Posts

User Distrust at Heart of Facebook Troubles

, ,

Satisfaction with social-networking powerhouse Facebook has slumped, according to the latest survey from the American Customer Satisfaction Index — hitting a new record-low score in the social media category that placed it in the five lowest-scoring companies out of more than 230 surveyed. There are several immediate factors that undermine user trust:

  • Inconsistency. Facebook’s user interface changes constantly (think Timeline) and this inconsistency leaves users feeling like they don’t know what to expect next from the social media site. Consistency builds trust, but Mark Zuckerberg doesn’t seem to have much vision for consistency.
  • Lack of Transparency. The average user has very little comfort with or knowledge about how Facebook is collecting, analyzing, using and selling their personal data. While Facebook has a range of privacy and security settings, most users still don’t comprehend the enormity of the information that Facebook collects on them. This lack of transparency leaves users with a bad taste in their mouth, like they are being cleverly deceived for the sake of profit.

Facebook is staring down some potentially unnerving obstacles when it comes to key areas of monetization and growth: public distrust and display ad apathy.

Look at these highly revealing statistics:

  • 59% of Facebook users said that they had little to no trust in Facebook to keep their information private according to a recent AP-CNBC poll.
  • Despite these ongoing concerns, the number of users continues to increase. Facebook has grown to 900+ million monthly active users worldwide. This paradox (that Facebook continues to add users even though most of us don’t trust them), suggests a level of reliance bordering on addiction.
  • 54% of Facebook users declare that they don’t trust Facebook using the platform for financial transactions like purchasing goods or services.
  • 83% of Facebook users say they never, or rarely ever, click ads or other sponsored content when they use the site.

Facebook is facing a crisis of trust. For now, they are masking it well and continuing to grow, unless that is, if you judge their success by revenue rather than users.

John Sileo is an award-winning author and data security speaker on social media over exposure. He is CEO of The Sileo Group, which advises organizations on privacy strategy, data security and fraud prevention. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

2010 Identity Theft Statistics Released

The 2011 Identity Fraud Survey Report by Javelin was just released, and it shows new trends in identity theft. While the report states that identity theft cases have decreased overall, it is costing consumers more time and money. The good news is that the drive to increase awareness about identity theft is working.

Meanwhile, consumer costs, the average out-of-pocket dollar amount victims pay, increased, reversing a downward trend in recent years. This increase can be attributed to new account fraud, which showed longer periods of misuse and detection and therefore more dollar losses associated with it than any other type of fraud. – Javelin Strategy & Research

The cost to resolve identity fraud issues rose dramatically in 2010 because there was a change in the type of fraud that was being committed. New Account fraud is on the rise and this is the hardest type to detect and costs the victim the most. The majority of thieves who use friendly fraud, where they target friends and relatives they know, are able to do a lot of damage by setting up new accounts in the victim’s name. Since the victim has no idea that they are a victim, they can continue to use their identity longer, which racks up more financial theft.  

Rising problems include account takeover, friendly fraud, and people failing to use privacy settings on social networks. Too few consumers are failing to protect their data, ranging from lack of anti-malware software on personal devices, mailing paper checks or financial statements, and weak online passwords. Individuals need to do a better job monitoring their personal information (limit what you give when opening new accounts) and monitoring current accounts with text and email alerts for money spent and other transactions.

Javelin found that 48% of all reported identity fraud cases were first detected by consumers, which reinforces that we need to monitor our accounts regularly.  Another important way to protect yourself it to order, review, and know what is on your credit report. You can do this at least 3 times a year for free.  Consumers can request a copy of their credit report from one of the three nationwide credit reporting agencies through AnnualCreditReport.com.

John Sileo’s motivational keynote speeches train organizations to play aggressive information offense before the attack, whether that is identity theft, data breach, cyber crime, social networking exposure or human fraud. Learn more at www.ThinkLikeASpy.com or call him directly on 800.258.8076.

Data Breach Increases 33% in 2010 and You're Next

,

The latest identity theft statistics released by the Identity Theft Resource Center documented 662 data breaches* in the United States in 2010. The message couldn’t be more clear:

Corporations are not yet taking identity theft and data breach seriously enough to properly train their employees, executives, and board on the BOTTOM-LINE DESTRUCTION caused by data breach.

Sure, at this point, many organizations pay lip service to data crimes. They have a privacy policy and their marketing materials state that they do everything in their power to protect your private information. Everything, that is, unless it costs them money to do so. Many corporations tend to hide behind the excuse that in these lean times, they can’t afford to take any additional security steps. But they must understand the disproportionate costs of recovering from theft rather than preventing it. In the simplest of terms, the ROI on data theft prevention training can easily be a thousand-fold. Each record lost, according to the Ponemon Institute, costs, on average, $204 to recover. Lose 1000 records (considered a very small breach), and you are suddenly out $204,000! According to the same study, the average cost for a business to recover from a data breach is $6.75 Million. The average cost to implement identity theft, social engineering and data breach training? In most cases, less than $50,000.

