via @ Forbes by Dave Pell, Contributor

I was recently complaining to a teller at my bank that another bank down the street had given my 3-year-old daughter a stuffed horse for nothing more than walking past the front door. I jokingly asked her what gifts my own bank would be willing to offer to compete for the affections of my daughter. Then I said, “Oh, you probably don’t like it when I mention the competition when I’m in here, eh?”

She surprised me with her answer. She said that she had her checking and savings accounts at that competing bank and that she’s always found its service to be great. I was surprised. Why would a teller at one bank do her own personal banking at another bank down the street?

She told me that most of the tellers she works with have their accounts elsewhere because they don’t want friends and colleagues at their own bank to have access to their private information.

The exchange was a clear reminder that privacy issues are everywhere. Anytime you share any information with anyone or any institution, you should expect it to be shared in ways you never expected.

This week, the top story in the Internet world was that the mobile social network Path had been uploading users’ email contact lists to its servers. The purpose of the upload was to make it more likely that users would find friends and colleagues who were also on Path. The problem was that Path was uploading the email data to its servers without users knowing it. A firestorm of criticism erupted. And within a day or so, Path responded by putting a stop to the offending practice and deleting every email address they had collected.

Path deserves credit for the swift and appropriate response to the criticism it faced. But the whole incident was one more reminder that almost everything you do on the Internet puts a dent in your personal privacy, whether you’re aware of it or not.

When I first heard about Path’s plan to delete all the email addresses it had collected, I wondered if Facebook would respond by agreeing to delete those embarrassing photos from 2006 that you already manually deleted 6 times in the past. As it is now, the photos you delete from Facebook never really get deleted. They’re still accessible via direct link (and of course, by anyone at Facebook who has access to the data). Once you put something on the Internet, you should assume it will be somewhere out there forever.

Maybe that’s no big deal when were talking about a few collegiate kegstand photos that you’d rather forget. But it is a big deal when you consider that almost everything you do or share on the Internet is being tracked by someone.

The Path story got big because it’s exceptional in two ways. First, thanks to one guy who wrote a blog post, we all were made aware that Path had a policy of borrowing your email contacts without your consent (and that iPhone apps easily allow for such a transgression). And second, when confronted with valid complants, Path acted swiftly to change its policy and right its former wrongs.

There’s nothing all that exceptional about the notion that your data is being collected and saved, and that just about every click you make and every piece of data you share is being tracked by Internet companies and the marketers who pay their bills. Companies like Facebook are so valuable precisely because of the effectiveness with which they transgress your privacy and piece together a portait of you that can be sold to advertisers.

Pennsylvania professor Joseph Turow explains how you’re tracked in the modern world.

Websites, advertisers, and a panoply of other companies are continuously assessing the activities, intentions, and backgrounds of virtually everyone online; even our social relationships and comments are being carefully and continuously analyzed. In broader and broader ways, computer-generated conclusions about who we are affect the media content — the streams of commercial messages, discount offers, information, news, and entertainment — each of us confronts. Over the next few decades the business logic that drives these tailored activities will transform the ways we see ourselves, those around us, and the world at large. Governments too may be able to use marketers’ technology and data to influence what we see and hear.

They are watching. And they know you’re reading this right now.

And it’s not like you can just go offline and avoid the tracking. If you get a postcard advertising a lung cancer screening from your local hospital, it’s not by coincidence. Everything about the offline you is being shared across corporations as well. In the age of data mining, it just takes a few clicks to piece together enough information about your age, address, income, and insurance status to figure out if you’re a likely smoker and therefore a good target for a lung screening pitch.

I have a friend who used to fill out nearly every online and offline form with a different title (Mr, Mrs, Dr, prince, king…). Then over time, he tracked the mailings that came to him with those various titles attached. Over time, he could easily track who sold what information to whom.

Today, it wouldn’t even make sense to try to keep up. We share our data with everyone and everyone is sharing our data with everyone else.

