FBI Hoaxes Boost Online Fraud: Via Threat Level.

Online fraud in the United States doubled to a reported $560 million in losses last year as illicit phishing expeditions by thieves posing as the Federal Bureau of Investigation represented the biggest consumer complaint, according to a Friday government survey.

The e-mail phishing scams represented 16.6 percent of all complaints. The next closest category, at 12 percent, concerned consumer unhappiness about being billed for products never ordered or received, according to FBI data unveiled Friday.

Overall, the number of reported dollar losses stemming from online fraud doubled in 2009 from the year prior. [ Read more ... ]

Medical identity theft strikes 5.8% of U.S. adults: Via Network World at Computerworld Privacy News.

Identity thieves are not only interested in tapping financial resources, but are also after your medical identification data and services.

Medical identity theft typically involves stolen insurance card information, or costs related to medical care and equipment given to others using the victim's name. Roughly 5.8% of American adults have been victimized, according to a new survey from The Ponemon Institute. The cost per victim, on average, is $20,160.

Is your health privacy at risk?

"The National Study on Medical Identity Theft" is based on findings from 156,000 people who agreed to discuss identity theft in general. Among those surveyed, 5.8% provided specific details about how they had been hit by medical ID theft, in particular. [ Read more ... ]

Police want backdoor to Web users' private data: Via Politics and Law - CNET News.

Anyone with an e-mail account likely knows that police can peek inside it if they have a paper search warrant.

But cybercrime investigators are frustrated by the speed of traditional methods of faxing, mailing, or e-mailing companies these documents. They're pushing for the creation of a national Web interface linking police computers with those of Internet and e-mail providers so requests can be sent and received electronically.

CNET has reviewed a survey scheduled to be released at a federal task force meeting on Thursday, which says that law enforcement agencies are virtually unanimous in calling for such an interface to be created. Eighty-nine percent of police surveyed, it says, want to be able to "exchange legal process requests and responses to legal process" through an encrypted, police-only "nationwide computer network." (See one excerpt and another.) [ Read more ... ]

Census of Files Available via BitTorrent: Via Freedom to Tinker.

BitTorrent is popular because it lets anyone distribute large files at low cost. Which kinds of files are available on BitTorrent? Sauhard Sahi, a Princeton senior, decided to find out. Sauhard's independent work last semester, under my supervision, set out to measure what was available on BitTorrent. This post, summarizing his results, was co-written by Sauhard and me.

Sauhard chose a (uniform) random sample of files available via the trackerless variant of BitTorrent, using the Mainline DHT. The sample comprised 1021 files. He classified the files in the sample by file type, language, and apparent copyright status.

Before describing the results, we need to offer two caveats. First, the results apply only to the Mainline trackerless BitTorrent system that we surveyed. [ Read more ... ]

Too much info on social media aids ID thieves: Via San Francisco Chronicle.

More than half of adults 45 and older who are on social networks like Facebook could be in danger of becoming victims of identity theft or other crimes because they share too much private information, according to a study released today.

In one example, the study commissioned by a unit of credit reporting services firm Experian found that 14 percent of adults - and 20 percent of those age 60 and over - listed their full home addresses in their social media profiles.

If they then post updates from a trip, that tells thieves "no one is watching your house," said Jennifer Leuer, general manager of Experian's ProtectMyID.com. [ Read more ... ]

The Decade’s 10 Most Dastardly Cybercrimes: Via Threat Level.

It was the decade of the mega-heist, when stolen credit card magstripe tracks became the pork bellies of a new underground marketplace, Eastern European hackers turned malware writing into an art, and a nasty new crop of purpose-driven computer worms struck dread in the heart of America.

Now that the zero days are behind us, it’s time to reflect on the most ingenious, destructive or groundbreaking cybercrimes of the first 10 years of the new millennium. [ Read more ... ]

Survey: One Third of Youths Have Engaged in Sexting: Via Threat Level.

If you think the sexting phenomenon is growing, you’re not imagining it. According to a new survey, almost one-third of youths admit they’ve engaged in sexting-related activities that involved either e-mailing a photo or video of themselves in the nude or being the recipient of such images.

Of those who admitted to distributing suggestive images of themselves, about 61 percent report that they were pressured by someone to send the image. Girls were more likely to share a naked image of themselves than boys. and those who are already sexually active were much more likely to send an image than those who were not sexually active.

Most of the respondents sent the image to a significant other or a person of romantic interest to them. But 29 percent said they shared naked images of themselves with someone they knew only online.

These are some of the findings of a survey conducted by MTV and the Associated Press as part of a new multi-year campaign the youth-oriented television network launched on Thursday with numerous partners. [ Read more ... ]

Americans to Advertisers: Stop spying on me!: Via CDT - PolicyBeta.

Researchers at UC Berkeley and the University of Pennsylvania’s Annenberg School of Communication recently released the results of a large-scale study of consumer attitudes toward behavioral targeting (also known as behavioral advertising). The report’s findings were astonishing in their simplicity: the majority of consumers do not want their information collected and used for the purpose of customizing targeted news or advertisements. Consumers also believe they have the right to access and control information that companies have collected about them.

