Blog

Archive for Fraud

Focus your email to protect your privacy and stay safe online.

Focus your email to protect your privacy and stay safe online.

If you are concerned about identify theft and other privacy/security concerns there is a simple email precaution you can take to protect yourself. How about – never give out your personal or business email to someone or business you don’t know?

Sounds like common sense, does it not – yet, we do it all the time! Every day we sign up for newsletters; give our email to a point of sale clerk; register for online dating; use it to get WiFi at the coffee shop or airport; register for coupons, daily deal sites and freely hand out our email address in many other situations where we don’t know the people or business. Don’t do it! Protect your privacy and stop identity theft.

Never give your personal or business email address to people or businesses you don’t know. Privacy invasions and identity theft, in most cases, start with an email address. Your personal or business email address is the key to the front door of your digital house.  Why would you ever share that key with every supplier you can think of and risk identity theft?

Little Known Fact About the Selling of Email Addresses.

Many companies have no problem selling email addresses while at the same time agreeing not to spam you. You unsubscribe from their mailing list but not from their selling list! Conclusion: Protect your privacy, don’t let your personal email get on their list in the first place

However easy it is to say, ‘never share your email with people and businesses you don’t know’, in reality we actually need to maintain a digital communications with many of these folks. Many of us simply create another email address, ‘our spam address’, in gmail, yahoo or hotmail.  We end up with another inbox that is full of spam and also contains lots of legitimate communication.

Dodoname – Privacy by Design.

Enter Dodoname, which was designed specifically for when you don’t want to use your regular email address and also want a way to start, manage and stop all these ‘other emails’.

Remember, stop identity theft, never give out your regular email address again to someone to don’t know – use a Dodoname.

Posted in: Anonymity, Data breach, Email, Fraud, Identity, Privacy, Uncategorized

Leave a Comment (0) →

The Right to Know When I Am Not Left Alone – Is Not Enough.

The Right to Know When I Am Not Left Alone – Is Not Enough.

Our online privacy is continuously compromised with the scanning, skimming and scraping of our emails and our browsing behavior.

A recent study concluded that 92% of the population believes “that collecting the content of emails is unacceptable”. How many consumers understand that virtually every email is scanned, skimmed and scraped for information and their privacy is breached every day? A recent article in The Economist describes how people do not protect their right to privacy and anonymity.

Google scans the content of all emails on its servers as well as all emails sent or received by a gmail account. Google considers that users have no ‘reasonable expectation’ of privacy. This stance flies in the face of the predominant and consistent research about consumers’ ‘privacy expectations’.

Rami Essaid recently wrote in TechCrunch that, “The truth is, people will never achieve true privacy and anonymity online.” He concludes that tracking is here to stay and that it is getting more pervasive and sophisticated. His main thesis is that our discussion should not be about absolute the right to privacy or anonymity but about transparency.

If Essaid is correct, the horse has left the barn in terms of protecting our privacy and anonymity. Instead, he proposes focusing on making it visible and transparent about how our online privacy will be accessed or ripped off.  It is OK to to invade our privacy as long as it is transparent! Should consumers simply give up that they have any expectation for online privacy? This is almost Orwellian in concept – a dark road that we must not travel as this means that others have the right to observe us without our consent!

The Right to Privacy

In 1890, Warren and Brandeis wrote The Right to Privacy and their key argument was the “right to be let alone”. Here we are 100 years later. Do we really want to change the right to be left alone to the “the right to know when I am not left alone?” Transparency is an important need but we must not give up the fight for the right to privacy.

Posted in: Anonymity, Data breach, Email, Fraud, Identity, Phishing, Privacy, Uncategorized

Leave a Comment (0) →

This week in review: Cyber Monday sales and scams, the European Plan and the science behind tracking

This week in review: Cyber Monday sales and scams, the European Plan and the science behind tracking

By Don Dobson

In our weekly roundup, we draw your attention to selected news and articles that highlight issues relating to invasions of your online privacy and threats to the security of your personal data, including problems that Dodoname can help solve. Catching our attention this week were posts on Cyber Monday, ongoing privacy debates, including in Europe and the science behind who is tracking you. For all our privacy, security and personal data related posts follow @MyDodoname on Twitter.