It’s worth putting this Path story into this broader perspective and reminding ourselves that we are only at the tip of personal data mining iceberg. By the time my 3 year-old daughter is my age, she might walk into her bank and have the teller ask: “Hey, didn’t we give you a stuffed horse back in 2012?”

Dave Pell writes the NextDraft newsletter, a quick, entertaining look at the day’s most fascinating news.

by Wendy Davis

A coalition of advocacy groups in the U.S. and Europe are calling on government officials to reject the ad industry's self-regulatory privacy program.

"Consumers in both the US and EU are offered limited options, based on principles crafted by the digital marketing industry and 'enforced' by groups that do not represent consumers or governments and that are completely lacking in any independence from the industry they are intended to monitor," the groups say in a letter sent Thursday to Federal Trade Commission consumer protection head David Vladeck, European privacy official Jacob Kohnstamm and other regulators.

U.S. groups signing the letter include Consumers Union, the Electronic Privacy Information Center and the Center for Digital Democracy.

The self-regulatory program requires that ad companies engaged in behavioral targeting notify consumers about the technique via an icon and to allow them to opt out of receiving targeted ads. The rules allow ad companies to continue to collect information about users who opt out.

The Better Business Bureau's National Advertising Review Council is enforcing the program, created by the umbrella group Digital Advertising Alliance.

The privacy advocates argue that the icon program falls short because "industry research" shows that "very few users ever click on it, let alone decide to opt-out." The advocates also say the icon doesn't sufficiently inform people about the "wide range of data collection that they routinely face."

The privacy coalition, dubbed TransAtlantic Consumer Dialogue, is urging officials in the U.S. and EU to undertake a number of new steps, including enacting regulations to "address new threats to consumer privacy from the growth of real-time tracking and sales of information about individuals' online activities on ad exchanges and other similar platforms."

Stuart Ingis, counsel to the DAA, disputes the groups' criticisms. He says that the Better Business Bureau has "100% independence" from industry. "The Better Business Bureau has done effective self-regulation independent of the industry for years," Ingis says. 

By JULIA ANGWIN

Major websites such as MSN.com and Hulu.com have been tracking people's online activities using powerful new methods that are almost impossible for computer users to detect, new research shows.

What 'History Stealing' Is

View Full Image

The new techniques, which are legal, reach beyond the traditional "cookie," a small file that websites routinely install on users' computers to help track their activities online. Hulu and MSN were installing files known as "supercookies," which are capable of re-creating users' profiles after people deleted regular cookies, according to researchers at Stanford University and University of California at Berkeley.

Websites and advertisers have faced strong criticism for collecting and selling personal data about computer users without their knowledge, and a half-dozen privacy bills have been introduced on Capitol Hill this year.

Many of the companies found to be using the new techniques say the tracking was inadvertent and they stopped it after being contacted by the researchers.

Mike Hintze, associate general counsel at MSN parent company Microsoft Corp., said that when the supercookie "was brought to our attention, we were alarmed. It was inconsistent with our intent and our policy." He said the company removed the computer code, which had been created by Microsoft.

Hulu posted a statement online saying it "acted immediately to investigate and address" the issues identified by researchers. It declined to comment further.

The spread of advanced tracking techniques shows how quickly data-tracking companies are adapting their techniques. When The Wall Street Journal examined tracking tools on major websites last year, most of these more aggressive techniques were not in wide use.

But as consumers become savvier about protecting their privacy online, the new techniques appear to be gaining ground.

Stanford researcher Jonathan Mayer, a Stanford Ph.D. candidate, identified what is known as a "history stealing" tracking service on Flixster.com, a social-networking service for movie fans recently acquired by Time Warner Inc., and on Charter CommunicationsInc.'s Charter.net.

Such tracking peers into people's Web-browsing histories to see if they previously had visited any of more than 1,500 websites, including ones dealing with fertility problems, menopause and credit repair, the researchers said. History stealing has been identified on other sites in recent years, but rarely at that scale.

