The IT Nerd

The Roe v. Wade overturn destroyed 50 years of progress in women’s rights to privacy and the ability to choose for themselves.

According to the data collected by the Atlas VPN team, apps dedicated to women’s health, like pregnancy or period trackers, heavily collect sensitive data and share it with third parties. After the Supreme Court in the US overturned Roe v. Wade, information gathered from these apps could be used as evidence for getting an abortion.

A few most popular women’s health apps stand out when looking at trackers. Pregnancy App & Baby Tracker (Babycenter) has 15 trackers on their Android and 20 trackers on iOS applications.

Pregnancy Tracker & baby app WTE has 7 and 22 trackers on its Android and iOS versions, respectively.

Flo Period tracker & calendar app seems to have 2 trackers, the least among Android apps. At the same time, the MeetYou Period Tracker application has 3, the least amount of trackers among women’s health apps on iOS devices.

Permissions spy on your data

Permissions help the user regulate and control which system and device functions the application can access.

MeetYou Period Tracker has 36 permissions on their Android app, 8 of which could be considered dangerous. The iOS application requires 7 permissions, giving access to data that can be used to track you.

Pregnancy Tracker & baby app WTE on Android devices has 19 permissions (3 dangerous), meanwhile, the iOS version has 9. The least amount of permissions on Android and iOS devices can be found in the Spot on period tracker, 7 and 4, respectively.

During our research, we found some apps that even ask for permissions to access your search history and contact information, like your name and email address. Later on, this data could be sold to third-party services and used against women who are considering getting an abortion.

To read the full article, head over to: https://atlasvpn.com/blog/pregnancy-and-period-tracking-apps-corrupt-womens-privacy-study-reveals

The summertime is synonymous with the travel season. Before departing for their destination, tourists frequently assess a variety of health and physical safety precautions; however, only a few consider their online safety.

In 2021, around 500,000 Americans were victims of cybercrime and lost an excess of $6 billion, but how does that look on a state-by-state basis? 

The Atlas VPN research team has created a list of the most dangerous and secure US travel destinations in terms of cybercrime. 

The safety of each US state was ranked according to its cybercrime index. 

To calculate the cybercrime index, Atlas VPN first worked out each state’s victim count per 100,000 population. For the second measure, Atlas VPN calculated each victim’s average losses.

To determine the final ranking, each measure was normalized on a 0-1 scale, with 1 corresponding to the measure that would most negatively impact the final score. These measurements were then summed up and converted to a score scale of 100.

The initial cybercrime victim and cybercrime loss numbers for each state were based on Federal Bureau of Investigation 2021 statistics. Atlas VPN also included each state’s ranking according to its popularity as a travel destination.

The calculations reveal that North Dakota and Nevada are by far the most dangerous states in terms of online safety. Both states have unique cybercrime profiles and a cybercrime index of over 57.

North Dakota is distinctive because even though there were only 87 victims per 100k population, the losses per victim stood at $31,711, which is the highest in all of America. 

While victims in Nevada lost an average of $4,728 per scam, it was also the state with the highest number of victims per 100k population. The Battle Born State is also the third most common travel destination in the US. 

The Golden State is also at the top of the list, with 169 victims per 100k citizens and losses at $18,302. Unsurprisingly, California ranks as the most popular travel destination. 

New York is the 5th most visited state and, at the same time, 4th in terms of cybercrime severity. New Yorkers lost around $19,266 for each internet fraud case, with 151 individuals out of 100,000 encountering this misfortune.

The District of Columbia also makes the top 5 list, mainly due to the high number of victims per 100k population. 

To see the comprehensive research, which includes an analysis of all US States, please head over to:
https://www.atlasvpn.com/travel-destinations-by-cybercrime

Even with the crypto market experiencing a crash, crypto scams are still going strong. Phishing scams, in particular, are favored among cybercriminals.

According to the data analyzed by the Atlas VPN team, based on the information provided by the CheckPhish URL scanner tool by Bolster, Blockchain is the most commonly phished crypto project, with 662 phishing websites in the last 90 days. 

