Category: Warning

Journalist Turns Anonymised Data into Profiles

A journalist and a data scientist secured anonymised browsing data for three million users. They created a fake marketing company to get the data and were able to de-anonymised much of it i.e. they could identify the users.

Anonymised data means the names have been removed along with supposedly anything that makes it possible to identify the individuals.

How is that Possible?

There are various techniques that can be used to identify people in the data, such as:-

  1. Anyone who visits their own Twitter analytics page will have a URL in their browsing record which contains their Twitter username. Find that URL, and you’ve linked the anonymous data to an actual person.
  2. A similar trick works for German social networking site Xing.

For other users, a more statistical approach can be used to de-anonymise the data. For instance, just 10 URLs can be enough to uniquely identify someone. For instance, how few people there are at your company, with your bank, your hobby, your preferred newspaper and your mobile phone provider. By creating “fingerprints” from the data, it’s possible to compare it to other, more public, sources of what URLs people have visited, such as social media accounts, or public YouTube playlists.

Eckert, a journalist, worked up with data scientist Andreas Dewes to acquire personal user data and see what they could get from it. They created a fake marketing company, complete with its own website, a LinkedIn page for its chief executive, and even a careers site.

The pair presented their findings at the Def Con hacking conference in Las Vegas

They made the site full of pictures and marketing buzzwords, claiming to have developed a machine-learning algorithm which would be able to market more effectively to people, but only if it was trained with a large amount of data. Then they asked companies for anonymised data to try on their system.

The data they were eventually given came, for free, from a data broker, which was willing to let them test their hypothetical AI advertising platform.

Another discovery through the data collection occurred via Google Translate, which stores the text of every query put through it in the URL. From this, the researchers were able to uncover operational details about a German cybercrime investigation, since the detective involved was translating requests for assistance to foreign police forces.

Where did all of the data come from?  A number of browser plugins collect data, Google Translate collects data and various websites collect this data.

It is supposed to be anonymised when passed on to ensure no-one can identify the individuals, but this clearly is not true.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

07709 Scammer Phone Number

077009 is a fake mobile telephone number prefix.

If you have been contacted by someone claiming their number starts with  077009, you should be wary as the caller ID has probably been spoofed i.e. your telephone is reporting a false caller number.

Do not answer unexpected calls from 077009 numbers as they are likely to be from a scammer.

The 0077009 numbers have been allocated for use in UK TV and films where the makers don’t want viewers calling up a real phone number and causing annoyance. But some scammers have started to use these numbers in messages etc. so as to hide their real number.

In the USA most films and TV use numbers that have 555 as the central portion as these are easily recognisable as fake.

Most countries seem to have set ranges of fake phone numbers for various purposes.

If you are interested, the website https://fakenumber.org/ lists lots of these numbers.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Facebook Adverts Target the Family

Facebook is introducing a new household audience feature that will let companies direct adverts to entire families or to specific people within a household. The tool could help aim adverts at people who influence purchasing decisions and other adverts to the people making the actual purchases.

Here’s how it works:

  1. The company selects the audience they want to target
  2. They uploads the custom audience data to Facebook (names and address, email addresses etc.). This may be data from their own systems or purchased data.
  3. They turn on the household audience feature to reach not just the person they’re targeting, but also other people in the same household.

Facebook is open about wanting to shift TV advertising to their platform.  Facebook executives said they’ll be able to identify members of the same household based on data, such as their familial relationships on Facebook, but also based on the frequency of shared check-ins or where they access the internet i.e. clever guesswork.

The tool might also be used to reduce wasted advertising spend. For example, if someone has already bought a household-specific product or service e.g. Netflix subscription, an Airbnb reservation—then based on the customer database, the marketer and Facebook know to stop showing such adverts to that household.

Along with the added targeting, Facebook is adding additional measurement capabilities. This will appear in the Adverts Reporting dashboard and show how campaigns perform in terms of getting results across members of a household. Metrics will include how many households the advertising reaches, along with the frequency at which they were reached. It’ll also potentially show how an advert shown to one person affected a purchase made by someone else.

Examples of how the new feature may be used:-

  1. A husband purchased products from Sonos, so he’s in the company’s customer database. Sonos might then try to influence his wife to get him a gift or their kids to buy him something.
  2. One member of the household who sees a hotel advert in France will find others in the household have seen it too, leading to the family making holiday plans.
  3. It could show parents ideas for their children and husbands the items his wife likes to look at.

This could spoil surprises or even expose cheating partners.

Many people already find the adverts that follow them around the Internet to be creepy. You look at a pair of shoes on Amazon then find every website you look at is showing you those same shoes.  This new Facebook feature could take that creepiness to a new level.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

A Pre-Paid Funeral Is Not a Good Deal

The Fairer Finance consumer group has published a report into pre-paid funerals and concludes that the Funeral Planning industry is not working well for consumers and millions of pounds of consumer’s money could be at risk.

The average cost of a funeral is now £3,900 so it makes sense for many people to plan ahead to ensure there is the money for a funeral for a loved one or themselves.

Telesales companies have been bombarding people with calls about planning their funeral and an estimated six million people over the age of 50 have been contacted.