Mr. Mayer determined that the history stealing on those two sites was being done by Epic Media Group, a New York digital-marketing company. Charter and Flixster said they didn't have a direct relationship with Epic, but as is common in online advertising, Epic's tracking service was installed by advertisers.

Don Mathis, chief executive of Epic, says his company was inadvertently using the technology and no longer uses it. He said the information was used only to verify the accuracy of data that it had bought from other vendors.

Both Flixster and Charter say they were unaware of Epic's activities and have since removed all Epic technology from their sites. Charter did the same last year with a different vendor doing history stealing on a smaller scale.

Gathering information about Web-browsing history can offer valuable clues about people's interests, concerns or household finances. Someone researching a disease online, for example, might be thought to have the illness, or at least to be worried about it.

The potential for privacy legislation in Washington has driven the online-ad industry to establish its own rules, which it says are designed to alert computer users of tracking and offer them ways to limit the use of such data by advertisers.

Under the self-imposed guidelines, collecting health and financial data about individuals is permissible as long as the data don't contain financial-account numbers, Social Security numbers, pharmaceutical prescriptions or medical records. But using techniques such as history stealing and supercookies "to negate consumer choices" about privacy violates the guidelines, says Lee Peeler, executive vice president of the Council of Better Business Bureaus, one of several groups enforcing the rules.

Until now, the council "has been trying to push companies into the program, not kick them out," Mr. Peeler says. "You can expect to see more formal public enforcement soon."

Last year, the online-ad industry launched a program to label ads that are sent to computer users based on tracking data. The goal is to provide users a place to click in the ad itself that would let them opt out of receiving such targeted ads. (It doesn't turn off tracking altogether.) The program has been slow to catch on, new findings indicate.

The industry has estimated that nearly 80% of online display ads are based on tracking data. Mr. Mayer, along with researchers Jovanni Hernandez and Akshay Jagadeesh of Stanford's Computer Science Security Lab, found that only 9% of the ads they examined on the 500 most popular websites—62 out of 627 ads—contained the label. They looked at standard-size display ads placed by third parties between Aug. 4 and 11.

The industry says self-regulation is working. Peter Kosmala, managing director of the Digital Advertising Alliance, says the labeling program has made "tremendous progress."

Mr. Mayer discovered that several Microsoft-owned websites, including MSN.com and Microsoft.com, were using supercookies.

Supercookies are stored in different places than regular cookies, such as within the Web browser's "cache" of previously visited websites, which is where the Microsoft ones were located. Privacy-conscious users who know how to find and delete regular cookies might have trouble locating supercookies.

Mr. Mayer also found supercookies on Microsoft's advertising network, which places ads for other companies across the Internet. As a result, people could have had the supercookie installed on their machines without visiting Microsoft websites directly. Even if they deleted regular cookies, information about their Web-browsing could have been retained by Microsoft.

Microsoft's Mr. Hintze said that the company removed the code after being contacted by Mr. Mayer, and that Microsoft is still trying to figure out why the code was created. A spokeswoman said the data gathered by the supercookie were used only by Microsoft and weren't shared with outside companies.

Separately last month, researchers at the University of California at Berkeley, led by law professor Chris Hoofnagle, found supercookie techniques used by dozens of sites. One of them, Hulu, was storing tracking coding in files related to Adobe Systems Inc.'s widely used Flash software, which enables many of the videos found online, the researchers said in a report. Hulu is owned by NBC Universal, Walt Disney Co. and News Corp., owner of The Wall Street Journal.

Hulu was one of several companies that entered into a $2.4 million class-action settlement last year related to the use of Flash cookies to circumvent users who tried to delete their regular cookies.

The Berkeley researchers also found that Hulu's website contained code from Kissmetrics, a company that analyzes website-traffic data. Kissmetrics was inserting supercookies into users' browser caches and into files associated with the latest version of the standard programming language used to build Web pages, known as HTML5.

In a blog post after the report was released, Kissmetrics said it would use only regular cookies for future tracking. The company didn't return calls seeking comment.