Blockchain is followed by cryptocurrency wallet Luno and proof-of-stake blockchain platform Cardano with 277 and 191 phishing pages, respectively.

The data features detected cryptocurrency phishing website numbers in the last 90 days till June 22nd, 2022. 

The next top-most phished crypto brand is Poloniex. The crypto exchange has had 72 phishing websites using its brand in the past three months.

Meanwhile,  NFT marketplace Magic Eden and yet another crypto exchange, Bittrex, share the fifth and the sixth spots on the list with 67 and 65 phishing websites each.

The rest of the top ten includes the largest cryptocurrency exchange Binance with 59 phishing websites,  crypto investing service Apex Crypto with 23 phishing websites, open-source cryptocurrency wallet software MyEtherWallet with 21, as well as Bitcoin wallet service Electrum and Australian cryptocurrency assets exchange BTC Markets each with 16 phishing websites.

Ruta Cizinauskaite, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on crypto phishing scams: “Brand impersonation is a common tacting among cybercriminals as people are more likely to trust the brands they know with their money or information. To lure in their victims, scammers develop counterfeit websites using legitimate brand names, similar-looking URLs or appearances. Crypto scams, in particular, are very lucrative to cybercriminals as cryptocurrency payments are irreversible, uncontrolled by central authorities, and many newcomers are not very knowledgeable in how crypto works.

To read the full article, head over to: https://atlasvpn.com/blog/blockchain-com-luno-and-cardano-are-the-top-most-phished-crypto-projects

In phishing attacks, scammers will employ social engineering techniques to get you to click on their email.

According to the data presented by the Atlas VPN team, 67% of scammers leave the ‘subject’ line empty in malicious emails. Other ‘subject’ lines are not nearly as used as just keeping it blank, which can be a major red flag when identifying a phishing email.

About 9% of attackers would type in ‘Fax Delivery Report’ in the subject line of phishing emails. Nearly 6% of email scammers enter ‘Business Proposal Request’ as the subject line. Furthermore, 4% of threat actors would write a simple ‘Request’ as the email’s subject. Another 4% of attackers are trying to set up a ‘Meeting’ with their victims.

Almost 3.5% of scammers would send emails with the subject ‘You have (1*) New Voice Message’. Moreover, 2% of threat actors would type in ‘Re: Request’ in the subject of their phishing emails.

The tactic used in phishing emails is often to urge the user to click on the email or link without much thought. Some subjects are directed at business employees who might have real and fake ‘meetings’ or ‘business requests’ mixed in their inboxes.

To read the full article, head over to: https://atlasvpn.com/blog/study-almost-70-of-email-scammers-leave-the-subject-line-empty

A bug bounty program is a reward offered for discovering and reporting a bug in a software product.

According to the data compiled by the Atlas VPN team, Apple pays five times more for exposing a vulnerability than Samsung. Exploits that allow hackers to perform network attacks without user interaction are usually worth the most in bug bounty.

Apple pays from $100K to $1 million to researchers who find exploits in their devices. Our report from earlier in the year found that vulnerabilities in Apple products surged by over 450%.

Huawei’s bug bounty program offers payouts from $200 to $223K for found vulnerabilities in their devices. The company gives out rewards for exploits found in their AppGallery, cloud services, or the phones themselves.

Samsung’s bug bounty program rewards researchers between $200 and $200K for qualified exploits. The amount is determined by the severity level, vulnerability report quality, affected scope, and the difficulty of attacks.

Xiaomi bounty payments range from $800 to $13K for found vulnerabilities. OnePlus and Oppo, both owned by BBK Electronics, bug bounty programs can reward researchers with up to $7K and $4K, respectively.

To read the full article, head over to:

https://atlasvpn.com/blog/study-apple-pays-5x-more-per-exposed-vulnerability-than-samsung

Ransomware has become a popular means for cybercriminals to cash in on their activities. They use ransomware to encrypt companies’ essential data and ask to pay a ransom in return. If companies have not backed up their information, they must dig into their pockets to get it back.

