The IT Nerd

Online data trackers on websites are used to follow your browsing habits, IP address, and personal information. According to the data presented by the Atlas VPN team, 93.7% of online trackers are from Google, Facebook, and Microsoft. Beyond trackers, other web privacy threats, such as session replay and fingerprinting, are also present.

Notably, Google’s trackers make up 49.9% of all trackers found on the web. They follow your activity on their apps and services and have an extensive set of data based on how you interact and what purchases you make.

YouTube and ad network Doubleclick, which belong to Google, also have a significant share of trackers online. YouTube has a 13.8% share, while Doubleclick trackers make up 8.3%.

Out of all trackers, Facebook’s trackers make up 15.7% of the share. Facebook has suffered multiple data breaches in the past and has been involved in privacy scandals.

Microsoft’s trackers are the least common in this list, with 6% of the share. Finally, Hotjar has a 6.3% share of trackers online. Their tracker helps websites collect your IP address, device type, operating system browser type, window size, and content.

Other web privacy threats

Beyond trackers, other web privacy threats exist that can corrupt your safety online.

Session replay script was found in 35% of the scanned websites. This type of threat captures visitors’ journey on the website. During the recording of the user’s session, the script may also capture personal identifiable information (PII).

Fingerprinting scripts were present in 30.9% of websites. About one out of four (24.9%) websites had a newly registered domain name. Foreign actors from countries like Russia, Belarus, China, and Iran originated 9% of malicious scripts. Malware and bad SSL were each present in just 0.1% of websites.

To read the full article, head over to:

https://atlasvpn.com/blog/over-90-of-online-trackers-are-from-google-facebook-and-microsoft

While many online shops are legitimate, scammers often take advantage of the anonymous nature of the internet to exploit unsuspecting victims by setting up fake ones. And with the rise of social media e-commerce, shopping scams are increasingly taking place on social platforms.

According to the data presented by the Atlas VPN team, based on the GoodFirms online survey, 47% of social media users have fallen victim to shopping scams before. 

Social media sites offer an easy and low-cost way to set up fake online shops. With the help of social media ads, these scam schemes can reach millions of consumers worldwide.

Phishing link and gift card scams are also frequent fraud schemes that end up costing social media users money or their data. In fact, 37% of surveyees reported being a victim of each of the scam types. 

In phishing link scams, cybercriminals send malicious URLs to potential victims via social media designed to steal personal data or infect the victim’s device with malware. Meanwhile, gift card schemes involve cybercriminals offering fake gift cards in exchange for money or personal information. 

Additionally, over 33% of surveyed social media users reported being victims of help scams. In help scams, cybercriminals pretend to be acquaintances of their potential victims that happen to be in an emergency situation. To help solve the emergency situation, they ask for money. Fraudsters may also impersonate charitable organizations and ask for donations.

Other scams social media users frequently fall for include job scams (30%), targeted advertising scams (27%), cloned and hacked account scams (23%), investment scams(17%), lottery scams (13%), impersonation with fake account scams (13%), quiz and polling scams (7%), romance scams (7%), and fake ticket scams (2%).

While social media scam techniques may vary, the end goal is typically the same. The fraudsters hope to score the victim’s money, personal data, or both. 

To read the full article, head over to:

https://atlasvpn.com/blog/almost-50-of-social-media-users-have-been-victims-of-online-shopping-scams-says-survey

After recent turbulence in the crypto market, Atlas VPN decided to analyze the cybersecurity side of the crypto landscape and found that new modifications of cryptojacking software used in the act of hijacking a computer and using it to mine digital assets against the user’s will, grew 3.8 times in Q3 2022. 

As many as 153 thousand new variants of malicious mining software were detected by Kaspersky in the third quarter of the year. In Q2, the number of new cryptojacking variants stood at around 41 thousand. 

However, data also reveals that the number of cryptojacking victims did not change significantly. In fact, it decreased slightly.

Analysts believe that fraudsters were trying to capitalize on the predicted growth in the crypto market. However, the predictions fell short, the market did not expand to new heights, and their strategy did not come to fruition. 