Study authors reported a number of significant findings. Among them:

If given a choice, 68% of Americans “definitely would not” allow advertisers to follow them online even if their online activities would remain anonymous. 19% “probably” would not allow this tracking. [ Read more ... ]

US Chamber of Commerce cites #19 rank, wants tougher IP laws: Via Law & Disorder Section - Ars Technica.

The World Economic Forum—otherwise known as the group that throws the fancy Davos shindig every year—has just released an over 400-page report on the world economy (PDF). Global competitiveness was the key metric, and the US lost its number one spot this year to Switzerland. So it goes. But tucked back in the report's list of data tables was a fascinating one about intellectual property, and it put the US in 19th place worldwide when it comes to protecting IP. [ Read more ... ]

Grade the Obama Administration's Work on Consumer Privacy!: Via EFF.org Updates.

The Privacy Coalition, a coalition of organizations committed to privacy issues, is inviting the public to give the Obama Administration a grade on its privacy work thus far: [ Read more ... ]

Is your health privacy at risk?: Via Network World.

Hospitals, pharmacies and health insurance companies are among the hardest hit when it comes to hacker attacks, stolen laptops, spying employees and other information security mishaps.

Healthcare organizations are losing more than just names, addresses and Social Security numbers. When their data gets stolen, patients lose the privacy of their medical conditions, treatments and medications while at the same time falling prey to identity theft, medical billing fraud and other criminal schemes.

Theft of electronic medical records is on the rise, and the implications are getting more serious. [ Read more ... ]

Social Networkers Risk More Than Privacy: Via InformationWeek.

Facebook and Twitter users post personal information that could be used by professional home burglars looking for targets, says a U.K. study.

People who use social networks are posting personal information that could be used by professional home burglars looking for potential targets, a study released Thursday found.

Nearly four in 10 people using sites such as Facebook and Twitter have posted specifics on holiday plans and a third have offered status updates during a weekend getaway, according to the Digital Criminal report prepared by the U.K. financial services company Legal & General. Coupled with the fact that a high proportion of people often agree to be online "friends" with strangers, the easily accessed personal information increases the risk of home break-ins. [ Read more ... ]

Privacy Salience and Social Networking Sites: Via Schneier on Security.

Reassuring people about privacy makes them more, not less, concerned. It's called "privacy salience," and Leslie John, Alessandro Acquisti, and George Loewenstein -- all at Carnegie Mellon University -- demonstrated this in a series of clever experiments. In one, subjects completed an online survey consisting of a series of questions about their academic behavior -- "Have you ever cheated on an exam?" for example. Half of the subjects were first required to sign a consent warning -- designed to make privacy concerns more salient -- while the other half did not. Also, subjects were randomly assigned to receive either a privacy confidentiality assurance, or no such assurance. When the privacy concern was made salient (through the consent warning), people reacted negatively to the subsequent confidentiality assurance and were less likely to reveal personal information. [ Read more ... ]

NZ Post survey not compulsory - commissioner: Via Otago Daily Times Online(New Zealand).

The Privacy Commissioner says people are under no compulsion to fill out a New Zealand Post survey called An Opportunity to Win after a number of people complained about it.

The nationwide household survey asks for detailed personal information about individuals, their families and their households.

"Some people contacting us are confused about whether they must complete the survey because it comes from New Zealand Post," said Privacy Commissioner Marie Shroff.

People were under no compulsion to fill in the survey, or could choose to complete it in part, she said.

"The important thing is for people to be clear about the commercial purposes of the survey, which is to collect their personal details and preferences." [ Read more ... ]

Is Internet Voting Safe? Vote Here: Via Threat Level.

WASHINGTON — Arizona did something very interesting in the 2008 general election: it accepted votes over the internet. Is it a good idea, or not?

Some individual counties have experimented with allowing online voting for overseas citizens, and the Pentagon considered its own system in 2004, before abandoning it because of security issues. But Arizona was the first to offer internet voting, in a national election, to all its overseas military and civilian families through a central website. Election officials demonstrated their system at the Computers, Freedom and Privacy Conference here Thursday, and they seemed pretty confident that it was secure.

“It’s run over a secured system using industry standard encryption,” said state CIO Craig Stender. “We had many users from over 50 countries using the system in that election.”

Voting rights activists are alarmed over the growing acceptance of internet-enabled voting [ Read more ... ]

Spam Back to 94% of All E-Mail: Via Bits Blog - NYTimes.com .

Spam, that annoying but ignorable scourge of the Web, has finally recovered from the jolt it received last November, when Internet backbone providers cut off McColo Corporation, a California Web-hosting service that spammers were using to coordinate e-mail attacks.