Cyber Monday – sales and scams

Although figures vary quite widely depending on the source, a considerable fury of online sales was unleashed this week on Cyber Monday. ComScore reported U.S. sales of over $2 billion, a 17 percent increase over last year’s Cyber Monday, making this the “heaviest U.S. online spending day in history.” Predictably, this rush of e-commerce also captured the full attention of online bad actors. Researchers had already observed a “sharp increase” in phishing and spam activities against online shoppers and expect more to come into the holiday season. In a Politico article called “Hack Friday: Black Friday cybercrime is unstoppable,” Jay Healey, a former White House and financial sector official notes “Hunters are more likely to be out when there’s more prey to be hunted.” Bolstering that idea, reports on a study from security firm Imperva shows nearly half of all web application cyber-attacks target retailers. “This is largely due to the data that retail websites store – customer names, addresses, credit card details – which cyber criminals can use and sell in the cybercrime underworld,” said Amichai Shulman, chief technology officer at Imperva.

While email is still the prime vector for phishing, we were also reminded that social media is not immune to these threats riding the wave of a major online event such as Cyber Monday. Fake social media messages on platforms like Facebook attempted to hook unsuspecting shoppers looking for deals and discounts.

Privacy debates

Of course, we continue to monitor news and debates around how companies use your data to track your online activities for various advertising and marketing purposes. Indeed, providing a way to have both privacy and personalization is the raison d’être behind Dodoname. It’s fascinating to see the general public slowly becoming aware of the extent to which we are tracked. Jascha Kaykas-Wolff, the Chief Marketing Officer of BitTorrent, notes recent Pew research, saying it “overwhelmingly showed the burgeoning distrust users have harbored in putting their private information online.” His article, Why privacy is like the frog in the pot of boiling water, is descriptive of what has happened to all of us. Like the proverbial frog in the pot of water that is slowly increasing in temperature, we’ve paid little notice to the tracking and erosion of privacy. With the Pew study showing that ninety percent of adults agree that we’ve lost control of our personal data, the temperature is going to start to rise for business as well.

One way the market is responding to consumer concerns is through offers like Dodoname where privacy, rather than tracking, is central to the value proposition. Another prominent example is DuckDuckGo, a search engine that puts privacy first, rather than collecting data. Gabriel Weinberg founder of the company, speaking about privacy-based products in a Guardian Article notes “I don’t think it’s a fad. One of the big things people have noticed in the last year is the ads that follow them around the Internet and that’s perhaps the most visible notion of this new tracking mindset that most companies are adopting. Those trends are not disappearing. More tracking on the Internet, more surveillance, so I think as people find out about it they’re going to be wanting to opt out in some percentage.”

The European Plan

The European Union is ahead of North America in many regards concerning privacy, including evolving regulations concerning cookie use. We’ve previously reported on so-called super cookies and device fingerprinting used to track consumers across devices, including smartphones. A Guardian article this week Europe’s next privacy war is with websites silently tracking users, notes regulators have made it clear that companies cannot bypass cookies consent by using covert methods to track users through their devices. In the article, Jim Killock, executive director of the Open Rights Group says “Building profiles to deliver personalised content and adverts clearly falls under e-privacy and data protection law.” This regulator opinion on device fingerprinting techniques seems to pave the way for developing new legislation to govern their use and protect user privacy.

The science behind tracking you

The science behind tracking and the answer as to why techniques that track users across devices are being pursued by companies on both side of the Atlantic can be found in a MIT Technology Review article we shared this week: New Technology for Tracking Consumers Across Devices Grows Results.

Companies like Adometry are using probabilistic identification methods, to link smartphones to desktops accurately enough to justify ad placements. Drawbridge, of San Mateo, California, says it can “take anonymous signals from the device and do a kind of statistical space-time triangulation.” By performing the analysis over time, Drawbridge identifies clusters of devices and then figures out which are paired, providing confidence that they have the same user. The results provide marketers with data that is accurate enough for retargeting and attribution.

Still, we are just at the beginning of what marketers would like tracking to accomplish. As various vendors build their own technology and tech companies like Apple or Google seek dominance of their own proprietary methods, Adometry CEO, Casey Carey offers the opinion that Marketers need a new system to track customers across platforms.

