything it can to work with state tax agencies and the tax industry to fight the curse of stolen identity refund fraud. 

But consumers tend to get fretful when they see something that looks like communication from the IRS and, because of that, they often take the bait. The basic rule-of-thumb is this: the IRS doesn't initiate contact via email, text messages, or social media. Simple as that.

“The IRS also doesn't call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer,” the agency stated. “Generally, the IRS will first mail (via the post office) a bill to any taxpayer who owes taxes.”

Intermittent fasting has become popular among consumers as a way to maintain a healthy weight. Now, experts say a variation of the dieting plan could provide lasting health benefits. 

According to a new study, alternate-day fasting (ADF), which requires alternating between 12 hours of unlimited eating and 36 hours of no eating, has been found to be a safe way of dieting that can provide a number of health benefits.

“Strict ADF is one of the most extreme diet interventions, and it has not been sufficiently investigated with randomized controlled trials,” said researcher Frank Madeo. 

How ADF works

There were two trials involved in the researchers’ study: one in which 30 people who had been following ADF for six months were monitored to understand the long-term effects, and another involving 60 participants, half of whom followed ADF while the other half were given freedom over their diets. 

The participants followed ADF for four weeks, during which they recorded their fasting days in journals and had their glucose levels tested to ensure that they followed the restrictions properly. 

At the end of the four weeks, the researchers learned that ADF was successful in helping participants shed body fat while providing several other health benefits, including lower cholesterol levels and less belly fat. 

“We found that on average, during the 12 hours when they could eat normally, the participants in the ADF group compensated for some of the calories lost from the fasting, but not all,” said researcher Harald Sourij. “Overall, they reached a mean calorie restriction of about 35 percent and lost an average of 3.5 kg [7.7 lb] during four weeks of ADF.” 

The researchers also found that ADF was safe over the long-term, as those who had been following the diet for six months were found to be perfectly healthy, despite previous studies that found ADF could lead to health complications. 

Though this study yielded positive results, the researchers wouldn’t advocate for consumers to follow ADF for life. The team reminds consumers to always consult with medical professionals before undergoing a serious change to diet. 

“We feel that it is a good regime for some months for obese people to cut weight, or it might even be a useful clinical intervention in diseases driven by inflammation,” said Madeo. “However, further research is needed before it can be applied in daily practice.”

Imperva, one of the biggest firewall services providers in the industry, informed its customers on Tuesday that it suffered a data breach. 

The cybersecurity firm said it learned on August 20 that a third party improperly accessed the email addresses, hashed passwords, API keys, and SSL certificates of a “subset of customers” who had accounts through September 15, 2017.

“We want to be very clear that this data exposure is limited to our Cloud WAF (Web Application Firewall) product,” wrote Heli Erickson, director of analyst relations at Imperva. 

“While the situation remains under investigation, what we know today is that elements of our Incapsula customer database from 2017, including email addresses and hashed and salted passwords, and, for a subset of the Incapsula customers from 2017, API keys and customer-provided SSL certificates, were exposed.”

Potential data exposure

The breach could impact the security of customer data in several ways, according to Rich Mogull, founder and vice president of product at cloud security firm DisruptOps. 

“Attackers could whitelist themselves and begin attacking the site without the WAF’s protection,” Mogull told KrebsOnSecurity. “They could modify any of the security Incapsula security settings, and if they got [the target’s SSL] certificate, that can potentially expose traffic.” 

Acknowledging the irony in a security breach affecting a security service provider, Mogull added that “this is the kind of mistake that’s up there with their worst nightmare.”

Imperva said it has forced a reset of all passwords that haven’t been used for 90 days and is in the process of contacting impacted customers. The firm has urged all of its customers to update their passwords as a precaution. 

“We profoundly regret that this incident occurred and will continue to share updates going forward,” Imperva said in a statement. “In addition, we will share learnings and new best practices that may come from our investigation and enhanced security measures with the broader industry. Imperva will not let up on our efforts to provide the very best tools and services to keep our customers and their customers safe.”