Google is working on a mobile application that would allow users to snap pictures of people's faces in order to access their personal information, a director for the project said this week.

In order to be identified by the software, people would have to check a box agreeing to give Google permission to access their pictures and profile information, said Hartmut Neven, the Google engineering director for image-recognition development.

Google's Profiles product includes a user's name, phone number and e-mail address. Google has not said what personal data might be displayed once a person is identified by its facial-recognition system.

"We recognize that Google has to be extra careful when it comes to these [privacy] issues," Neven told CNN in an exclusive interview. "Face recognition we will bring out once we have acceptable privacy models in place."

While Google has begun to establish how the privacy features would work, Neven did not say when the company intends to release the product, and a Google spokesman said there is not a release timeline.

The technology wouldn't necessarily be rolled out in a separate app, a Google spokesman said. Instead, facial recognition could be issued as an update to an existing Google tool, such as its image search engine.

Google has had the technical capabilities to implement this type of search engine for years.

Just as Google has crawled trillions of Web pages to deliver results for traditional search queries, the system could be programmed to associate pictures publicly available on Facebook, Flickr and other photo-sharing sites with a person's name, Neven said. "That we could do today," he said.

But those efforts had frequently stalled internally because of concerns within Google about how privacy advocates might receive the product, he said.

"People are asking for it all the time, but as an established company like Google, you have to be way more conservative than a little startup that has nothing to lose," said Neven, whose company Neven Vision was acquired by Google in 2006. "Technically, we can pretty much do all of these things."

Neven Vision specialized in object and facial recognition development. The object-related programs are reflected in an image search engine, called Goggles. The face-recognition technology was incorporated into Picasa, Google's photo-sharing service, helping the software recognize friends and family members in your computer's photo library.

In 2009, Google acquired a company called Like.com, which specialized in searching product images but also did work in interpreting pictures of people. Google has also filed for patents in the area of facial recognition.

Privacy concerns

As Google's size and clout grow, so does the chorus of critics who say the company frequently encroaches on people's privacy. Over the years, Google has made various missteps.

Read full article >>>>>>

It's embarrasing... you unknowingly post a spam link indicating you "Like" a link to a vulgar video or "LOL... is this you".  In many cases these messages are posted to your wall without your knowledge and are automatically removed before you see them.  Unfortunately, your friends saw them and many clicked, spreading the spam.  There are simple steps you can take to prevent this.  I found this article useful and well written.

Like death and taxes, spam is one of life’s inevitabilities. From junk emails to fake pharmaceutical advertisements to bogus comments on websites like this one, spam is a very real (if aggravating) part of online life.

As Facebook emerges as the communications platform of choice for a growing number of individuals and brands, the spam problem — both from other users and from applications — becomes a more pressing concern.

Facebook is doing a lot to help curb app-generated spam, with platform spam down 95% in 2010, but no automated system is perfect — especially when the platform is as large as Facebook.

Here are some tips to reduce the amount of spam that you see on Facebook — and avoid contributing to the problem yourself.

Be Aware of Facebook Link Scams (Experts Can Get Fooled Too)

We cover many of the most prevalent Facebook scams as they take place across the web — and many are easy to spot.

These wall attacks almost frequently lead users to agree to install a Facebook application that requires that a user authorize the ability to post to walls and friend pages.

Sometimes the scams are easy to detect — “OMG Click here to watch this video, you can’t miss it” or something else that is baiting. Other times, however, the scams can replicate promotions or apps that really do exist.

Last month, a Mashable reporter fell victim to a Facebook scam purporting to be part of a Southwest Airlines promotion. The damage was limited and it was cleaned up quickly, but it’s a good reminder that even the best of us can fall for these things.

A few things to keep in mind about these types of spam app attacks:

• Beware of short links that accompany text on your wall from people who don’t normally post links.
• Investigate or research any app that seems too good to be true before agreeing to install it.
• Pay attention to what apps you authorize to post to your wall.