Posted in: Blog, Data breach, Fraud, Phishing, Privacy, This week in review

Leave a Comment (0) →

Eight ways Dodoname gives you back control

Eight ways Dodoname gives you back control

By Michael Gaffney

1-coffeeshopwifi

1. All you wanted was a side of wifi with your java. But the coffeehouse is forcing you to cough up your email address to get access to its network. And you just know that means you’ll soon be flooded with enough offers of half-price, half-decaf, pumpkin spice lattes to choke a horse. Next time, spawn a new Dodoname, and surf that wifi with no fear of future spam. (Image: Flickr, Terry Johnston, link)

2-sandandsurf

2. It’s Autumn, and a young man’s fancy turns to thoughts of…sun. And maybe love in the warm sun. So you sign up for hot deals from your favorite travel retailers. Once you’ve decided between Montego Bay or Punta Cana, you don’t really want to hear anything further. If you used a Dodoname, you could now turn off those retailers, and then turn them back on next year when the thermometer starts to dip again. (Image: Flickr, Lady May Pamintuan, link)

3-magazines

3. That magazine subscription offer was just too good to pass up, and all you had to do to get it was give up a few bucks. And your email address. Now every single other title in the same publisher’s huge library of magazines is pounding your inbox with offers. Use a Dodoname to create a one-to-one relationship with just the title you want, and make that address go extinct if the rest of the publishing house gloms on to it. (Image: Flickr , Ken Hawkins, link)

4-whitepaper

4. You wanted that whitepaper? You got that whitepaper. And you got an ongoing close and personal email relationship with the sponsor of that whitepaper. Next time, use a Dodoname configured to go extinct in a day. You want that whitepaper? Get that whitepaper. And get absolutely nothing else. (Image: Flickr, Locus Research, link)

5-warranty

5. Warranties. Who needs ’em? Certainly not you. Until you do. But if you register it, your purchase may be protected, but your inbox won’t be. Use a Dodoname with an extinction date, get the reply email acknowledging your warranty registration, tag it “warranty” to make it super simple to find it in the future, and then forget all about all that follow-on marketing email. (The company calls it “marketing.” You call it “spam.”) (Image: Flickr, Mike, link)

6-emailedreceipt

6. Remember the last time you were asked at the checkout if you wanted your receipt emailed to you? “Great idea,” one side of your brain said; that would make it so easy to keep the receipt handy in case I need to do a return. “Lousy idea,” the other side of your brain said; if I give them my email address, they’ll just spam me. Which side won out? You really shouldn’t have to fight it out between good and evil, and now you don’t. Use a Dodoname, tag the emailed receipted for quick search and retrieval, and never worry about the evil of unwanted spam. (Image, Flickr, Consumerist Dot Com, link)

shutterstock_186817148

7. The organizers of that webinar you registered for were great about sending you valuable updates, reminders and even a link to the presentation slides afterwards. And then they were just as great about sending you more and more emails about their next great webinar, trying to up-sell you into their product suite, and bringing you “valuable promotions from one of our trusted partners.” Next time, register for the webinar using a Dodoname programmed to go extinct in 30 days. You’ll get all the emails you want and need, and none of what you don’t want and don’t need. (Image: Shutterstock)

8-spam

8. Your favorite retailer has promised that if you sign up to receive regular offers and updates, that they’ll totally respect your privacy. Do you believe them? Even if they are true to their word, spambots are gonna auto-generate that email address you gave them and pound your inbox. With Dodoname, spambots can’t even get through our servers because of the one-to-one relationship between a Dodoname and a specific sender. And if your favorite retailer breaks its e-promise to you, shut ’em down, deactivate that Dodoname, and they’ll just have to leave you alone. (Image: Flickr, Mike Mozart, link)

Posted in: Blog, Email, Fraud, Privacy, Spam, Unsubscribe

Leave a Comment (0) →

Top five online privacy concerns

Top five online privacy concerns

By Don Dobson

In epidemiology, the means for the transmission of disease is termed a “vector.” In the world of online privacy, your personal email address is one of the prime vectors by which your privacy can be compromised. If you’re not using a Dodoname to interact with merchants, you’re leaving yourself open to these top five privacy concerns (which can have some very scary repercussions!)

1. Phishing

Wikipedia defines phishing as the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

Although not the only means, email is one of the main vectors for phishing. At Dodoname, we like to keep up to date on the latest developments in cybercrime through email phishing scams. We see that the scammers are relentless and that anyone can be a victim: criminals shamelessly exploit the latest news, such as recent attempts linked to the Ebola scare gripping the world or even attack children. It also a big problem for businesses as employees can be fooled and surrender corporate information or provide a pathway for hacking of retailer systems.

Phishing still thrives because it remains a simple game and the power of easily sending millions of emails every day allows the bad guys to fill their quotas. Old scams are still making the rounds and claiming victims. And the fact is, email remains a very popular communication channel. Unfortunately, it’s true that real dangers can place themselves in your inbox. Here’s a start on some help to stay out of trouble and also some advice if you have taken the bait.

