FTC says Americans are losing more money to social media fraud than ever before

Losses from fraud originating on social media skyrocketed in 2021, according to data the Federal Trade Commission released Thursday. More than 95,000 individuals reported losses totaling $770 million as a result of fraud initiated on social media. That number is up from $258 million in 2020 and just $42 million in 2017. Part of that growth has been driven by record losses to cryptocurrency scams. Investment scams made up 37% of all reported fraud losses originating on social media in 2021, according to Thursday’s report. Scammers have found a wide range of ways to dupe cryptocurrency investors, such as so-called “giveaway” scams where victims are told to send in money for a large investment return that never appears. Those scams have popped up quickly after surges in popularity of a new coin and even with focused efforts, social media platforms have struggled to stop them. The FTC in March 2021 […]

The post FTC says Americans are losing more money to social media fraud than ever before appeared first on CyberScoop.

Continue reading FTC says Americans are losing more money to social media fraud than ever before

Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns

The FBI on Dec. 30 signed a deal with Clearview AI for an $18,000 subscription license to the company’s facial recognition technology. While the value of the contract might seem just a drop in the bucket for the agency’s nearly $10 billion budget, the contract was significant in that it cemented the agency’s relationship with the controversial firm. The FBI previously acknowledged using Clearview AI to the Government Accountability Office but did not specify if it had a contract with the company. The FBI didn’t respond to a request for comment, but it isn’t the only federal law enforcement agency to ramp up its procurement of privately-owned facial recognition technologies in recent months. In September, U.S. Immigration and Customs Enforcement spent almost $4 million on facial recognition technology from a company called Trust Stamp, as Business Insider first reported. The same month agency purchased a contract with Clearview AI starting at […]

The post Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns appeared first on CyberScoop.

Continue reading Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns

FTC warns of potential penalties for firms that fail to fix Log4j software flaws

The Federal Trade Commission Tuesday warned companies that if they fail to take action to remedy a major recent software vulnerability in open-source software tool Log4j, there could be legal repercussions. “When vulnerabilities are discovered and exploited, it risks a loss or breach of personal information, financial loss, and other irreversible harms,” the agency warned. “It is critical that companies and their vendors relying on Log4j act now, in order to reduce the likelihood of harm to consumers, and to avoid FTC legal action.” Log4j is ubiquitous in software used throughout the technology industry, and is found in products built by companies including Amazon, Google and Microsoft. The widespread use of such technology has made it difficult to identify potential victims. At the same time, the popularity has made it an easy target for a range of cybercriminals to exploit. The warning shot from the top consumer protection agency comes […]

The post FTC warns of potential penalties for firms that fail to fix Log4j software flaws appeared first on CyberScoop.

Continue reading FTC warns of potential penalties for firms that fail to fix Log4j software flaws

FTC settles with OpenX Technologies for $2 million for allegedly violating children’s privacy law

Advertising platform OpenX Technologies will pay the Federal Trade Commission $2 million over allegations that it failed to comply with a federal rule requiring online services to obtain parents’ consent before collecting data about children under the age of 13. OpenX offers automated ad buying that allows companies to reach a precise audience in real-time. The settlement effectively serves as a warning to digital advertising platforms, which funnel massive amounts of data through real-time advertising bids, often with little transparency. “OpenX secretly collected location data and opened the door to privacy violations on a massive scale, including against children,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “Digital advertising gatekeepers may operate behind the scenes, but they are not above the law.” A complaint from the Department of Justice filed on behalf of the FTC alleges that the company knowingly collected information from hundreds of apps that […]

The post FTC settles with OpenX Technologies for $2 million for allegedly violating children’s privacy law appeared first on CyberScoop.

Continue reading FTC settles with OpenX Technologies for $2 million for allegedly violating children’s privacy law

‘Shiba Inu’ token scams surge with the virtual currency’s popularity

When the Shiba Inu token, a meme-based virtual currency, hit its highest all-time value in October, it didn’t take long for scammers to seize on the trend for their own benefit. Live YouTube videos promising bogus giveaways of the token have racked up hundreds of thousands of views, while groups on Telegram promoting other frauds have also exploded, according to research shared exclusively with CyberScoop. Many Shiba scams identified by the security firm Tenable all take a nearly identical approach. Accounts live-stream old footage from a June event featuring Jack Dorsey and Elon Musk, a popular name among crypto enthusiasts, with on-screen instructions for users to send an arbitrary amount of currency into a wallet, with the promise of getting twice as much or more in return. Scams have earned $239,000 worth of cryptocurrency since October 20, based on an analysis of online wallet addresses associated with nefarious Shiba Inu-themed pages, […]

The post ‘Shiba Inu’ token scams surge with the virtual currency’s popularity appeared first on CyberScoop.