According to the data presented by the Atlas VPN team based on a Veeam 2022 Ransomware Trends Report, 73% of organizations suffered two or more ransomware attacks in the past 12 months. The majority — 44% of ransomware infections entered through phishing emails, links, and websites. 

In total, 35% of organizations experienced two ransomware attacks, nearly a quarter (24%) endured three, close to a fifth (9%) of companies had four, and 4% went through five. Meanwhile, 1% of organizations suffered six or more ransomware attacks in the past 12 months. The remaining 27% of organizations faced only one ransomware attack.

Paying the ransom does not guarantee data recovery

Ransomware will continue to be used in cyberattacks as long as businesses are willing to pay up, and they still are. 

A whopping 76% of organizations affected by ransomware in the past twelve months went through with the ransom payment. However, nearly one in four (24%) companies still could not recover their data afterward.  

On the positive side, nearly a fifth (19%) of companies that got their IT systems infected with ransomware in the past twelve months were able to recover their data without paying the ransom. Meanwhile, 5% were not asked to pay in the first place.

To read the full article, head over to:

https://atlasvpn.com/blog/over-70-of-organizations-suffered-two-or-more-ransomware-attacks-in-the-past-12-months

Data analyzed by Atlas VPN shows that US citizens lost over $68.3 million to various job and business offer scams in the first quarter of 2022. 

The business and job opportunities fraud category includes offers for work-at-home jobs, like stuffing envelopes or processing medical claims, multi-level marketing schemes, job scams, job listings, employment services, inventions or idea promotions, and business opportunities.

The figures were extracted from a public database of the Federal Trade Commission (FTC). US Citizens can submit fraud reports to the FTC for further investigation. The FTC shares this data to inform the nation about the state of the cybercrime landscape in the US.

All in all, US citizens have lost $701.4 million to bogus job and business opportunities since 2018. We will dissect the data into smaller increments to better understand this fraud type.

To start, criminals swindled $17.7 million from unsuspecting victims in 2018 Q1, which comes out to around $197 thousand lost daily. These damages were a result of 1,969 scams with a median loss of $1,036.

In contrast, Americans lost $68.3 million or nearly $759 thousand daily throughout the first quarter of 2022, which represents a growth of 285% over 2018 Q1. The FTC received 5,999 reports indicating a loss, with the median loss standing at $1,950. 

Yet the significant upsurge in business and job opportunities scams started in 2021 Q4, where total losses amounted to $62.5 million, or an average of $680 thousand per day, a growth of 29% over 2021 Q3. The median loss was $2,000, while the number of reports totaled 6,353.

The FTC notes that scammers advertise fake jobs in the newspapers, online, or even on signs, posters, and flyers.

To read the full article, head over to:
https://atlasvpn.com/blog/americans-lost-a-record-68-million-to-job-business-opportunities-scams-in-2022-q1

According to the data compiled by Atlas VPN, online fraud complaints in the United States are expected to reach a record 1.11 million in 2022, driven by various factors such as an increase in cyber threats. 

The projection made by the Atlas VPN team represents a 31.5% growth from the 847,376 complaints registered in 2021. It was calculated by averaging the yearly internet scam complaint growth number from 2017 to 2021.  

The losses to internet scams in the US are also expected to rise by almost 52%, from $6.9 billion in 2021 to $10.5 billion in 2022.

The calculations are based on the Internet fraud data numbers provided by the FBI Internet Crime Complaint Center (IC3) in their Internet Crime Report 2021. 

In total, IC3 registered $2.76 million online scam complaints in the United States in the past five years (on average, 552,000 per year), amounting to losses of a whopping $18.7 billion. The cumulative number of complaints is estimated to reach 3.9 million by the end of 2022, while losses — $29.17 billion.

Why online scam complaints and losses are expected to increase

The rise in online fraud is motivated by various factors, but increasing online presence is among the main ones. During the Covid-19 pandemic, people turned to online services as lockdowns confined them. Many businesses, in turn, also moved online. As more and more people started transacting on the internet, cybercriminals saw it as an opportunity to fill their pockets. 

