The Cocoon Blog
The Internet as it should be: private, secure and virus free

In January of this year the security firm Sophos reported that 40% of social network users had encountered malicious attacks. Customized third-party applications used by sites such as Facebook pose additional privacy concerns. Some of these applications can steal your account credentials, post infected links to user walls, grant permissions that allow accelerated access to your profile, share and spam contacts and cause scams to go viral.

Malicious people are drawn to social networks due to easy access and the amount of personal data available to them. The more information that you place on these sites along with weak privacy settings has the potential to allow targeted social engineering attacks.

Cybercriminals hold a heightened level of interest for sites such as Facebook where default privacy settings promote personal information sharing and are often not altered by users.

Recently, industry watch groups, like the EFF and Consumer Reports, as well as the U.S. government, have articulated a host of real-world concerns.  For example, posting personal information (including birthdates, street addresses, whether you are home or away), can expose a user to crime of either the cyber- or real-world variety. In addition, the privacy settings of users and users’ Facebook friends can expose users to harassment, malware, spyware, identity theft, viruses and scams. [Source]

US-CERT suggests ten steps that you can take to protect yourself on social networks:

1. Limit the amount of personal information you post
2. Remember that the internet is a public resource
3. Be wary of strangers
4. Be skeptical – Don’t believe everything you read online.
5. Evaluate your settings – don’t stick with the defaults!
6. Be wary of third-party applications
7. Use strong passwords
8. Check privacy policies
9. Keep software, particularly your web browser, up to date
10. Use and maintain anti-virus software

Brought to you via the Friendly Cocoon Team!

Please stop by and visit us on Twitter and Facebook!

If you have been watching technology news lately you have probably heard quite a bit about the hacker group Lulzsec. Last week they knocked CIA.gov offline for two hours using a DDoS attack and also hacked the US Senate’s public website. The most recent data leak hack involved releasing 62,000 user passwords. Last night Lulzsec tweeted that they attacked Infraguard and “compromised 1000 (plus) FBI-affiliated members”.

Governments are not the only sites that they attack. They hacked Fox’s X Factor contestant database, the Fox.com sales database, hundreds of ATMs in Britain, the Sony music database in Japan, defaced the PBS website and released various PBS databases and revisited Sony a number of times to leak more breached data. Their goal is to release personal data and they are not concerned with how it affects you now.  Reports of fraud from the Lulzsec leaks have been rolling in.

Using weak passwords such as “123456″ and also using the same password for multiple sites make any Internet account highly vulnerable to attack.

Whether you think LulzSec is doing us a favor for exposing our security weaknesses or think the hacker group has gone too far, a very old lesson can be learned here: we need to create stronger passwords. New analysis of the 62,000 logins LulzSec made publicly available reveals, yet again, our seriously weak password habits. [Source]

Cocoon Mailslots

Creating new email addresses on-the-fly gives you the freedom to keep your real email private and have permanent disposable email addresses, keeping your email accounts isolated and secure. If your email address became part of a data breach you could easily dispose of a mailslot and create a brand new one. During times of web war, Cocoon mailslots are another great privacy tool to help you stay safe online.

For more information on Cocoon mailslots please visit our FAQ and view our videos on Mailslot Basics and How to Edit a Mailslot.

You can find out more about Cocoon at GetCocoon.com

Stop by and say hello on Twitter and Facebook – The Cocoon Team!

According to a recent Internet Explorer 9: Future of the Web study, Internet privacy is losing ground rapidly. The study surveyed over 10,000 Internet users across 12 European countries and 45 percent of the respondents fear that there will be no such thing as online privacy by 2020.

Research conducted by Microsoft revealed that internet users are most concerned about privacy, now and in the future, with 45% citing loss of online privacy as their number one concern and 60% worried that companies will track and save their every internet move. [Source]

There was a time in Internet history when a user could go online when privacy appeared inherent.  With the advent of the electronic marketplace and social networking the Internet landscape has changed. With the blending of our private lives into the public sphere personal data has become an open book.

Brian Kealy, Internet Explorer lead for Western Europe at Microsoft recently commented:

It’s clear that more and more people are becoming aware of their online privacy and are concerned about how intrusive institutions are becoming in tracking — and exploiting — their online activities…

We believe that Internet users should have options available to protect their privacy online. Your private life does not have to become part of the public stream, advertisers do not need to collect data that you have not approved and you should be able to surf quietly and anonymously without intrusion from targeted advertising.  Your right to online privacy exists in Cocoon and we are FREE!

You can find out more about Cocoon at GetCocoon.com

Stop by and say hello on Twitter and Facebook – The Cocoon Team!

As you casually drift around the Internet from one website to another, do you ever wonder about the “Facebook Like Button?” It is ubiquitous and so ingrained in the social web that it has now become part of the norm. Many people may not be aware that you do not have to click on the “Like Button” to be Facebook-tracked.

Your browsing habits are linked to your Facebook profile which generally includes Personally Identifiable Information (PII) such as your first and last name. When you visit a site with a “Like” button present, Facebook will already know how you are interacting with that particular site and you do not have to click on the “Like” button to have this information disclosed to Facebook. As long as you are logged into your Facebook account, Facebook can track you as you travel around the Internet and there are millions of site pages that host this button that can send your browsing habits back to the mothership.

Christopher Mims of Technology Review stated last week: “Those Like buttons have the potential to be, essentially, a window on the browser history of every Facebook user on the planet—all 700 million of them.”

Amir Efrati of The Wall Street Journal further elaborates:

The widgets, which were created to make it easy to share content with friends and to help websites attract visitors, are a potentially powerful way to track Internet users. They could link users’ browsing habits to their social-networking profile, which often contains their name.

For example, Facebook or Twitter know when one of their members reads an article about filing for bankruptcy on MSNBC.com or goes to a blog about depression called Fighting the Darkness, even if the user doesn’t click the “Like” or “Tweet” buttons on those sites.

Facebook does not only include “generalized” data. People provide real names, real addresses, real phone numbers, real photos and real birth dates. They have conversations with real friends and real family. Facebook is perhaps the biggest treasure trove of PII data on the Internet today.

From Facebook’s Privacy Policy:

Whenever you connect with a Platform application or website, we will receive information from them, including information about actions you take. In some cases, in order to personalize the process of connecting, we may receive a limited amount of information even before you connect with the application or website.

There are ways that you can stop Facebook tracking in its tracks. If you log out of Facebook prior to going to other sites you will not be tracked. If you prefer convenience over having to reenter your password each time you return to Facebook, Cocoon has a simple solution – we give you the option to block Facebook tracking.

You can find out more about Cocoon at GetCocoon.com

Stop by and say hello on Twitter and Facebook too – The Cocoon Team!