Facebook Privacy Issues: Facebook Being Sued by Users for $15 Billion

On the day that Facebook has gone public, it is also being sued for $15 billion by users who claim that Facebook was tracking their Internet usage, even after they had logged out of Facebook. The lawsuit is a combination of 21 other cases that have been filed against Facebook. This is just another case in a long string of privacy issues that Facebook has run into recently.

Germany is actually warning its business investors to stay away from Facebook's IPO because they say that the social network actually violates European privacy laws, and that they are soon going to try and stop Facebook from transferring personal user information from Europe back to the U.S. Another European activist organization is trying to force Facebook to let their users vote on the company's new privacy policies. And all of this comes on the heels of other social networking sites, such as Twitter, offering users a "Do Not Track" privacy option on their site.

If you are worried about your own privacy on Facebook, check out our video tutorial on how to adjust your privacy settings. You can also check out AVG's new "Do Not Track" function on their security software suite, which will block sites like Facebook from tracking your Internet usage. If you want to make sure your identity hasn't been stolen due to online privacy issues, check out our reviews of the top identity theft protection sites.

• Tweet

Facebook IPO: Security, Privacy
Still an Issue for Social Network

Tomorrow is the day that everybody has been waiting for, the day Facebook goes public. But along with all the accolades and excitement, Facebook's IPO has also brought some scrutiny to how the company handles the privacy and security of its users. In a recent survey by AP and CNBC, 59% of Facebook users said that they have little to no faith in Facebook to keep their personal information private. Only 13% of those surveyed said that they had complete faith in Facebook. So there are obviously some trust issues between Facebook and its users.

As Facebook's popularity continues to increase, so does the hacking attempts on the social network. Hackers can now use a wide range of scams to use people's Facebook pages against them, including hacking into their account to get personal information, taking over their account to hack their friends' accounts, cloning or creating a fake Facebook page with the user's account, and hacking in to the unprotected information that the holes in Facebook's privacy settings leave vulnerable.

In addition to their privacy issues, Facebook has also traditionally had security issues, especially when it comes to spam. Recently, they teamed up with some of the top security software to help detect and block more of the spam that is common on Facebook. But just as the company is ready to go public, a new security threat is surfacing: the "LilyJade" worm. The worm uses a link to video to get users to click, which then prompts them to accept the "video viewer" plugin permissions to watch the video, which is a common practice on Facebook. Once they agree, LilyJade then periodically posts videos in the user's news feed to help spread the worm. And as Facebook's popularity and functionality increases, so will new hacking and spamming attempts on the social network.

So how do you keep your Facebook account as protected as possible?

1) Make sure all your privacy settings are set to the most secure setting. Here's how.

2) Always be careful of what you are clicking on when using Facebook. If you click on a link that requires an app to have access to your account, make sure that app is safe before you grant access.

3) Find security software that has a Facebook specific option, such as Norton, that will scan your Facebook page for any malicious URLs.

If you want to boost the security of your computer to help make your Facebook page more secure, check out our reviews of the top security software to find one that's right for you. If you want to make sure you aren't the victim of a privacy scam on Facebook, check out our reviews of the top Identity Theft protection programs and find one that you are comfortable with to help protect your identity.

• Tweet

Do Identity Theft Protection Plans
Protect My Credit Cards Too?

Q:  If I subscribe to an identity theft protection plan, do I still need to maintain my current monthly protection for each credit card or will those cards be covered with one of these plans?

Image: Garido.com

A:  I'm not sure what credit card protection service you're currently paying for, but most of our top identity theft protection services will help protect your credit/debit card and bank account numbers from fraudulent use. Identity Guard TOTAL PROTECTION®, Trusted ID and Lifelock will all monitor the Internet black market for suspicious use of your credit/debit and bank account numbers and alert you if fraudulent activity is detected. The only caveat is that you need to enter these numbers into their online interface once you sign up.

We particularly like Identity Guard because of their proactive identity theft protection and 3-bureau credit report monitoring. Plus, they are offering NextAdvisor readers a free 30-day trial and 25% off the subscription price. When you sign up for Identity Guard you'll also get free credit scores, which are yours to keep even if you cancel during the trial period. All-in-all we think it's a pretty good deal, but if you'd like to take at look at other identity theft protection plans check out our identity theft protection plan comparison.

• Tweet

Does Identity Guard Monitor
Checking and Savings Accounts?

Q:  Does Identity Guard monitor checking and savings accounts and notify members if any questionable activity is seen?