Even with the pandemic’s peak well past us and with businesses opening up, people’s habits have been changed for good. Many people made the work-from-home their status quo, while others found running their errands online more convenient and time-saving. 

What is more, the number of internet users is growing every year. According to the data provided by Statista there were around 4.7 billion internet users in the world last year. By the end of 2022, internet users are expected to reach 5 billion.

At the same time, cyber threats are constantly evolving, and fraudsters are getting more sophisticated with their attacks. While Nigerian prince scams are still going strong, cybercriminals are also utilizing more effective methods. For instance, they often spoof popular brand names and websites in hopes users will not notice that the email they received or the website they visited is fraudulent.

In fact, phishing, vishing, smishing, and farming were the most common types of cybercrime over the past five years. Overall, 731,739 cases of such crime were reported from 2017 to 2021. Based on the past trends, it is likely that social engineering attacks will dominate this year as well.

To read the full article, head over to: https://atlasvpn.com/blog/online-fraud-complaints-in-the-us-could-reach-a-record-high-of-1-million-in-2022

Browsers can connect you to any place on the internet. Nowadays, you can choose from an extensive range of programs. However, some browsers can be better for your privacy and security.

According to the findings by the Atlas VPN team, 1,006,232,879 internet users (19.16% of all internet users) now use the Safari browser, making it the second browser with over a billion users. Nevertheless, Google Chrome firmly remains at the top as the most popular browser.

Safari browser now has more than 1 billion users. Apple developed browser is automatically installed on every iPhone and Mac computer. Safari has implemented several privacy features to ensure its users’ security.

Google Chrome is the most popular browser worldwide, with over 3.3 billion users. Application driven design of Chrome attracted more and more people to try out the browser. Web applications including YouTube, Drive, Calendar, Docs, Earth, Maps, and others became a gateway into Google’s ecosystem of online services.

Compared to last year’s statistics, Microsoft Edge overtook Firefox for the third most popular browser with over 212 million users. Since the release of Windows 11, Microsoft set it as the default browser on all devices and made it difficult for users to change to their preferred option.

Firefox browser ranks fourth with 179 million internet users. Firefox is oriented towards more privacy-concerned users as it offers quite a few features for their protection.

Samsung Internet browser found on the companies’ smartphones and tablets is used by more than 149 million users. At the same time, over 108 million users are utilizing the Opera browser for their everyday tasks.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on browsing safely online:

“Ultimately, user cybersecurity education is the most essential for browser security. Many cyberattacks use social engineering techniques to trick users into downloading malware. Users can protect themselves from threats by adopting safe practices such as keeping browsers up to date, blocking pop-ups, and ensuring the sites they enter use HTTPS.”

To read the full article, head over to: https://atlasvpn.com/blog/apples-safari-browser-now-has-more-than-1-billion-users

Data analyzed by Atlas VPN reveals that Google collects the most information about its users out of five selected tech giants – Google, Facebook, Twitter, Amazon, and Apple. 

Barely anyone has the time or patience to read through dozens of pages of privacy policies for each website. Here, we will provide an overview of the number and type of data points the aforementioned enterprises collect about their users. 

The primary data was collected and made public by the Security.org team, which read through the privacy policies and extracted the data points. Atlas VPN summed up collected data points for each company to provide an easy-to-digest overview.

Google takes the top spot in regards to the amount of data collected as they log 39 metrics about each user. 

In general, they collect every little detail that they can. There are a few exceptions, like your address, SSN, or driver’s license number, but besides that, not much else is left out of their databases.

Amazon

For personal information, Amazon logs your name, username, password, phone number, payment information, shipping address, and email. Nothing out of the ordinary for the most part since it is an e-commerce website, but there is one caveat – they collect your social security number and driver’s license information.

Another interesting tidbit is that Amazon sources data about your credit history from credit bureaus.

To read the full article, head over to: https://atlasvpn.com/blog/google-collects-almost-40-data-points-per-user-most-out-of-top-tech-giants