James Daley of ‘Fairer Finance’ said “the combination of a fast growing market, fuelled by high pressure sales to a potentially vulnerable customer base is creating a perfect storm. “

“A growing number of customers are likely to be let down when their plan is claimed on – with some funeral plan providers passing on significant extra costs to the families”

The people making the calls are usually commission based and charge up to £1,000 per plan sold so obviously that’s a big chunk of the money gone that was expected to pay for the funeral.

This market is basically unregulated and the report findings will be reviewed by The Treasury, the Competition and Markets Authority and the Financial Conduct Authority.

There are reputable companies involved in the funeral planning industry and this can make sense for some people. But do not take up an offer from a cold caller and do your research to find the best plan for your needs and ensure you understand what it includes as it seems that 90% of people taking these plans do not fully understand what they will get.  Contact the relevant company directly – to avoid commission going to an agent.

Do you have an opinion on this matter? Please comment in the box below.

Do You Understand Facebook Security

The Internet Resource Centre (www.idtheft.org) carried out a survey to help Facebook users deal with concerns over identity theft.

The key concern from the survey results is that many Facebook users don’t understand the privacy settings and believe their information has more restricted circulation than is actually the case.

63% of respondents believed their information was only visible to friends if their profile was set to private. Not true.

Over 90%  of respondents say they have their full name visible on their profile and more than 50% have their birthday, pets names, hometown, high school name and current city visible. All of this information is very useful to identity thieves.

Most people do not share passwords with others, but 10% say they reuse the same password on other sites. If your password is hacked, then the hackers often try the same login and password on other systems so if you share passwords across systems then you’re putting all of them all at risk from one hack.

Most survey respondents have received scam emails and messages, phishing emails and messages and more than 10% report their account was accessed without their permission. The results were mostly embarrassment and damage to reputation but also loss of money in some cases.

Many victims of identity theft do not realise their identity has been compromised  until some time later e.g. when a bank statement arrives or debt collectors start to phone.  By then a lot of damage could already have been done.

The page at http://www.digitalspy.com/tech/feature/a552990/how-do-i-make-my-facebook-profile-private/ contains detailed information on Facebook privacy settings.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Social Networking and Identity Theft

Billions of people use social media networks – Facebook, Twitter, Instagram, YouTube, Snapchat and more.

Many people share lots of information about themselves and sometimes that can give fraudsters what they need to scam you, specifically to steal your identity.

Identity theft is where a fraudster acquires confidential information about you – sufficient that she can access your online accounts, take out credit cards or loans in your name, commit crimes and use your name etc.

This can be a devastating experience for some and once your identity has been stolen it’s very difficult to reclaim it without a lot of help.

How Identity Theft Can Happen Through Social Networking

To make full use of social media you need to divulge information about yourself but you should be aware of the following risky activities:-

  • In Settings – choosing privacy to be “low”
  • Accepting invitations to connect from unknown people
  • Downloading free APPS – games etc.
  • Sharing your password
  • Clicking on links that lead you to other websites, even if the link was sent to you by a friend or posted on your friend’s profile
  • Clicking on links in phishing messages or replying to them

E.g. A woman receives a message from one of her friends on social media recommending a cat video for which there is a link. She trusts her friend so clicks on the link, but it doesn’t bring up a video. She didn’t know that her friends profile had been hacked and taken over and the link was to a malicious website. A computer virus has  now downloaded to her computer from that website.

She later finds that emails have gone out in her name to all of her contacts asking them to click on the malicious link.

Be aware and stay safe.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fake Online Reviews

[picture – Each child only sees the part s/he is examining – old proverb]

Online reviews of a product or service can be very useful and most people buying online do check out such reviews first.

Surveys suggest that more than half of the adults in Britain, around 25 million people, use online reviews such as on  Amazon, eBAY, Tripadvisor, Foursquare and Checkatrade to provide confidence in the product or service and find the best deals.

We rely on those reviews being honest – by people who have actually used the relevant product or service and giving their honest opinions.

But, some companies cheat – they pay others to create fake reviews  in order to get more business. Sometimes they try to cover up bad reviews by posting lots of fake positive reviews and so on. This distorts the situation and is dishonest. If a company ‘distorts’ online reviews then they are in breach of the Consumer Protection Unfair Trading Regulations 2008.

The Competition and Markets Authority says that shoppers who use the internet to research hotels, books, electronics and other purchases are being routinely misled by millions of fake reviews orchestrated by companies to trick potential customers.

This problem of distortion is not new. Magazine reviews have always been a little suspect as it is well known that the reviewers are given free products and sometimes trips to great places to review the products. So is their opinion completely unaffected?

Also, the bloggers and vloggers who do product reviews face this problem as their opinions can carry a lot of weight but they are commonly offered free products to test.  Don’t bite the hand that feeds you.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

There is further information at

http://www.fightbackonline.org/index.php/guidance/13-warnings/46-the-problem-of-fake-online-reviews

In conclusion,  online reviews can be very helpful but you do have to consider why the author of such reviews wrote them – was there any self interest involved or monetary benefit?

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.