If knowledge is power then data is king, since it offers potential revenue stream when shaped and mined and is why the Internet has become a cesspool for malware and abuse. Many have learned the traps of malware makers who plant infections or spyware tools to violate the privacy rights of PC users worldwide. However, surprising is that this abuse is not limited to illegal businesses.
A recent report released by the Wall Street Journal alleges Google bypassed default privacy settings designed to protect users. Google's below statement denies wrongdoing, although further reporting indicates they've since disabled the plug-in used to exploit a flaw in both Safari's and Internet Explorer's browser security settings.
The Wall Street Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information.
Cybercriminals use Trojans to install spyware functionality on clients (PCs) without the clear permission or knowledge of PC users or owners, constituting such acts as malicious and illegal. Reportedly, Google's plug-in was also found on popular websites such as youtube.com, ehow.com, aol.com and others. Similar to exploits carried out by malware, the plug-in inserted code into the browser to bypass the default security settings. If true, does this make Google a cybercriminal and will they be punished?
The thing is, Google is not the only legitimate business who enjoys the sweet treat called web cookies. Companies like Facebook are also reportedly exploiting the same browser flaw to bypass security settings. If you've ever downloaded a freeware or shareware program, chances are your cookie jar is full as vague end-user license agreements (EULA) foretell of spying on surfing habits and tracking cookies.
While both Apple and Microsoft have resigned to tighten their browser security belts, you should not rest on this promise. Instead, you should fortify your systems by installing a stealth anti-malware tool using a mixture of scanning techniques to weed out and flag suspicious behaviors. Next, you need to put into place the following online safety habits:
- Be slow to click. Most malicious attacks are at the hands of PC users, who click too fast and download infections onto their poorly protected systems.
- Do not pirate! Stealing is illegal and on the Internet is a bedsore for malicious programs.
- Do not open email spam and delete altogether.
- Verify the source of email links and attachments before clicking and downloading on your computer. Cybercriminals love to hack and spoof accounts to fool trusting PC users.
- Use strong passwords that are hard to crack.
- Be careful when web surfing lest you land on an infectious link that routes you to an awaiting Trojan downloader housed on a malicious or compromised website.
- Take time to read EULAs and reject downloads hinting of spyware or malicious intent.