If you do fall victim to one of these app spam attacks, be sure to follow Jolie’s instructions in the Southwest post:

• Visit your Facebook privacy settings and click on the bottom section that says “Apps and Websites.”
• You will see a listing of the most recently accessed apps from your account, select the offending app and remove it from your account.
• Delete any messages posted by the app on your behalf and notify any friends that might have been spammed.

Also keep an eye out for popular scams and waves of attacks. We cover these topics frequently on Mashableand the Sophos Naked Security blog is another great resource.

Moderate Spam Comments on Pages

Facebook has automatic spam filters that gray out comments on the Page wall that Facebook thinks contain spam.

These filters work pretty well, but it’s worth checking out your Page every so often to make sure genuine comments aren’t incorrectly marked as spam.

Likewise, posts that are not spam can be marked as spam when you run across them. Wall posts can be flagged as spam and the accounts, if you believe they are fraudulent, should be reported to Facebook.

SocialFresh provided a good overview of some options for page administrators in cutting down on spam.

Some of the highlights include altering settings so that the default wall view is “Only Post by Page” and preventing users from posting links in their wall posts. Because a lot of spam contains links, preventing links can also keep the spam at bay.

Be Aware of What Information You Provide Apps

Not all Facebook spam comes by way of rogue apps that send messages out on your behalf. Now that Facebook allows apps to access your email and send you messages, it’s possible that apps that appear to be legit can still grab your email for annoyances later.

A good rule of thumb when using apps is to investigate the settings. If an app seems to require an inordinate amount of access to your profile and the brand or app maker isn’t well known, then the best practice is simply to avoid using the app.

Use a Clickjack-Revealing Bookmarklet

Aside from rogue applications that try to trick users into spamming their friends, another popular Facebook spam method is known as clickjacking. Clickjacking, sometimes called likejacking, happens when a user clicks on a link and is taken to a page with a hidden Like button. Clicking anywhere on the page will “like” the post and publish it to your news feed. Friends see this and investigate the link, unwittingly propagating the spam.

We’ve seen this time and time again over the last ten or eleven months. Just last week, Charlie Sheen’s newfound “popularity” was used to perpetuate a clickjacking attack.

Researchers at the cloud security firm Zscaler have built a JavaScript bookmarklet designed to help uncover these clickjack sites. To avoid spam, simply hit the bookmarklet on a suspect site before clicking anything to reveal hidden Like buttons and iFrames.

(The Facebook Marketing Series is supported by Buddy Media, Power Tools for Facebook. Have something new to tell 500 million people? Learn the best way to manage multiple brands on Facebook with this webinar.)

via 

Forget those phishing emails that attempt to get your credit card or bank sign-in information. When crooks want to know how to get into your bank account, they post a message on Facebook. These messages appear so innocuous and so appropriate in the Facebook setting that you are likely to not only get conned, but pass on the scam.

Facebook is the new frontier for fraud, says Tom Clare, head of product marketing at Blue Coat, an Internet security company that does annual reports on web threats. In just this past year social networks have soared to 4th from 17th most treacherous web terrain -- behind porn and software-sharing sites, which you probably know to avoid.

What makes Facebook so treacherous? Us.

It starts with the fact that we are inundated with requests to set up passwords to get into our work computers, our online bank accounts, Facebook and every other web-based subscription. So what do we do? We use the same password.

"Crooks understand that most users use the same password for everything," says Clare. "If they can get your user credentials for your Facebook account, there's a good chance that they have the password for your bank account."

If you are smart enough to have separate passwords for Facebook and your financial accounts, crooks get at you through a variety phishing attempts that you might think are Facebook games and widgets. But look closely and you'll realize that they deliver answers to all of your bank's security questions -- and possibly clues to your passwords -- right into the hands of the crooks.

