NEWSAbout UsContact UsWebsiteBizcommunity

The insecurity of today's internet

There's been a fascinating experiment in Brussels recently. Random passers-by were invited to participate in a TV show about clairvoyance. Clairvoyant was waiting for those who agreed to enter a white tent, and after a few minutes of 'tuning into the guest's energy' he began to tell his visitors some random facts about them. Such facts included the preferences and interests of the guest, as well as the color of their houses, bank account numbers, and even the shapes and places of their tattoos.
Participants were impressed. But pretty soon they were shocked to find out the secret of this magic. At some point, the curtain at the far end of the tent fell down, showing the group of black-dressed computer hackers behind it. Apparently, they were searching for online information about each of the guests. Just a couple of minutes that people spent in the tent alone with ‘clairvoyant’, was enough to get hold of all the personal information they have shared in social networks so generously. The video of the experiment "Amazing Mind Reader Reveals His Gift" now has over 13 million views.

Unfortunately, the vast majority of internet users still feed their own illusions of safety in the network, not seeing beyond the "curtain at the far end of the tent." At the time when online activity increasingly becomes less safe, only 36% of users limit access to their personal information for strangers, and only a third use a PIN-code on their devices. Most people simply are not aware of all the risks lying in wait for them in the network and, moreover, do not know how to avoid them. But it's important to recognise that there are plenty of them.

Online threat is closer than it may seem

The most common dangers of the global network probably include spam, online bullying, sending out viruses and so on, but even these totally unpleasant things may seem quite harmless in comparison with the notorious internet fraud on the margins with crime.

Indeed, the internet is a vast field for the activity of all sorts of criminals: internet pirates, distributors of child pornography, drug dealers and unlicensed medicines dealers, distributors of various forgeries etc. Perhaps the most commonly used method of internet fraud is phishing, that is a banal theft of personal data for the subsequent theft of funds from a credit card or online wallet. Also, attackers often use social networks for their own interests, creating fictitious profiles and sending out messages to users with requests, offers or threats. There are a lot of methods making it possible to defraud trusting and good-natured people of their money: charity, unscrupulous sales, banal extortion and blackmail, and the result is always the same - deception.


Fraud on dating websites is another particular story. Placing too much personal information on dating sites, including intimate photos and hidden preferences, those striving to find love online personally give the tools of blackmail into the hands of their foes. Cases of extortion with threats of spreading intimate photos and videos are not unique, as well as the real damage caused this way to a user’s personal and professional reputation. In addition, some dating sites openly sell data. For example, OKCupid's sale of personal data is its main source of income. During registration, the user answers many different questions - so why not make money on this information?

Annual Microsoft Computing safety index says that over the years, heady internet users lose $5bn because of online phishing and other forms of internet fraud, $6bn - because of their damaged online reputation. If you were to count the cyber-crime-caused damage to enterprises and whole states, according to the US Center for Strategic and International Studies, it costs the global economy $400bn annually.

How much is the phish

The market of legal personal data sale generates a considerable income. Entire industries earn on the information we leave about ourselves on the network. This is how commercial companies calling themselves "data brokers" appeared. This business is quite lucrative: the annual income of large brokers, such as ALC Data or Axciom, is measured by nine-digit amounts.

Indeed, personal data has become a kind of currency, in exchange for which you can get free use of the services. After all, when the user accesses the service, he accepts the terms of the agreement, including prescribed handling of his data. We pass the data each time during the authorisation and show our behavior going through pages and clicking ‘likes’.

Large companies like Google and Yandex synchronise information from various sources to better identify user’s preferences and to capitalise on this. Considering the applications used, localisation according to GPS data, advertising is being directed to users. The Facebook user is being offered sponsored stories based on the pages they liked and on the publicly available information they leave on their profiles. The newly-developed service PrivacyFix calculated that on average Facebook earns $26.62 per month for each user.