2. Data breaches

Retailers in particular have shown themselves to be vulnerable to hacker attacks which result in a “breach” of security measures protecting customer data, as have financial institutions.

You may think “that’s their problem” but it could also be a problem for you. Depending on the nature of the data breach, personal information you have shared with companies, including credit card information, may become available for use by criminals and/or be re-sold in criminal markets. Ironically, this can result in even more effective phishing emails as criminals use information already stolen to become more credible to email recipients in what is known as “spear-fishing.”

There is nothing you can do to prevent these breaches, but they are the top of the list of concerns for company executives. Customers are striking back. Many consumers will stop patronizing companies who have had a data breach while some victims of these attacks  have joined lawsuits against retailers like Home Depot.

3. Malware

Email phishing can have many consequences. One of those is the installation of malware on your device. There are many varieties of malware “in-the-wild,” some malicious, some not so much, but none have any business on your device. Among the types of malware that can impact you are “key-loggers,” which send back everything you type online to criminals. This information would include details of all your online activity including banking website passwords.

And the thing is, you don’t always even need to click on anything. Just visiting some sites exposes you to these sneaky downloads through “malvertising.” You might think that staying away from seedy corners of the Internet would protect you, but the truth is even reputable sites can be hacked in these ways through ad exchanges.

4. Identity theft

Identity thieves have many different ways to strike: over the phone or through something as low-tech as criminals sifting through your trash, or through email phishing attacks. Online theft of personal identity and it has become a major problem worldwide. Criminals can use your identity and credit card information to make purchases, take out loans or conduct any illicit financial transaction.

Identity thieves can be individuals at the local level or international organized criminal operations. Even using free wi-fi at a coffee shop can open you up to identity theft. It’s clear that these types of cybercrime enterprises are a growth business.

5. Data brokers

A much broader concern for personal privacy than the vector of phishing emails and malware criminals is an industry that operates “legitimately” but without much regulatory protection for consumers. Testimony by Pam Dixon, Executive Director, World Privacy Forum appearing before the Senate Committee on Commerce, Science, and Transportation, suggests that somewhere around 4,000 companies in the U.S. gather identity information left by the “digital exhaust” of your online activity. Dixon cites real harm to individuals resulting from these activities and notes “Despite the large and growing size of the industry, until this Committee started its work, this entire industry largely escaped public scrutiny. Privacy laws apply to credit bureaus and health care providers, but data broker activity generally falls outside these laws. Even a knowledgeable consumer lacks the tools to exercise any control over his or her data held by a data broker.” 

(Image: Flickr, Sebastien Wiertz, link)

 

 

 

 

 

 

 

 

Posted in: Blog, Data breach, Email, Fraud, Identity, Phishing, Privacy

Leave a Comment (0) →

This week in review: scary tales of data brokers, info snatchers, phishing scams and more

This week in review: scary tales of data brokers, info snatchers, phishing scams and more

By Don Dobson

In our weekly roundup, we want to draw your attention to news and articles that highlight issues relating to invasions of your online privacy and threats to the security of your personal data: problems that Dodoname can solve. Catching our attention this week were posts about the fight for your data, those pesky data brokers, spooky tales of data snatchers, privacy terror and phishing season.

The fight for data: yours

While conversation around the issue of privacy continues to get louder, use of the word “fight” is really a misnomer, as in many respects the fight appears to be lost. This was underlined in a book review we discovered this week of What Stays in Vegas by Adam Tanner, a Harvard University scholar and business writer. The book provides an inside look on how personal data from credit ratings, voter lists, marriage licenses, police records and online behaviours are combined and sold on the open market.

Going for (data) broke(rs)

Frank Pasquale, a professor of law at the University of Maryland, is the author of the forthcoming book “The Black Box Society: The Secret Algorithms That Control Money and Information.” He writes, Every day, corporations are connecting the dots about our personal behavior—silently scrutinizing clues left behind by our work habits and Internet use. The data compiled and portraits created are incredibly detailed, to the point of being invasive. His October 16 op-ed in the New York Times, The Dark Market for Personal Data, notes there are at least 4,000 U.S. “data brokers” selling your information without proper regulation and without the control that consumers deserve.

Tales of (privacy) terror

The alarm is being raised by many, including the American Civil Liberties Union. Although the group was founded in 1920, their concerns remain highly contemporary. Just in time for Halloween, they have released a new video Invasion of the Data Snatchers. The intro to the video on its YouTube channel notes, New technologies are making it easier for private companies and the government to learn about everything we do – in our homes, in our cars, in stores, and within our communities. As they collect vast amounts of data about us, things are getting truly spooky!