Nevertheless, cryptojacking is still one of the most common online threats. The number of victims each quarter range from 300 to 500 thousand.

Cryptojacking 101

Cryptojacking is a rather new threat, which emerged rapidly due to the impressive financial rewards of cryptocurrency mining. 

To read the full article, head over to: https://atlasvpn.com/blog/cryptojacking-malware-soars-nearly-4x-in-q3-2022

Video sharing platform TikTok has over 1 billion users and is among the most popular social media.

According to the data presented by the Atlas VPN team, TikTok removed nearly 50 million videos due to minor safety in the second quarter of 2022. Notably, most of these videos were taken down due to nudity and sexual content involving minors.

In total, TikTok removed over 113 million videos in Q2 2022. The platform’s automated defenses deleted 48 million videos, while the moderation team removed over 65 million. In addition, TikTok changed the initial decision and restored about 6 million videos.

Of those videos, nearly 44% were removed due to minor safety. TikTok deleted about 24 million videos, about 21% of all, due to illegal activities and regulated goods. Out of all removed videos, adult nudity and sexual activities made up nearly 11% or about 17 million videos.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on TikTok safety for minors:

“While TikTok might have solid policies to protect minors, it does not always reflect in practice. Social media platforms develop new products or functionalities and release them without seriously addressing online safety, particularly for minors. As of now, TikTok seems behind other companies when it comes to creating a safe environment for their underage audience.”

Minor safety

While most content on TikTok is fun or educational, people can still find some disturbing videos.

Out of the total videos removed due to minor safety, nearly 76% involved nudity and sexual activity involving minors. Harmful activities by minors made up nearly 16% of all removed videos due to underage people’s safety policy. Content containing physical and psychological harm to minors made up about 4% of violations.

Out of all deleted videos due to minor safety, 2.4% were engaging in the sexual exploitation of underage people. At the same time, grooming behavior was the reason behind nearly 2% of video removals.

To read the full article, head over to:

https://atlasvpn.com/blog/tiktok-removed-nearly-50-million-videos-due-to-minor-safety-in-q2-2022

With the appearance of new promising technologies, like NFTs and blockchain, many unique investment opportunities have sprung up in the last couple of years. Unfortunately, a significant portion of those companies do not have the investor’s best interests in mind.

The rapid evolution of the world wide web and the commercial world in general outpaced security measures that were supposed to protect individuals from getting abused in these types of deals.

A study carried out by Atlas VPN reveals that issues pertaining to online fraud are most severe in the business investment category.

The most recent figures from the Federal Trade Commission show that US citizens lost a whopping $2.66 billion to various types of investment scams in Q1-Q3 2022, representing a 50% increase over $1.77 billion lost in 2021.

From an even wider perspective, investment fraud in the US skyrocketed by 28 times in the last 5 years
 

In other words, since 2018, investment fraud has been growing by, on average, 149% per year.  

The increasing severity of the issue is also seen in the number of complaints submitted to the FTC. 

In the first three-quarters of 2022, the FTC received nearly 80 thousand investment fraud reports, out of which 74% indicated a financial loss. 

In contrast, in 2018, FTC received less than 15 thousand complaints, with 54% of them noting damages.

Social media and crypto payments

Most investment fraud victims transfer funds in the form of cryptocurrencies, which are notoriously hard to track down and get back because the whole system is based on anonymity and decentralization. 

In addition, threat actors can employ various services, like cryptocurrency tumblers, to cover their tracks to the point of virtually becoming untraceable. 

In these cases, privacy granted by the blockchain system is working against the victims and in favor of criminals. 

To read the full article, head over to: https://atlasvpn.com/blog/americans-lost-a-record-2-7-billion-to-investment-scams-in-2022

Wearable electronics are becoming increasingly popular worldwide, including in China, where around 78% of the population own a smartwatch, a fitness tracker, or both. However, as such devices have access to a vast amount of sensitive data, like users’ health information, privacy and security concerns arise.

