The SmartSwipe Online Security, Shopping and Technology Blog

Researchers with WebRoot discovered that 30% of people who use popular social networking sites (like Facebook, LinkedIn, and Twitter) have been attacked by cyber-criminals through those same social networking sites. Despite this, two thirds of users do not restrict the amount of information they make public!

Popular attacks include the spreading of malicious software, identity theft and 'unauthorized password changes'. Mike Kronenberg, Chief Technology Officer of WebRoot's consumer division told Infosecurity Magazine that criminals typically use personal information to guess passwords and gain unauthorized access to accounts.

Michael Jackson's famed Thriller album was one of the first records I bought myself. My Fisher-Price record player got quite the workout as I listened to it over and over again. Needless to say, like many people, I was quite sad to hear that Michael Jackson passed away.

So, today, I got in to work, checked my usual news sources and discovered that people were using news of his death to spread malicious software. WebSense Security Labs discovered that some emails that offer a link to a YouTube video actually send users to a Trojan downloader.  Meanwhile, in the background, three more information stealing components are downloaded and installed.

In May, I wrote an article about how many used hard drives still contain extremely sensitive information. Today, I was doing some follow up research when I came across an absolutely shocking article on the Canadian Broadcasting Corporation's web site.

Let me set the scene. A group of journalism students from British Columbia, Canada, were in Ghana investigating what happens to the developed world's discarded computer equipment. While in Ghana, they bought a number of hard drives, then took them home and plugged it in. One of them contained information about multi-million dollar US defense contracts between the Pentagon, the Department of Homeland Security, and a military contractor!

Microsoft released some great news today. The beta version of their new security package 'sold out' within 24 hours. Before the release, Microsoft announced that they would make 75,000 beta versions available. And, a message on their site today said that they had reached the limit.

First glances and initial reviews have been very positive and I am looking very forward to watching this product evolve. Any product that makes the web more secure is great news!

NetSecure's SmartSwipe device - a home credit card reader for safe online shopping - won the ACT award for Canadian Innovation. The award was presented to NetSecure Technologies at an awards luncheon held during Cardware '09.

The Canadian Innovation Award tops off an already exciting year in which the SmartSwipe was named to PC World's list of Ten Cool New Mobile Gadgets, and its debut on dell.ca

On Friday, I wrote an article about some research on the psychology of scams.  In that article, I attempted to dispel a few myths about victims of online scams.  For example, there is an idea that scam victims do not think before being victimized.  This research indicates that victims of scams actually devote more time to thinking about scams than those who are not victimized.

The saddest thing about crime is the fact that so many victims choose to remain silent. Can you imagine how it would feel to be a victim who cannot report a crime? Can you imagine the shame? And can you imagine how incredibly helpless you would feel?

The United Kingdom's Office of Fair Trading released another great report on May 17 - I would have posted this earlier, but I only discovered (and read it) last night. You can download the article from The Office of Fair Trading's web site. However, before I send you off to download that report, I should warn you - it is over 250 pages long and certain parts are rather difficult to read.

Warning aside, good psychology research tends to blend the expected with the unexpected and this report is no exception.  Certain conclusions seem like they should be common sense (brace yourself - scam victims are much less able to regulate the emotions associated with scam attacks).  Whereas other conclusions are so far from expected that they border on being unbelievable.  For example, scam victims tend to have better than expected knowledge about the subject area in which they are scammed.  For example, people who know more than average about investments are more prone to fall victim to investment scams! Have you ever heard of a scam and thought 'wow, those people must not have thought that through?' Well, this study argues that the opposite is true - scam victims actually devote more thought to their scams than non victims!

Another extraordinarily interesting report crossed my desk this morning and I thought I should write a little bit about it and direct you to a resource where you can learn more.  The Australian Business Assessment of Computer User Security is the most comprehensive study on the costs and challenges associated with computer security breaches experienced by Australian businesses.

This report is full of interesting statistics and as usual, I strongly encourage you to read the entire thing. However, from the SmartSwipe perspective, the statistic that stood out was the fact that the highest proportion of small and medium sized businesses reported that viruses and malicious software caused them the greatest financial loss. The mainstream news media loves to report on hacking, and hardware theft, but actual businesses discovered that malicious software harmed their bottom lines the most.