Accountability, Advertising and Data collection

Online Businesses Often Steal And Exploit Customer Data Collected During Cancelled Transactions

Joseph Steinberg

JANUARY 18, 2024

As I have warned for decades, just as they are in the physical world, “too good to be true” prices found online are often scams; one should be especially careful when dealing with retailers who advertise such prices but who are also previously unknown to the buyer.

Data collection

Data collection Retail Scams Artificial Intelligence

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Mobile

Mobile Wireless Advertising Telecommunications

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

The Last Watchdog

MAY 21, 2020

The idea was that by fingerprinting devices used to connect to the internet we could achieve better accountability. Fingerprinting is considered a necessary practice to fight challenges such as fake accounts and the misuse of internet services. At the same time, the profile that advertisers can create reveals a lot.

Advertising

Advertising Internet Internet Accountability

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

Drilling further into the data, 56% said they were “extremely concerned” or “very concerned” about the security of their personal information during this election season. Escaping this data collection regime has proven difficult for most people. The reasons could be obvious. Watch out for fake emails and text messages.

Scams

Scams Identity Theft Cybercrime Accountability

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

OCTOBER 31, 2022

Justice Department , FBI agents have identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) A selfie pulled from Mark Sokolovsky’s iCloud account. Working with investigators in Italy and The Netherlands, U.S.

Malware

Malware Identity Theft Cybercrime Accountability

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Security Affairs

NOVEMBER 26, 2019

Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. Pierluigi Paganini.

Accountability

Accountability Mobile Advertising Media

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. I knew I'd seen a metric about this sometime recently, so I went looking for "7,000", which perfectly illustrates how unaware we are of the extent of data collection on all of us.

Data breaches

Data breaches Passwords B2B Technology

Behavioral Analytics in Cybersecurity: Does It Work as Advertised?

eSecurity Planet

OCTOBER 11, 2022

In the world of cybersecurity, the path of least resistance has consistently been shown to be the human element, specifically user accounts with enough access privileges or credentials for the cybercriminal to execute their plan. Compromised employee account login information was also the costliest infection vector for enterprises.

Advertising

Advertising Cybersecurity DDOS Data breaches

Judging Facebook's Privacy Shift

Schneier on Security

MARCH 13, 2019

Increased transparency over advertiser and app accesses to user data. Today, Facebook users can download and view much of the data the company has about them. The company could be more transparent about what data it shares with advertisers and others and how it allows advertisers to select users they show ads to.

Advertising

Advertising Surveillance Engineering Encryption

NationalPublicData.com Hack Exposes a Nation’s Data

Krebs on Security

AUGUST 15, 2024

On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. “I was not the first one to get it.”

Hacking

Hacking Data breaches Identity Theft Accountability

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

AUGUST 26, 2020

Ngo’s businesses enabled an entire generation of cybercriminals to commit an estimated $1 billion worth of new account fraud , and to sully the credit histories of countless Americans in the process. info , a website that advertised the sale of individual consumer records. . ” Freshly released from the U.S.

Identity Theft

Identity Theft Computers and Electronics Hacking Accountability

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

JULY 27, 2020

These heads of state and captains of industry even coined a buzz phrase, “stakeholder capitalism,” to acknowledge the need to take into account the interests of the economically disadvantaged and politically powerless citizens of the world as they bull ahead with commercial and political uses of AI.“AI AI was prominent on their agenda.

Surveillance

Surveillance Government Accountability Artificial Intelligence

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. The database required no authentication.

Spyware

Spyware Mobile Advertising Software

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the press release published by the DoJ.

Accountability

Accountability Banking Advertising Data collection

Twitter inadvertently collected and shared iOS location data

Security Affairs

MAY 15, 2019

A new story of a violation of the user’s privacy made the lines, Twitter revealed that due to a bug is collected and shared iOS location data with a third-party advertising company, Fortunately, only one partner of the micro-blogging firm was involved and the data collection and sharing occurred in certain circumstances.

