Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label ProPublica. Show all posts
ProPublica
Cyber Attacks Facebook Ads Facebook Hackers fake ads Hackers Internet scammers Meta Online Security ProPublica

Meta Struggles to Curb Misleading Ads on Hacked Facebook Pages

 

Meta, the parent company of Facebook, has come under fire for its failure to adequately prevent misleading political ads from being run on hacked Facebook pages. A recent investigation by ProPublica and the Tow Center for Digital Journalism uncovered that these ads, which exploited deepfake audio of prominent figures like Donald Trump and Joe Biden, falsely promised financial rewards. Users who clicked on these ads were redirected to forms requesting personal information, which was subsequently sold to telemarketers or used in fraudulent schemes. 

One of the key networks involved, operating under the name Patriot Democracy, hijacked more than 340 Facebook pages, including verified accounts like that of Fox News meteorologist Adam Klotz. The network used these pages to push over 160,000 deceptive ads related to elections and social issues, with a combined reach of nearly 900 million views across Facebook and Instagram. The investigation highlighted significant loopholes in Meta’s ad review and enforcement processes. While Meta did remove some of the ads, it failed to catch thousands of others, many with identical or similar content. Even after taking down problematic ads, the platform allowed the associated pages to remain active, enabling the perpetrators to continue their operations by spawning new pages and running more ads. 

Meta’s policies require ads related to elections or social issues to carry “paid for by” disclaimers, identifying the entities behind them. However, the investigation revealed that many of these disclaimers were misleading, listing nonexistent entities. This loophole allowed deceptive networks to continue exploiting users with minimal oversight. The company defended its actions, stating that it invests heavily in trust and safety, utilizing both human and automated systems to review and enforce policies. A Meta spokesperson acknowledged the investigation’s findings and emphasized ongoing efforts to combat scams, impersonation, and spam on the platform. 

However, critics argue that these measures are insufficient and inconsistent, allowing scammers to exploit systemic vulnerabilities repeatedly. The investigation also revealed that some users were duped into fraudulent schemes, such as signing up for unauthorized monthly credit card charges or being manipulated into changing their health insurance plans under false pretences. These scams not only caused financial losses but also left victims vulnerable to further exploitation. Experts have called for more stringent oversight and enforcement from Meta, urging the company to take a proactive stance in combating misinformation and fraud. 

The incident underscores the broader challenges social media platforms face in balancing open access with the need for rigorous content moderation, particularly in the context of politically sensitive content. In conclusion, Meta’s struggle to prevent deceptive ads highlights the complexities of managing a vast digital ecosystem where bad actors continually adapt their tactics. While Meta has made some strides, the persistence of such scams raises serious questions about the platform’s ability to protect its users effectively and maintain the integrity of its advertising systems.
Read more »
ProPublica
Abortion Pills cyber theft Data Breach Google Investigation ProPublica

Google Receives Sensitive Data From Abortion Pill Websites

 


Several online pharmacies are selling abortion pills online and sharing their customers' personal information, such as their search history and geolocation, with Google and other third parties. ProPublica has learned that by using this information, one can identify the users of these websites, which could be used to track them down. 

In post-Roe America, where there is no abortion, this type of private information could prove to be downright dangerous when law enforcement subpoenas such sensitive information to prosecute women who wish to end their pregnancies, even though data privacy advocates may be concerned about it. It could prove even more dangerous for women who wish to end their pregnancies in this country. 

It is not uncommon for police to not even have to use the courts if they wish to compel businesses to hand over this data. This is because executives often hand it over willingly and without a court order. 

In the aftermath of the Supreme Court's ruling in Dobbs, which overturned Roe v. Wade and ended the right to abortion, there have been more than a dozen states in the country that are now prohibiting surgical and medical abortions - aka abortion pills - across their borders. 

ProPublica analyzed the pharmacies' websites through The Markup's website privacy inspector to find out which types of trackers they are using and why they are using them. There was a report that found a minimum of nine websites selling abortion medication also collected and shared records regarding their customers. This includes other websites they visited, search terms entered, general location, and general device information. 

It is essentially the website's actual visitor data that is shared with online tools that enable websites to track visitor numbers and traffic patterns. These tools enable websites to provide live chat support and do other helpful things with the information. 

According to ProPublica's investigation, nine of the sites are sending Google data that could potentially identify users, including random numbers associated with the browser of each user, which then could be matched with other information acquired through the sites, the investigative non-profit documented.  

In total, there are nine pharmacies available for abortion-related services, including Abortion Ease, BestAbortionPill.com, PrivacyPillRX, PillsOnlineRX, Secure Abortion Pills, AbortionRx, Generic Abortion Pills, Abortion Privacy, and Online Abortion Pill Rx. 

The Register contacted several pharmacies about the issue, but no one responded. Companies dealing with abortion pills must stop sharing data with Google and Facebook immediately, said Cooper Quintin, Senior Staff Technologist at the Electronic Frontier Foundation (EFF).  

As web developers may not have thought that they were placing their users at risk when they used Google Analytics and third-party tracking, they now have to consider the risk of putting their users at risk. In the current political climate, all websites, but especially those that serve at-risk users, must consider whether assisting Google, Facebook, and others in building user profiles could lead to an extremely horrific outcome, Quintin told in a report. They can not continue acting as though Roe's decision is still the law of the land. 

It is worth noting that the EFF has not yet witnessed any instances where law enforcement agencies have used this type of information to prosecute abortion seekers or providers. According to Quintin, he is concerned that someday, the data stored on big tech platforms such as Google, Facebook, and even Facebook themselves may be used as a dragnet tool to search for women seeking abortions or other reproductive care services and prosecute them. 

If a court order is served on a tech company, they will typically turn over their users' private information and messages to the police. This is if served with a court order. It has been revealed that Google received more than 87,000 search warrants and subpoenas in 2021. 

'Purely Hypothetical and Technically Impossible,' States Google

Google does not specify whether any of these requests were related to health information in its report. The major search engine company is not afraid to take action against government demands to turn over customer data to the government. This is according to a spokesperson for the company. 

It is also prohibited for Google Analytics customers to upload any information that might give away a person's identity to Google during the process of analyzing their data. Moreover, Google has strongly disputed the conclusions of the non-profit organization. 

According to Google Analytics Product Director Steve Ganem, the allegations described in ProPublica's latest article regarding Google Analytics are purely hypothetical. They are technically impossible in the real world. 

As Ganem noted, "Google Analytics was designed specifically so that we and other third parties, including law enforcement, would be unable to identify users through Google, possibly under some circumstances." As well as that, Google also has strict policies against advertising to people who provide sensitive information on their website. 

Last year, Google promised to update the system used to track where users are located. This will ensure that trips to medical clinics and other sensitive places are automatically excluded.   
Read more »
Subscribe to: Posts (Atom)