The causes are generally simple: perhaps your security software and firewalls need updating; employees haven’t been properly trained to destroy sensitive documents they no longer need; executives are surfing on unprotected wireless in airports and hotels; sales teams are gearing up social networking strategies that accidentally release confidential or proprietary information. Whatever the cause, companies and business owners must to step up in 2011.

3 Steps to Step Up in 2011 and Eliminate Data Breach

  1. Aggressive Education. One of the costliest data security mistakes I see companies make is attempting to train employees from the perspective of the company. This ignores a crucial reality: All privacy is personal. In other words, no one in your organization will care about data security until they understand what it has to do with them.Strategy: Give your people the tools to protect themselves personally from identity theft. In addition to showing them that you care (a good employee retention strategy), you are developing a privacy language that can be applied to business. Once they understand opting out, encryption and identity monitoring from a personal standpoint, it’s a short leap to apply that to your customer databases and intellectual property.
  2. Start with the Humans. The root cause of most data loss is not technology; it’s a human being who makes a costly miscalculation out of fear, obligation, confusion, greed or sense of urgency. Social engineering is the craft of extracting information out of you or your staff by pushing buttons that elicit automatic responses.Strategy: Immunize your workforce against social engineering and poor decision-making. Fraud training teaches your people how to handle requests for login credentials, passwords, employee and customer data, unauthorized building access and an office full of information whose disappearance will land you on the front page of the newspaper. The latest frontiers that thieves are exploiting are your employee’s social networks, especially Facebook and LinkedIn. It is imperative that you have a well-thought-out, clearly communicated social networking policy that minimizes the risks of data leakage, reputation damage and trust manipulation.
  3. Security Audit. Once you have accounted for human weakness and error (above), focus on the technological sources of data theft: the weakly encrypted wireless router in your home or office, the unprotected wireless connection you use to access the Internet in an airport, hotel or café, poor passwords, lack of user-level access, failure to properly implement a firewall, security software or encryption, stolen laptops, smart phones and thumb drives.Strategy: Hire an outside firm to audit your security. Your internal staff will NEVER tell you what they are failing to protect out of ignorance or lack of budget. I don’t do security audits myself, as I am on the road speaking most of the time, but I’m happy to suggest some providers if you are interested.

I say this with no intention to cause undo fear: if you don’t take steps to prevent identity theft and data breach inside of your organization, you will be next. Maybe not today, but soon. Fear is only meant for those who choose to do nothing about this crime. I, unfortunately, used to be one of these people, as you will learn from the background story on how I started writing about identity theft and eventually became an identity theft speaker.

*What is a Breach?

The ITRC defines a breach as any event that potentially puts a person’s name, Social Security number, drivers license number, medical record or financial record (credit or debit card) potentially at risk either in electronic or paper format.

This study included all types of breach, and although we have become a very digital society, paper breaches accounted for almost 20% of all breaches.  Malware and computer attacks were only 17.1 % of stolen information.

92% of U.S. Babies Are Online

According to a recent survey by the Internet Security Firm AVG, more than 8 out of 10 babies worldwide under the age of 2 have some sort of online presence. A staggering 92% of American babies have an online presence compared to 73% of babies in Western Europe. The study covered 2,200 mothers in the UK and eight other industrialized countries. With new technology and social media outlets such as Facebook, MySpace, and Twitter, mothers and fathers are eager to post photos and write about their children –  even before the baby is born.

When these children become adults, it will be literally impossible for them to separate from their digital past. I can just see the photos and stories posted when they begin to run for office, try to find a job or meet a partner. Digital memory lasts forever, and it is very unforgiving. Those of us older than about 35 have had a chance to put our bad decisions behind us. Children born today will have every aspect of their life recorded, uploaded, backed up, forwarded and publicized completely without their consent.

It was found in England that 23% of babies have an online presence before they are even born. This figure is higher in the US, where 34% have posted sonograms online, while in Canada the figure is even higher at 37%. Another shocking statistic is that even though they are unable to type yet, 7% of babies and toddlers have an email address by the time they are 2.

Our research shows that the trend is increasing for a child’s digital birth to coincide with and in many cases pre-date their real birth date. A quarter of babies have sonogram photos posted online before they have even physically entered into the world. It’s shocking to think that a 30-year-old has an online footprint stretching back 10-15 years at most, while the vast majority of children today will have online presence by the time they are two-years-old – a presence that will continue to build throughout their whole lives. – AVG CEO JR Smith

Setting up an online profile that early will definitely set an example to children that it is OK to spend a significant part of your lives and share personal details on the Internet.  All parents need to remember that what they put online is public and permanent. This content, good or bad, will follow children for their entire lives.

John Sileo speaks professionally about social media exposure, identity theft and cyber crime for the Department of Defense, Fortune 1000 companies and any organization that wants to protect the profitability of their private information. Contact him directly on 800.258.8076 or visit his speaker’s website at www.ThinkLikeASpy.com.