Advertising

Advertising Accountability Data collection Mobile

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

SecureWorld News

APRIL 29, 2024

Information collected by online trackers is often shared with an extensive network of marketers, advertisers, and data brokers. Once shared, advertisers have used this information to target ads at users for complimentary products (based on health data); this has happened multiple times in the past few years, including at GoodRx.

Data breaches

Data breaches Healthcare Identity Theft Advertising

TikTok's "secret operation" tracks you even if you don't use it

Malwarebytes

OCTOBER 4, 2022

Meta's near-omnipresence wherever you are online enabled it to gather data on users, even those who don't have Facebook accounts—thanks, in part, to the Facebook "Like" button, a piece of code embedded on most websites. Something similar happens to users who are either logged out of Facebook or don't have an account.

Data collection

Data collection Advertising Accountability Technology

Web tracking report: who monitored users’ online activities in 2023–2024 the most

SecureList

SEPTEMBER 24, 2024

This information allows businesses to personalize experiences, improve user engagement, target advertising more efficiently, and measure the performance of their online services. Google Display & Video 360 is a tool for managing advertising campaigns. This system had the largest share among the TOP 25 tracking systems in Asia.

Advertising

Advertising Technology Marketing Media

Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data

Security Affairs

SEPTEMBER 11, 2018

The security researcher that handle the Twitter account Privacy First first reported the alleged unethical behavior and published a video that shows how the app harvest users ‘data. “The data collected was explicitly identified to the customer in the data collection policy and is highlighted to the user during the install.

Adware

Adware Data collection Advertising Antivirus

Russian Twitter bot activity increased in the wake Mueller report release

Security Affairs

APRIL 22, 2019

The experts also observed a significant increase in the number of unique bots and trolls (+48%) from the previous day, a circumstance that suggests the involvement of an army of dormant Twitter bot accounts previously created. Data collected by SafeGuard confirm the intensification of the presence of Russian bots on Twitter.

Advertising

Advertising Media Data collection Accountability

XKCD forum data breach impacted 562,000 subscribers

Security Affairs

SEPTEMBER 3, 2019

The data breach impacted 562,000 subscribers, the forum has been taken offline after the incident. We’ve been alerted that portions of the PHPBB user table from our forums showed up in a leaked data collection.” New breach: XKCD had 562k accounts breached last month. SecurityAffairs – XKCD, data breach).

Data breaches

Data breaches Passwords Advertising Data collection

Delaware Personal Data Privacy Act (DPDPA)

Centraleyes

NOVEMBER 9, 2024

The Delaware Personal Data Privacy Act (DPDPA) is a state law created to protect the privacy of Delaware residents by regulating the collection, use, storage, and sharing of personal data by businesses. Who Must Comply With Delaware’s Privacy Act? These disclosures need to be accessible and easy to understand.

Data privacy

Data privacy Data collection Risk Accountability

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Krebs on Security

MAY 2, 2023

By 2008, the USPS job exam preppers had shifted to advertising their schemes mostly online. Plott said his company never refuses to issue a money-back request from a customer, because doing so would result in costly chargebacks for NextLevel (and presumably for the many credit card merchant accounts apparently set up by Mr. Mirza).

Marketing

Marketing Advertising Scams Telecommunications

FTC finds social media and video streaming services engaged in vast surveillance of consumers

Malwarebytes

SEPTEMBER 20, 2024

The conclusions seemed to upset the FTC, but we weren’t even mildly surprised: “The amount of data collected by large tech companies is simply staggering. Many of the responding companies relied on selling advertising services to other businesses based largely on using the personal information of their users.

Surveillance

Surveillance Media Data collection Advertising

Google to pay $40m for "deceptive and unfair" location tracking practices

Malwarebytes

MAY 23, 2023

Practices highlighted included “hard to find” location settings, misleading descriptions of location settings, and “repeated nudging” to enable location settings alongside incomplete disclosures of Google’s location data collection.

