What are your credentials worth?

Security Watch posted an interesting article today discussing the value of personal login credentials, or username and password combinations used to access online services. I often get asked question about why people hack into computers, or write and spread viruses and malware. My answer has always been that it’s less about damaging computers or systems anymore, and more about being stealthy and collecting valuable information that can be used for monetary gain. This article paints a general picture and help to explain of how much our information is worth, answering the question – Why do they do it?.

Twitter credentials worth $1,000 to cybercriminals
Gmail account worth $80.00 +

According to the article, the actual value of account credentials is based mainly on popularity of the application, and the `popularity’ of the account, but I’d also include type of application, authority of the account holder, and the probability of an account granting access to additional valuable data as determining overall value of the credentials.

Read the full Article here.

Posted via web from Ed’s Posterous

The Truth about Facebook, Ads, and Personal Pictures

Facebook Responds

A response to: Debunking Rumors about Advertising and Photos

The “Truth” about profile pictures appearing in Facebook Ads (according to Facebook). Facebook reacts to the recent outcry regarding the misinformation about their policy on using personal/profile information for Ads.

From the Facebook Blog:  “In the past couple of days, a rumor has begun spreading that claims we have changed our policies for third-party advertisers and the use of your photos. These rumors are false, and we have made no such change in our advertising policies…”

The Rant Begins:

The Source of the personal violatons was from 3rd party applications and Advertisers, not Facebook.

So many people are willing to click on any link that is put in front of them without considering the source or the consequences. Facebook applications (having nothing to do directly with facebook itself) are no different. These applications are created and developed by 3rd parties with their own agenda. Some are legit, but there are also some that walk the line (and sometimes cross it) when it comes to using or protecting your personal information. Every time you add, enable or allow an application to access your profile, you sell a small piece of yourself. There is a reason you see a extra “do you want to allow this application” message when you add applications like the oh-so popular “share a drink with you friends”.

If you are concerned with your personal online safety and privacy, take responsibility for protecting your own data first. Know what your getting into or agreeing to before you click the “allow” button. Read and understand the terms of service and privacy statements for the applications you allow on your facebook account – or any online account for that matter.

That’s my rant and I’m sticking to it.

Have your own thoughts about this? Leave a comment.