A:  Identity Guard TOTAL PROTECTION® does monitor for potential fraud activities involving your registered bank account numbers on a daily basis. If suspicious activity is seen you will be alerted in order to verify any changes and take any action necessary. However, they do not monitor the activity within each bank account (i.e., deposits and withdrawals). If you think about it, this might not be something you would even want tracked because then Identity Guard would have complete access to your checking/savings account and financial information.

When you sign up for Identity Guard, you'll be guided through registering information you would like them to monitor.  Make sure to take a couple extra minutes to do this – letting Identity Guard know your credit card, debit card and bank account numbers will enable them to scan for the fraudulent use of them.

We given Identity Guard our top rating for identity theft protection due to it's proactive fraud monitoring, 3-bureau credit report monitoring, free credit scores and computer protection. Right now they are offering NextAdvisor readers a free 30-day trial and 25% off the subscription price, so get it while it's hot.

• Tweet

Trojan Horse Software that Can Steal Credit Card Info Is Being Sold on the Black Market

Source: Alaskan Dude via Flickr

Did you know there is a black market for computer viruses and malware? It turns out that a computer Trojan horse that is capable of stealing credit card information from software on hotels' computers is being shopped around on the underground forums, according to a leading security firm. The seller is apparently shopping the Trojan horse for around $280.

The malware is reportedly able to be quietly downloaded to hotel front desk computers where it will steal customer credit card and billing information, and can be sent over email or instant message. It is said to be undetectable by most security software, but those security suites that offer heuristic and behavioral detection, such as Iolo's System Shield and Eset Smart Security, should be able to detect the new virus when it tries to execute.

It's always a good idea to keep your computer, along with your personal information, protected. To keep an eye out for identity theft, especially when traveling, sign up for an identity theft protection service. We review the top services here. And to keep your computer protected, check out our reviews of the top security software suites here.

• Tweet

Will an Identity Theft Protection Service Prevent a Lender from Getting Information?

Q:  I am in the process of refinancing my home. I completed and submitted the applications, giving my social security number and other important information. I decided not to go with that Broker and now I am concerned about the information I provided. Will identity theft protection make it difficult for a lender to obtain information?

A:  An identity theft protection service will NOT make it difficult for a lender to get your credit information. Instead, most services proactively monitor for the use of your personal information, provide 3-bureau credit report monitoring and offer some sort of computer protection. Some include other goodies like free credit scores and lost wallet protection.

3-bureau credit monitoring does exactly what the term implies – it constantly monitors your credit reports at Equifax, Experian and TransUnion and will alert you if a change occurs. It does not prevent potential lenders from obtaining information on your credit report. Only a credit freeze will lock down your credit report and prevent new creditors from accessing it.

We strongly recommend identity theft protection, particularly if you feel your personal information may be at risk. Our top pick is Identity Guard TOTAL PROTECTION® because of their strong protection features. Identity Guard monitors public records for any changes to your name, scans databases for application or Social Security fraud, and monitors the Internet's black market for any use of your credit cards, Social Security number or other personal information. It also provides 3-bureau credit monitoring, Zone Alarm Internet Security software, anti-keylogging software, mobile security software and lost wallet protection. In addition, members will receive free credit scores when they sign up. Right now, Identity Guard is offering NextAdvisor readers a free 30-day trial and 25% off.

• Tweet

1.5 million Visa, Mastercard and Discover account numbers stolen

In an update to our previous post about the security breach at Global Payments, this morning the credit-card processor reported that 1.5 million Visa, Mastercard and Discover account numbers were stolen. The breach did not include cardholder names, addresses and social security numbers – just account numbers. Since the announcement this morning, Visa has dropped Global Payments from their approved list of providers that meet data security standards.  (NOTE: Although the company continues to process Visa card transactions, being removed from the official registry could impact their business.)

1.5 million credit card numbers stolen

If you are one of the 1.5 million customers impacted by this data breach, you won't know about it for awhile. If your card issuer thinks your card is one of those 1.5 million, they will be contacting you – most likely by mail.  In the meantime you should know that you aren't responsible for fraudulent charges made on your credit card. However, there is an obvious hassle involved in reporting any suspicious charges, along with the the time and paperwork involved.  As always, you should be carefully reviewing your credit card statements for fraudulent transactions.  It also makes sense to exercise common sense tactics to help prevent identity theft.

Security breaches like the one experienced at Global Payments are fairly common these days.  As more of your personal information is networked and stored on computers, it becomes more plausible that it can be accessed by hackers or identity thieves.  We recommend that anyone concerned about their personal information think about signing up for an identity theft protection service.  Our top rated services like Identity Guard and TrustedID proactively scan the Internet black market for your personal information, monitor your credit reports at all 3 credit bureaus and provide computer security software.