Think it couldn't happen to you? Let's see if you recognize any of these recent Facebook messages that jeopardize your security. All of these came from my Facebook friends in just the past few weeks:

1. Who knows you best?

The message reads:

Can you do this? My middle name __________, my age ___, my favorite soda _______, my birthday ___/___/___, whose the love of my life ______, my best friend _____, my favorite color ______, my eye color _______, my hair color ______ my favorite food ________ and my mom's name __________. Put this as your status and see who knows you best.

How many of these are the same facts your bank asks to verify your identity? Put this as your status and everybody -- including all the people who want to hijack your bank account and credit cards -- will know you well enough to make a viable attempt.

2. Your friend [Name here] just answered a question about you!

Was it possible that an old friend answered a question about me that I needed to "unlock?" Absolutely. But when you click on the link, the next screen should give you pause: 21 Questions is requesting permission to ... (a) access your name, profile picture, gender, networks, user ID, friends and any other information shared with everyone ... (b) send you email ... (c) post to your wall ... and ... (d) access your data any time ... regardless of whether or not you're using their application.

Can you take that access back -- ever? It sure doesn't look like it. There's no reference to how you can stop them from future access to your data in their "terms and conditions." Worse, it appears that to "unlock" the answer in your friend's post, you need to answer a bunch of questions about your other friends and violate their privacy too. I didn't give 21 Questions access to my information, but the roughly 850 people who joined "People Who Hate 21 Questions on Facebook" apparently have and can give you insight into just how pernicious this program can be.

3. LOL. Look at the video I found of you!

This is the most dangerous of all the spam messages and it comes in a variety of forms, says Clare. It's actually a bid to surreptitiously install malware on your computer. This malware can track your computer keystrokes and record your sign-in and password information with all of your online accounts.

How does it work? When you click on the link, it says that you need to upgrade your video player to see the clip. If you hit the "upgrade" button, it opens your computer to the crooks, who ship in their software. You may be completely unaware of it until you start seeing strange charges hit your credit cards or bank account. Up-to-date security software should stop the download. If you don't have that, watch out.

Better yet, if you really think some friend is sending you a video clip, double-check with the friend to be sure before you click on the link. When I messaged my high-school classmate to ask if she'd really sent this, she was horrified. Her Facebook account had been hijacked and anyone who clicked through was likely to have their account hijacked too. That's how this virus spreads virally.

4. We're stuck!

It started out as an email scam, but now the "We're stuck in [Europe/Asia/Canada] and need money" scam has moved to instant messages on Facebook, where it can be more effective. Most people have learned not to react to the email, but instant messages help crooks by forcing you to react emotionally -- They're right there. They need help, now. A friend got one of these messages last week from the parents of a close friend. Her reaction was the perfect way to deal with it: She immediately called her friend and said "Have you talked to your parents lately?" The response: "Yeah. They're right here."

From the beginning, email has played an essential role in the way we use the Internet – and crooks looking to score their next big scam have always known it. While we are still learning about some of the newer techniques used to scam everyday users on social networking sites like Twitter, some of the most well-known and effective email scams are still circulating to this very day. Here are the five that you, your friends and family members should all know about and avoid participating in, no matter what.

1.      The infamous Nigerian Scam.

Also known as the 419, and not always originating from Nigeria, this classic advance-fee fraud email scam has been duping people for decades. The great urban myth debunker site Snopes.com sums up this scam succinctly: “A wealthy foreigner who needs help moving millions of dollars from his homeland promises a hefty percentage of this fortune as a reward for assisting him.” It’s a clever ploy that preys upon the two powerful human instincts of altruism and greed. After all, who wouldn’t want to help someone in a politically unstable region – especially if there’s a nice chunk of change involved? Unfortunately, it’s another case of “too good to be true.” This persuasive scam has been so effective over the years, it’s even hoodwinked successful, educated targets like the co-owner of a consulting firm, a public treasurer in Michigan, and even a law professor with three doctorates.