Giving up your data for the greater good?

Like any big issue, it isn’t always as simple as it might first appear. Dr. Jean Marmoreo, a physician in Toronto, writing in the Globe and Mail Debate section, notes that the collection of personal data can provide big community benefits while acknowledging the privacy concerns. Inspired by a recent Toronto lecture by Sandy Pentland from the MIT Media Lab, Dr. Marmoreo endorses Pentland’s call for a universal bill of rights for collecting and using Internet data.

Phishing Season: Always Open

Seems there is news every day about phishing scams and this week was no exception. Whether on a local scale, like a restaurant reservation scam in Chicago, the local credit union, much wider schemes like Dropbox users worldwide being targeted, spoofing PayPal or “spear phishing” targeting students, the assaults never stop.  Kaspersky Lab published its Spam in September report this week noting that financial phishing accounted for 36.97 percent of all (its) detections.

There are many ways for phishing to compromise your security including malware that can install itself on your computer without you knowing. Your own protection efforts might benefit by taking a look at the most common malware emails currently hitting inboxes. You can find out if your email has been leaked during a reported data breach using a utility provided by the makers of password manager RoboForm. And if you have taken the bait, Andy Davidson writing on the Rogers Connected site answers the burning question, I Fell for a Phishing Scheme… Now What?

Posted in: Blog, Fraud, Phishing, Privacy, This week in review

Leave a Comment (0) →

This week in review: cyber security awareness month, modern mobsters, phishing and data breaches

This week in review: cyber security awareness month, modern mobsters, phishing and data breaches

By Don Dobson

In our weekly roundup, we want to draw your attention to news and articles that highlight issues relating to invasions of your online privacy and threats to the security of your personal data: problems that Dodoname can solve. Catching our attention this week were posts about a yearly event for which Hallmark doesn’t yet make a card, the lengths we’ll go to for cookies, how the underworld is keeping up with the times, phishing trips, data breaches and a reminder that common sense goes a long way. 

Acknowledging the problem is the first step to solving it

October 1st marked the start of National Cyber Security Awareness Month in the U.S. and Canada. Follow it through the #NCSAM hashtag on Twitter or through various organizations in both countries promoting a more cyber security aware public, including @GetCyberSafe on Twitter, or their website, the @STOPTHNKCONNECT or @StaySafeOnline Twitter accounts or their respective websites at http://www.stopthinkconnect.org/ and http://www.staysafeonline.org/

Cookies may contain personal data (and nuts)

We loved this story about a performance art project that had people in Brooklyn thinking about personal information, privacy and data collection. Artist Risa Puno traded a cookie, a real one, not the cyber kind, for personal data that included their address, driver’s license number, phone number and mother’s maiden name. Very clever and cheeky, Risa!

www.stolencreditcardsforcheap.com

It’s hard for most folks to believe that there is actually a website where a criminal can go and buy a stolen credit card. Not only is that true,  so many stolen cards have become available that the criminals are dropping their prices in order to move inventory!

The underworld goes high tech

‘Commercialization’ of cybercrime has been identified as a new trend in a report released by Europol’s European Cybercrime Centre. The Mirror notes traditional organized crime gangs are getting in because they can now easily find people selling tools and services that allow them to carry out illegal activities such as data theft and password cracking without the need for specialist skills. Surely this phenomenon is not limited to Europe?

Phishy tales

There is never any shortage of phishing scams in the news: organizations as diverse as the Nelson Mandela Foundation and the Virginia Department of Transportation EZ pass program have been impacted recently. It’s no wonder that cyber risk insurers are doing a brisk business these days.

World leaders: they’re just like us! 

It was reported that financial giant JP Morgan suffered a significant data breach, with reports that hackers grabbed contact information for 76 million households and 7 million small businesses, including names, addresses, phone numbers and email addresses, as well as “internal JPMorgan Chase information relating to such users.” Even President Obama may have been impacted as Business Insider noted a White House press pool in July mentioned him using his JP Morgan card at a Texas barbecue restaurant.

An ounce of prevention…

Blogger Chrysler Summer’s post on personal responsibility for privacy and security on the Web struck a chord. She suggested that “the biggest problem is that most people are just not as cautious as they should be on the Web.” Although we can’t protect ourselves from all cyber threats just by being careful, it is a point worth noting. We think using a Dodoname is a great tool for being more careful.

Posted in: Blog, Data breach, Fraud, Phishing, Privacy, This week in review

Leave a Comment (0) →