Advertising

Advertising Accountability Data collection Engineering

Microsoft AI “Recall” feature records everything, secures far less

Malwarebytes

MAY 22, 2024

On Monday, the computing giant unveiled a new line of PCs that integrate Artificial Intelligence (AI) technology to promise faster speeds, enhanced productivity, and a powerful data collection and search tool that screenshots a device’s activity—including password entry—every few seconds.

Artificial Intelligence

Artificial Intelligence Passwords Accountability Media

US senators ask FTC to investigate car makers’ privacy practices

Malwarebytes

JULY 29, 2024

At Malwarebytes, we reported how a team of researchers at Mozilla who reviewed the privacy and data collection policies of various product categories for several years now, named “Privacy Not Included,” found cars to be the worst product category they ever reviewed for privacy.

Insurance

Insurance Data collection Data breaches Manufacturing

Facebook sues data analytics firm Rankwave over alleged data misuse

Security Affairs

MAY 13, 2019

“Facebook was investigating Rankwave’s data practices in relation to its advertising and marketing services,” Facebook was investigating the advertising and marketing activities of the South Korean company and accused it of the lack of co-operation in demonstrating compliance with Facebook policies.

Advertising

Advertising Data collection Marketing Media

New streaming ad technology plays hide-and-seek with gamers

Malwarebytes

OCTOBER 27, 2022

A new form of digital advertising is looking to make its way to you courtesy of video gaming. Let’s take a look at how advertising has been used in an Amazon gaming title previously, and see how that could create a frosty reception for any new ad technology. The sliding doors of advertising banners. How does this work?

Technology

Technology Advertising Marketing Retail

Malicious ads for restricted messaging applications target Chinese users

Malwarebytes

JANUARY 25, 2024

The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead. While we don’t know the threat actor’s true intentions, data collection and spying may be one of their motives.

Malware

Malware Advertising Accountability Encryption

Protonmail hacked …. a very strange scam attempt

Security Affairs

NOVEMBER 17, 2018

link ) was posted on Pastebin , the hacker claims to have compromised user’s email and also accused ProtonMail of sending user’s decrypted data to American servers. AmFearLiathMor also wrote that ProtonMail hasn’t configured the mandatory Subresource Integrity ( SRI ) allowing tampering and data collection.

Scams

Scams Hacking Data collection Advertising

Who tracked internet users in 2021–2022

SecureList

NOVEMBER 25, 2022

Certain tech giants recently started adding tools to their ecosystems that are meant to improve the data collection transparency. This was right around the time when the search giant announced plans to rebrand the DoubleClick advertising platform and merge it with its advertising ecosystem.

Internet

Internet Internet Advertising Marketing

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

A flaw could have allowed hackers to take over any Instagram account in 10 minutes. Mysterious hackers steal data of over 70% of Bulgarians. Sprint revealed that hackers compromised some customer accounts via Samsung site. Poland and Lithuania fear that data collected via FaceApp could be misused.

Small Business

Small Business Media Spyware Advertising

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

percent of all the data collected, followed by TP-Link that accounted for 9.07%. Let me suggest to read to read the report , is full of interesting data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Passwords Malware Advertising

Online market for counterfeit goods in Russia has reached $1,5 billion

Security Affairs

OCTOBER 15, 2018

Scammers create fake websites of known brands, fraudulent promotional campaigns, and fake accounts on social media. In recent years, an often-used fraud method has been fake mobile applications: 36% of users are unable to distinguish between genuine and fake apps, and 60% of the latter request access to the user’s personal data. .

Marketing

Marketing Media Phishing Engineering

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Ransomware Spyware Banking

Google to Pay a record $391M fine for misleading users about the collection of location data

Security Affairs

NOVEMBER 15, 2022

“Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information. Location data represent the core of the digital advertising business of the IT giant. ” reads the DoJ’s press release.