2.      Account phishing and phony websites.

If someone is asking you to give sensitive digital information like your username or password over an unsecured medium like instant messaging or email, they’re “phishing” for the details they’d need to take over your account. Often, these email scams look legitimate with a familiar logo from a big brand or business you trust like eBay or your bank. But before you hit reply or click on a link, take a closer look. Is the sender’s email address the actual .com URL of the business in question, or is it something else? Hover over the link – does it take you to an unfamiliar destination? As a general rule, you should never type in your username, password or account details anywhere but the actual, verified and secure website itself. Navigate to it directly instead of trusting links sent through email, and never transmit sensitive account details over email messages.

3.      Pleas for help during a natural disaster.

When a natural disaster shocks the world with heartbreaking reports and footage, it can inspire many of us to find ways to help. Unfortunately, these events also inspire scammers to swindle funds from good Samaritans. Even now as Japan continues to struggle in the wake of several earthquakes and tsunamis, email scams that claim to be raising money for disaster relief in Japan have already begun circulating. But just because there are unethical opportunists in the way doesn’t mean you shouldn’t donate resources if your conscience compels. The best way to dodge these fraudsters is to stick to well-known, established humanitarian charities and to donate directly through those organizations’ websites – not through email links that can redirect to fake accounts, or individual money transfer companies (like Western Union).

4.      “You just won a ____!”

If you just won a prize or lottery you don’t remember participating in, chances are you probably didn’t! We all love getting something for free, but if you’re discovering this in an email and the prize in question is especially eye-popping, be suspicious. Like #1, this email scam typically requires you to pay a “processing fee” – and guess where your legitimately hard-earned money is going to go?

5.      "Get rich quick" schemes.

Who doesn’t want to make money fast? Actually, that question could even be the intro sentence to this popular strain of email scam, which can take a variety of forms. Whether it's someone you don’t know who wants to tell you about a hot stock nobody’s heard of (yet) or an “online investment opportunity” in newsletter form, the “get rich quick” scheme may sound tempting, but it's best to just ignore and delete as quickly as possible.

Unfortunately, email scams will be around as long as email itself still exists. So how can you protect yourself? Search online regularly to see which new scams are circulating, and consider the following advice found on Wikipedia:

• Keep your email address as secret as possible.
• Use a spam filter (most programs & web email clients have these built in already).
• Ignore & delete unsolicited emails, emails from people you don’t recognize, or emails from people you recognize that seem suspicious (containing a link or commentary that doesn’t sound like them).
• Resist temptation if something sounds “too good to be true.”

What other email scams have you or someone you know fallen for, or successfully avoided? Share your story in a comment!

Angela Epley writes about online advertising & web presence for the ReachLocal blog, which focuses on small business online marketing strategies.

by Jolie O'Dell

It was quite in vogue last year to be incensed over the privacy-related misdeeds of a certain monolithic social network, but let’s be honest — did anyone ever read the privacy policy to begin with? How about the Terms of Service?

Most of us eagerly (or irritatedly) scroll through the miles of legalese and click on the “I Agree — Sign Me Up!” button without reading a single word of what we’re agreeing to. Most of the time, there are no negative consequences, but every now and then, not knowing what you’re getting into can end up biting you.

The website or app you’re signing up for could simply be tracking your clicks for their own internal measurement tools, but it could also be gathering data to sell to marketers and advertisers. It could be selling your contact information to a third party, as well.

So why don’t more privacy-craving consumers read the privacy policies of the apps they use?

The overwhelming answer is they’re just too long. The longest privacy policies among the top 1,000 websites would take around 45 minutes to read. The average policy takes around 10 minutes to read.

And while most of the websites (72%, in fact) allow users to opt out of tracking mechanisms, around 40% require their users to take a few extra clicks to the Network Advertising Initiative’s website to opt out.

What do you think: Should privacy policies and terms of service be short and sweet enough for users to actually read them, or do you think that would increase tracking opt-outs enough that it would hurt the companies in question?

This infographic was created by SelectOut, an ad-tracking opt-out initiative, with data collected from the top 1,000 websites as per Quantcast.

Rogue application spreads virally