According to the data presented by the Atlas VPN team, based on the Rakuten Insight online survey, people born in Generation X (those born between the mid-1960-s and early 1980-s) are the most skeptical of wearable technology in China due to concerns over their personal data safety and privacy when stored by such devices.

In total, 27% of 45 to 54-year-olds in China who do not own any wearables indicated worry about their data safety and privacy as one of the reasons against purchasing one, while the same is true for 22% of people aged 55 and more. 

The younger generations are less bothered about wearable electronics’ privacy and safety implications. Nevertheless, nearly a fifth (19%) of Millennial survey respondents aged 25 to 44 stated safety and privacy concerns among the top deterrents to using wearables. In the meantime, 10% of respondents belonging to Generation Z (ages 16 to 24) do not use wearables for this reason.

Overall, 15% of survey participants indicated they would not buy wearable electronics in China due to data privacy and safety concerns. Males are more likely to distrust wearable devices due to such concerns (17%) than females (14%).

All in all, wearable technologies can be highly convenient, helping users evaluate their sleep quality, fitness levels, and overall health, among other things. However, to do so, wearable electronics collect a wide range of sensitive information, including users’ heart rate, blood pressure, sleep patterns, and GPS location, essentially enabling surveillance of individuals and their behaviors. When such information is stored, there is always a risk it can end up in the wrong hands or be misused. 

To read the full article, head over to:

https://atlasvpn.com/blog/generation-x-in-china-is-the-wariest-of-wearable-technology-due-to-data-privacy-concerns

Military veterans and their families have special government resources available to them. Unfortunately, scammers perceive these benefits as easy prey.

According to the data presented by the Atlas VPN team, US army veterans lost $563 million to scams in the last 5 years. In total, military retirees reported 556,807 cases of fraud.

Miscellaneous investment scams have cost veterans $105.5 million since 2018. Former military members reported a total of 4,206 instances of scammers offering fake investments.

Business impostors stole $71.2 million from veterans in the last 5 years. Military retirees reported 49,617 cases of scammers impersonating businesses. Fake prizes, sweepstakes, and lotteries resulted in $62.1 million in losses to veterans. FTC received 11,635 reports of such scams taking place.

Government impostors scammed $60.9 million out of veterans in the last 5 years. These types of scams were the most popular among fraudsters, as FTC received 55,449 reports of fraud.

Romance scams have cost $53.5 million to veterans since 2018. Military retirees reported 3,766 instances of such fraud. Furthermore, tech support scams cost veterans $41.7 million. In total, the FTC received 15,726 reports about romance scams.

To read the full article, head over to:

https://atlasvpn.com/blog/us-military-veterans-lost-over-560-million-to-scams-in-the-last-5-years

With the last quarter of the year in motion, advertisers are frantically trying to spend all their ad budgets and meet their annual goals. However, many ad managers run into the issue of fraudulent traffic, which generates clicks and spends their money, but brings no results. 

Threat actors use computer-generated bots to replicate the activities of actual customers and fool advertisers into paying for ad traffic. 

A variety of approaches are utilized to produce false traffic, such as infecting customers’ personal computers and mobile devices with malware that loads websites without their knowledge or even infecting cloud services. 

To get a clear view of the current ad fraud landscape, the research by Fraudlogix, an ad fraud prevention company, evaluated 42 billion ad impressions to determine the severity of the non-human or bot traffic problem in Q2 2022.

The findings reveal that, on average, 21% of traffic advertisers pay for is generated by computers and scripts, not real people. 

The most noteworthy finding is that certain browsers send through significantly more fraudulent traffic than others. 

For example, the highest percentage of illegitimate traffic comes through the Russia-based Yandex browser. The analysis reveals that nearly 1 in 3 ad impressions coming across Yandex were non-human.

The Opera browser is also one of the favorites for fraudulent traffic. Over 26.3% of ad traffic coming through the Opera search engine was labeled as “non-human”. 