Consumer Protection

Consumer Protection Accountability Data collection Advertising

It’s Google’s World. Your Business Is Just Living in It

Adam Levin

SEPTEMBER 27, 2019

” “We’re the #1 result,” Basecamp’s ad copy continued, “but this site lets companies advertise against us using our brand. percent of the online advertising market ) and pay to show up in search results. The copy: “We don’t want to run this ad.” So here we are.

Advertising

Advertising Marketing Data collection Accountability

MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone

The Last Watchdog

FEBRUARY 27, 2019

The tech titans have swelled into multi-billion dollar behemoths by myopically focusing on delivering targeted online advertising, in support of online retailing. Cybercriminals have begun escalating their efforts to bend the legitimate online advertising and retailing fulfillment ecosystem to their whims.

Retail

Retail Digital transformation Advertising Software

Microsoft illegally collected and retained children's data, says FTC

Malwarebytes

JUNE 6, 2023

Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from children’s Xbox accounts. Microsoft was holding on to that data even in situations where the account didn’t complete the registration process.

Advertising

Advertising Accountability Data collection Manufacturing

How to Secure Your Business Social Media Accounts

BH Consulting

AUGUST 31, 2023

Having policies and procedures to secure social media accounts and minimise the potential for incidents can help. billion people are on social media , and businesses have come to rely on these channels in their everyday operations as a form of advertising, recruiting and more. More than 4.7 Another risk is social media hacking.

Media

Media Accountability Passwords Authentication

Security experts disclosed Wyze data leak

Security Affairs

DECEMBER 29, 2019

According to Twelve Security , the exposed data includes: User name and email of those who purchased cameras and then connected them to their home 24% of the 2.4 According to Twelve Security , the exposed data includes: User name and email of those who purchased cameras and then connected them to their home 24% of the 2.4

IoT

IoT Accountability Advertising Wireless

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. In 2017, password-protected archives accounted for only 0.08% of all malicious objects. Links account for 29%, while attachments—for 71%. rar archive files. Dangerous email.

Ransomware

Ransomware Antivirus Malware Banking

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Security Affairs

JANUARY 2, 2023

Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information. According to the article, there are two settings responsible for the location data collection, the “Location History” and “Web & App Activity”.

Consumer Protection

Consumer Protection Surveillance Data collection Accountability

Online Businesses Often Steal And Exploit Customer Data Collected During Cancelled Transactions

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Trending Sources

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

Election season raises fears for nearly a third of people who worry their vote could be leaked

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Inside the DemandScience by Pure Incubation Data Breach

Behavioral Analytics in Cybersecurity: Does It Work as Advertised?

Judging Facebook's Privacy Shift

NationalPublicData.com Hack Exposes a Nation’s Data

Confessions of an ID Theft Kingpin, Part I

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Twitter inadvertently collected and shared iOS location data

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

TikTok's "secret operation" tracks you even if you don't use it

Web tracking report: who monitored users’ online activities in 2023–2024 the most

Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data

Russian Twitter bot activity increased in the wake Mueller report release

XKCD forum data breach impacted 562,000 subscribers

Delaware Personal Data Privacy Act (DPDPA)

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

FTC finds social media and video streaming services engaged in vast surveillance of consumers

Google to pay $40m for "deceptive and unfair" location tracking practices

Microsoft AI “Recall” feature records everything, secures far less

US senators ask FTC to investigate car makers’ privacy practices

Facebook sues data analytics firm Rankwave over alleged data misuse

New streaming ad technology plays hide-and-seek with gamers

Malicious ads for restricted messaging applications target Chinese users

Protonmail hacked …. a very strange scam attempt

Who tracked internet users in 2021–2022

Security Affairs newsletter Round 223 – News of the week

Evolution of threat landscape for IoT devices – H1 2018

Online market for counterfeit goods in Russia has reached $1,5 billion

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Google to Pay a record $391M fine for misleading users about the collection of location data

It’s Google’s World. Your Business Is Just Living in It

MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone

Microsoft illegally collected and retained children's data, says FTC

How to Secure Your Business Social Media Accounts

Security experts disclosed Wyze data leak

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Stay Connected