The average seven-day spam volume during the latter half of March is now at roughly the same levels as October of last year — around 94 percent of all e-mail — according to the antispam company Postini, a division of Google. [ Read more ... ]

More IT Pros Could Turn To E-Crime In Poor Economy: Via Slashdot.

snydeq writes to mention that a recent survey by KPMG shows that many people feel that out-of-work IT workers will be much more tempted to turn to criminal activities due to the down economy. This, coupled with an E-crime survey that shows fraud committed by managers, employees, and customers tripled between 2007 and 2008 paints an interesting picture. [ Read more ... ]

Vote: Will Conficker Botnet Trigger 'Unthinkable Disaster'?: Via Wired: Threat Level.

The 12-million computer strong Conficker botnet will fall under human control on April 1, leading some to speculate feverishly about what horror awaits an unsuspecting internet on what may be our last April Fools' Day ever.

Will Conficker become an evil twin to Google that lets criminals easily search for the valuable secrets of people running unpatched pirated copies of Windows in China and Brazil? Or is it a censorship-busting peer-to-peer network erected by lawless but well meaning cypherpunks?  Most disturbing, will it learn at an exponential rate until it becomes self-aware and decides humanity's fate in a microsecond? [ Read more ... ]

DNI report gives a glimpse of gov't data mining projects Via Law & Disorder Section - Ars Technica :

The most interesting thing about the second annual data mining report from the Office of the Director of National Intelligence—an abbreviated public version of which was released last week—may be what isn't in it. The current report, surveying research underway at ODNI's Intelligence Advanced Research Projects Activity (IARPA) division, focuses almost exclusively on a video analysis project. Several other programs alluded to in last year's report—including two that appear to be descendants of the defunct Total Information Awareness program—have ended their research phases. But does that mean they're mothballed, or just out of beta?

Click here to read the rest of this article

Read Original Article (Via Law & Disorder Section - Ars Technica.)

Show Us the Data Voting Deadline Approaches: Via CDT - PolicyBeta

March 9th is the deadline for telling ShowUsTheData.org what unclassified government information you would like to see go online. This includes information, documents or data that you know exists–on paper or in government computers and databases–that would be of value to the public if posted and regularly updated on an agency’s Web site, but for whatever reason remain offline. [ Read more ... ]

Survey: Most Web Users Believe Web Sites are Tracking Their Surfing Behavior: Via Privacy Lives

“A vast majority (80.1%) of web surfers are concerned about the online privacy of their personal information such as age, gender, income and web surfing habits,” according to an online survey by Burst Media. Notably, “older segments are much more likely than younger segments to say web sites track personally identifiable information.” The survey of more than 4,000 adults (age 18 and older) was conducted in December.

Read Original Article ( Via Privacy Lives. )

More Than Half of Ex-Employees Admit to Stealing Company Data According to New Study: Via CNN:Money

Symantec Reveals Companies Lack Adequate Data Loss Prevention Controls

Symantec Corp. (NASDAQ: SYMC) and the Ponemon Institute, a leading privacy and information management research firm, today announced the findings of a joint survey of employees who lost or left a job in 2008, which revealed 59 percent of ex-employees admit to stealing confidential company information, such as customer contact lists. The results also show that if respondents' companies had implemented better data loss prevention policies and technologies, many of those instances of data theft could have been prevented. [ Read more ... ]

Poll: Majority Want Investigations on Warrantless Wiretapping: Via EFF.org Updates

A new USA Today/Gallup poll finds that a clear majority of Americans favor at least some kind of investigation into whether Bush administration officials and policies violated the law.

Respondents were asked about whether there should be a criminal investigation, an investigation by independent panel — or neither — into questions of politicization of the Justice Department, torture and warrantless wiretapping. [ Read more ... ]

Stolen Wallets, Not Hacks, Cause the Most ID Theft? Debunked: Via Threat Level

A new report from Javelin Research is getting attention for its extraordinary claim that data breaches are responsible for only a tiny minority of identity theft cases, compared to lost wallets and other low-tech exposures. But a closer look at Javalin’s numbers casts serious doubt on the company’s conclusions.

The stat that’s getting the most buzz in Javelin’s 2009 Identity Fraud Survey Report (.pdf) comes from identity theft victims’ responses to the survey question, “How was your information obtained?”  Only 11%  of the respondents said it was lost in an online transaction, and another 11% said it was stolen in a data breach. Some 43% blamed a lost or stolen wallet. Here’s Javelin's chart. [ Read more ... ]

Show Us the Data!: Via CDT - PolicyBeta

Today, CDT and OpenTheGovernment.org launched Show Us The Data: Most Wanted Federal Government Documents, a website created with lots of help from our friends at Sunlight Labs. CDT and OpenTheGovernment.org are setting out to identify the ten most wanted government documents, reports or data sets that should be on the Web - but are missing because the government hasn’t put them on the Internet.

In the last ten years, the Internet has come a long way- just check out the website for our first Ten Most Wanted survey. The federal government has made great progress in their use of the Internet too, but we know that they still aren’t putting the information that we want online as proactively and as usably as we would like. Last year, we talked about how hard it can be to find government information through search. [ Read more ... ]