• Tweet

Visa and Mastercard Warn Banks of Security Breach

Credit card processor Global Payments was hit by a security breach putting an estimated 50,000 Visa and Mastercard cardholders at risk, according to a report filed by the Wall Street Journal today. Visa and Mastercard began warning banks of the breach last week, and the estimated timing of the breach is between Jan. 21, 2012 and Feb. 25, 2012.  Specific details about which cardholders have been affected and exactly how many are at risk have not been released.

Visa and Mastercard cardholder information at risk due to security breach

Global Payments is a third-party processor of credit cards, debit cards and gift cards.  As a merchant processor they process and confirm the authenticity of  payment cards, thereby giving them access to personal and confidential information like credit card numbers, names and addresses.  A security breach of their system is serious because the nature of the information they store is a potential gold mine in the hands of identity thieves.

As always, we recommend that people concerned about keeping their identity safe in a complex and computerized world consider subscribing to an identity theft protection solution.  We review several on NextAdvisor, but our top picks are Identity Guard and TrustedID.  Both services are particularly good choices in this situation, as they scan Internet black markets for the use of your credit and debit cards, alerting you if suspicious activity is detected.  Both services also include a full range of proactive identity theft protection features, including monitoring the Internet black market for your personal information, 3-bureau credit report monitoring and computer Internet security software.

Right now Identity Guard is offering NextAdvisor readers a free 30-day trial and 25% off the subscription price.  TrustedID features a free 14-day trial, 10% discount and the best value for plans that protect your whole family.

• Tweet

Can TrustedID Help Protect My Computer from Hackers?

Q:  I'm having a great deal of problems with a person who gains access to my computer. The person is using remote access and logging on to my computer, without my permission. This is a ongoing problem. Can TrustedID help with privacy invasion?

A:  Yes, TrustedID can help protect your computer from unwanted access. However, your situation sounds like someone has already gained access to your login and password.  If this is the case, you should change your password immediately, and if possible change your login ID too. Make sure to choose a password that is NOT a word or common phrase.

TrustedID helps protect your computer from hackers

Instead, use lower and upper case letters as well as numbers and at least one special character. And if you are connecting the the Internet over a wireless connection, it needs to be an encrypted connection that requires a special login and password too.

TrustedID can help protect you against future hacking and other computer intrusions like phishing and keyword logging. Included with your TrustedID subscription is free anti-spyware, anti-phishing and anti-keylogging software that can be installed on up to 3 computers. This software can help guard your computer from attacks. It will alert you to possible phishing sites, and encrypt your information online to prevent key loggers from reading your passwords and other personal information. The anti-spyware technology blocks and removes malicious programs that hackers use to track your passwords and compromise your online accounts.

We highly recommend TrustedID as an identity theft protection solution, and right now they are offering NextAdvisor readers an exclusive 10% discount and free 14-day trial.  You will also get access to your credit scores and reports from all three bureaus as soon as you sign up for TrustedID, and they are yours to keep even if you choose to cancel during the trial period.

• Tweet

National Consumer Protection Week: How to Protect Your Customers' Data

Part of your business requires gathering personal data about your customers, but how do you make sure that data is stored securely? As part of National Consumer Protection Week, we've put together some key points to remember when dealing with customers' data, via the Better Business Bureau's data security site:

1. Take inventory of everything. Document what information you keep, how you collect it, where you keep it and who has access to it. Make sure you are fully aware of the security measures you have in place and how they work. If you have a clear record of everything, you can better determine what happened if a security breach occurs and quickly take the steps to stop it.

2. Dispose of data correctly. When you don't need something anymore, it's easy to quickly forget it even exists, making it less of a priority. But customers' personal data is still a sensitive, and you need to treat it as such. You should know who is disposing of the data and how it is being disposed of at all times.

3. Communicate your data protection policy to your customers. Make sure your customers know how you are protecting their personal data, but don't be too specific or you'll be giving identity thieves a how-to on breaking in to your system.

4. Know how to spot identity theft. Create a written policy for your business on how to spot identity theft and the actions to take if anyone notices suspicious activity, and make sure every employee knows the policy inside and out. This will help in both spotting identity theft before it happens and quickly putting out any identity theft fires once they happen.

5. Have a plan in case customers' data is stolen. It's never a good idea to be caught off-guard by identity theft. Make sure you have a plan in place in case there is ever a data breach. Know which financial institutions to contact. Notify your legal services as soon as it happens. And, above all, keep up the lines of communications with any customers that might be affected.

If you are looking for a secure place to store all of your customers' data, consider an online backup service. Of the services we reviewed, Mozy and iBackup were some of the best for businesses, and both offer secure, encrypted backup options. To check out the rest of our online backup reviews, click here.

• Tweet