Apart from the risk of misuse of personal data, it’s possible to be exposed to danger on the internet where you expect it the least. A lot of companies, legally developing its business in the global network, sometimes use illegal methods to attract customers and generate profits. Dating companies serve as the best example of this.

Love does cost a thing

A couple of years ago a scandal erupted involving British-based company Cupid plc, established in 2005 by two businessman: Scotsman Bill Dobbie, and Max Polyakov, Dobbie’s Ukrainian partner. One of the most successful companies in the dating industry served more than 85 million users from 58 countries and set the tone for the development of this industry in the UK. The real recognition was obtained by the company in June 2010 after successful IPO on the London Stock Exchange. The same year Deloitte has featured Cupid plc as one of the fastest growing companies in the field of online dating services.

The enormous growth of Cupid plc has come to an end three years later after an investigation made by Ukrainian newspaper Kyivpost and BBCRadio 5. In 2013 the new information about Cupid plc operations appeared: according to data obtained by bloggers, people hired by Cupid plc were making users buy paid services off the company’s website. Further investigation performed by the media proved such activities and confirmed that the company’s ‘social media managers’ who tempted users were actually located in Ukraine. Which is not that strange considering the fact that the UK-based company’s staff included less than 20 employees, while the rest of them – around 1500 people – were located in Ukraine.

The company representatives has declined any deceiving activities, but the market reacted immediately: the share price of Cupid plc decreased by 3.5 times. Further auditing did not find the facts of massive usage of fake user profiles, however, it was confirmed that Cupid plc’s administration profiles lacked any special information distinguishing them from regular users.

The insecurity of today's internet

It’s important to note that this kind of semi-legal operations are normal for dating services. A similar scheme was used by German dating application Lovoo: fake accounts of young attractive women were created in order to force clients to buy the application subscription. However, the scheme used by Lovoo was only implemented when expansion into new markets was needed. In turn, fake accounts were involved in activities of dating services controlled by Cupid plc on regular basis as “everyday practice”. Where are the consequences for Cupid plc, experienced by other companies who had practiced similar unfair manipulations?

After all, the use of these methods ended extremely unfavorably for Lovoo. Company founders Bj√∂rn and Benjamin Bak along with twelve of their employees were arrested and accused of commercial deception. Moreover, 17 raids took place in the company’s offices in Dresden, Berlin and Nuremberg, with officers seizing computers, mobile phones, and company records for their thorough check. The investigation continues but apparently the German authorities do not intend to put up with the use of this kind of manipulations of German citizens at least by Germany-based companies.

Earlier, Avid Life Media, the company-creator of a large dating site, was accused of the active use of fembots in an amount of at least 70,000. A major scandal, which broke out on this issue, has led to the fact that a few days ago the company fully recognised the use of such practices in the official press release, at the same time stating that it ended up with them in 2015. Previously, the company claimed that the bogus profiles are used only for market monitoring and control of the quality of services provided by the matchmaking site. Whatever it was, today Avid Life Media is under investigation by the US Federal Trade Commission and, most likely, the imposition of sanctions for unfair job will not keep itself waiting.

Civilised approach to fake profiles

US Federal Trade Commission deals with unscrupulous dating companies not for the first time. Earlier, in 2014, the Commission has already banned British-based JDI Dating Ltd to use fake profiles, and has obliged it, in addition, to pay $616,165 in redress.

There’s no surprise in the loud arrests and penalties against the companies taking place in USA and Germany - countries with zero tolerance for crime in the network and with a high level of personal data protection. But why do the British authorities remain silent? After all, services, previously owned by Cupid plc, continue to operate, carefully bought up by Max Polyakov after their depreciation as a result of the aforementioned scandal.

Today the European Union is developing a new legislation on the prevention of online fraud and the protection of personal data, which will be materialised in acts of direct action in all EU countries in the next two years. Since Britain at that time, probably, will not belong to them, it's time to enforce legal protection of its citizens against all the risks to which they may be subjected on the network.

15 Jul 2016 15:49