Google Chrome (19.5%), Apple Safari (19.1%), and Microsoft Edge (17.9%) are relatively similar in terms of the percentage of bot traffic. 

Finally, the most favorable browser to target your ads towards is Mozilla Firefox, as only 13.5% of traffic coming through this browser was computer-generated. 

To read the full article, head over to: https://atlasvpn.com/blog/nearly-30-of-ad-traffic-on-yandex-and-opera-browsers-is-bot-generated-a-study-reveals

The gaming industry continues to grow at an unprecedented rate which, in turn, creates a large attack surface for cybercriminals to abuse. However, it turns out that fraudsters prefer to infect some games more than others. 

Knowing which games are most ridden with unwanted software allows users to stay on their toes when dealing with the game itself or with various mods, skins, etc.

The following data presented by Atlas VPN will uncover the most malware-infected PC and mobile games, which can steal the user’s sensitive data, like login credentials and access to bank accounts. Kaspersky provided the data for the analysis.

The figures reveal that Minecraft is by far the most favored game by hackers on desktop and mobile platforms.

As many as 131k PC users downloaded malware-infected Minecraft games between July 1, 2021, to June 30, 2022.

Roblox (38,838), Need for Speed (32,314), Grand Theft Auto (31,752), and Call of Duty (30,401) also appeared on the list of most infected PC games. 

In total, 371,877 PC users encountered malware by downloading the ten games mentioned in the chart. 

Moving on to mobile statistics, close to 90% of malicious software targeting phones and tablets were delivered through the “pocket edition” of Minecraft. 

Card-details stealing malware

The analysis also revealed that the vast majority (76.87%) of malware found in the aforementioned video games distributes the Trojan-PSW/RedLine Stealer malware family. 

The ReadLine Stealer’s primary capability is stealing data from browsers, such as passwords, cookies, card details, autofill data, cryptocurrency wallet data, credentials for VPN services, and so on. 

To read the full article, head over to: https://atlasvpn.com/blog/minecraft-most-malware-infected-game-with-over-155-000-users-affected

Even though the cryptocurrency market is in a deep slump, cybercriminals are still actively hacking blockchain technologies or launching scams.

According to the data analyzed by the Atlas VPN team, blockchain hackers stole $2.5 billion in three quarters of 2022. In total, hackers got away with nearly $483 million in Q3 2022. Despite that, blockchain hacks fell by 43% in the last quarter compared to Q2.

The Ethereum ecosystem suffered the most significant losses of $348 million over 11 hacks. The Polkadot ecosystem takes second place on the most significant losses list. The Polkadot crypto projects lost $52 million in just 2 hack events. 

Next is the Binance Smart Chain (BSC) ecosystem, which was hacked 13 times and lost $28 million in crypto. BSC-related crypto projects suffered the most hacks out of all. Other crypto-related projects accumulated $29.5 million worth of crypto losses throughout 10 hacks.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on blockchain hacks:

“Blockchain technology has been a great example of how security principles in financial transactions and information transmission are revolutionizing. Despite that, the technology is still susceptible to cybercriminals who exploit it for their benefit. Many crypto projects get hacked, or scammers set up rug pulls to steal from investors.”

Blockchain hacks fall significantly

While cryptocurrencies live through the bear market, hackers are also less active.

Since the start of the year, the total cryptocurrency market cap has decreased by 58%. Most crypto prices have been falling for months, which caused cybercriminals to pull away from performing hacks. After the significant crypto crash in June, blockchain hacks continued to fall from 24 in July to 21 in August, and only 10 incidents in September.

When comparing the third and second quarters of 2022, blockchain hacks fell by 43%, from 96 in Q2 to 55 events in Q3. Numbers from Q3 2021, compared to the same quarter this year, also show a decrease in blockchain incidents of 28%. If cryptocurrencies remain in the bear market, the number of hacks in Q4 will likely be similar to Q3.

To read the full article, head over to: https://atlasvpn.com/blog/blockchain-hackers-stole-over-2-5-billion-in-three-quarters-of-2022