Continue reading ‘Shiba Inu’ token scams surge with the virtual currency’s popularity

Internet providers fail to inform Americans about how they use sensitive data for advertising, FTC says

Internet service providers fail to disclose to consumers how they use sensitive data, obscure privacy practices and making it difficult to opt-out of collection, according to a study released Thursday by the Federal Trade Commission. The study signals that telecommunications companies may not escape the agency’s efforts to establish consumer privacy protections, even as platforms like Facebook and Google dominate the conversation. “While several ISPs in our study tell consumers they will not sell their data, they fail to reveal to consumers the myriad of ways that their data can be used, transferred, or monetized outside of selling it, often burying such disclosures in the fine print of their privacy policies,” the report concludes. The report, which the agency ordered in 2019, looked at six of the largest ISPs — AT&T Mobility, Cellco Partnership (Verizon Wireless), Charter Communications Operating, Comcast (Xfinity), T-Mobile US, and Google Fiber — covering 98% of […]

The post Internet providers fail to inform Americans about how they use sensitive data for advertising, FTC says appeared first on CyberScoop.

Continue reading Internet providers fail to inform Americans about how they use sensitive data for advertising, FTC says

Democrats urge FTC to make privacy rules while fight over a federal law drags on

Nine Senate Democrats are urging the Federal Trade Commission to make new data privacy rules that will work in parallel with the long-running effort by Congress to reach an agreement on a federal privacy law. Lawmakers are urging the agency to look at better protecting vulnerable communities from discriminatory data practices, as well as requiring companies to get consumers to explicitly opt into having their data collected. “We believe that a national standard for data privacy and security is urgently needed to protect consumers, reinforce civil rights, and safeguard our nation’s cybersecurity,” the group of Senators led by Richard Blumenthal, D-Conn., wrote. The letter comes in response to frustrations that the FTC’s current rules against unfair and deceptive practices have proven ineffective to take on major privacy violations and data breaches by technology companies. Leaning on the authority in lieu of strong national privacy protections has forced the agency to […]

The post Democrats urge FTC to make privacy rules while fight over a federal law drags on appeared first on CyberScoop.

Continue reading Democrats urge FTC to make privacy rules while fight over a federal law drags on

FTC threatens fines for health apps that fail to report compromised data

App developers and device operators that collect health data about Americans must alert consumers in the event their personal information is compromised or shared without permission, the Federal Trade Commission ruled Wednesday. The U.S. consumer protection agency voted 3-2 on a new regulation that is meant to clarify the 2009 Health Notification Rule, which details how companies should tell consumers if their data is improperly shared or breached. The decision Wednesday extends the 2009 rule to cover health apps, fitness trackers and other connected devices that have risen in popularity over the past decade. “The global pandemic has hastened the adoption of virtual health assistants, with Americans placing their trust in various technologies to track and manage their personal health,” FTC chair Lina Khan said in a statement. “As we have seen, however, digital apps are routinely caught playing fast and loose with user data, leaving users’ health information susceptible […]

The post FTC threatens fines for health apps that fail to report compromised data appeared first on CyberScoop.

Continue reading FTC threatens fines for health apps that fail to report compromised data

MoviePass settles with the FTC over exposing private information, misleading consumers

Defunct subscription service MoviePass won’t have to pay users for exposing their personal information, or for quietly blocking them from using the movie ticket service’s “one ticket per day” feature. The now-bankrupt company settled with the Federal Trade Commission Tuesday over allegations that it failed to secure users’ personal information and misled them about the company’s subscription offerings, the agency announced. The subscription service, which launched in 2011, once attracted more than 3 million paid subscribers for its unrivaled service of offering unlimited movie theater passes for initially just $9.99 a month. The business model turned out to be unsustainable, with the company turning to increased prices and eventually bankruptcy in January 2020 after struggling to retain subscribers. Failure to secure a server of users’ private information led to the exposure of tens of thousands of names, birthdates, customer card numbers and credit card numbers between at least May and […]

The post MoviePass settles with the FTC over exposing private information, misleading consumers appeared first on CyberScoop.

Continue reading MoviePass settles with the FTC over exposing private information, misleading consumers

Do credit monitoring and ID protection services do much for breach victims?

It has become a staple for companies that are hit by big data breaches: extending free crediting monitoring and identity protection services to customers whose sensitive personal information is at risk. There’s nothing wrong with companies doing that, say consumer advocates — but those advocacy groups also say breached companies can do much, much better. The latest company to get hit by hackers and then offer credit monitoring or identity protection services, Geico, last week outlined a package that’s a little improved above the usual versions, one advocate said. These existing services seem to offer help, yet in some cases that benefit is limited and in others it’s difficult to measure their effectiveness. But overall, there’s little incentive for companies to offer improved redress, consumer advocacy groups contend. “Most breached entities go with credit monitoring because it’s a relatively inexpensive thing for someone to contract with to provide,” said Susan […]

The post Do credit monitoring and ID protection services do much for breach victims? appeared first on CyberScoop.

Continue reading Do credit monitoring and ID protection services do much for breach victims?