A recently published consumer report is advocating the general idea that identity theft is a diminishing crime and that most services offered to protect consumers hold little, if any, value. The trouble is, their research in many places is superficial and/or incomplete, and in some places completely irrelevant. It seems as though for a piece regarding the existence of identity theft, the experts who provided opinions on the topics, were not experts in identity theft at all.

All major federal agencies that have anything to do with identity theft have universally said that incidence of identity theft are getting worse, not better. That includes organizations like the FBI, FTC, and DOJ. According to the same Department of Justice study that is cited in questionable pieces includes the statement, “in 2010 about 7% of households in the US (about 8.6 million) had at least one member age 12 or older who had experienced one or more types of identity theft victimization.” While that is a slight decrease from the 2009 number of 7.3%, it should not be overlooked that the overall trend is still very much an upward one.

According to the aforementioned study only 5.5% (about 6.4 million households) experienced this same type of victimization in 2005. It should be noted that 2010 is the first year that any decrease can be seen anywhere in the numbers over the last five years.

Further, the Federal Trade Commission (FTC), the federal agency most responsible for monitoring identity theft activity in the United States, found that identity theft has been the top complaint from consumers in their annual survey for the past eleven years running. These are not merely concerns being expressed mind you. These numbers have nothing to do with subjective fears which can be influenced by paranoia and outside influences, but are actual complaints, i.e. incidents of identity theft being reported.

As the Victim Advisors at the ITRC have dealt with victims of criminal identity theft almost every day for the last ten plus years, we feel somewhat more qualified to talk about this issue from a truly “expert” perspective. Anecdotally, I can tell you that I speak with a victim of criminal identity theft nearly every single day. For something that “doesn’t happen a lot,” it sure happens a lot, and to those who have to go through it, it means a lot to have someone on their side helping them through it.

A recent study done by a cyber security firm known as F-Secure, found that 58 new threats to the Mac operating system were discovered between April and December of 2011. It is a commonly perpetuated falsehood amongst consumers that viruses and malware are only issues for PC platforms, not Macs. Unfortunately, this is a fallacy. Viruses are like any program; they have to be written with platform specific languages, with instructions written for that machine, operating system, type of processor, etc. What this means in simple layman’s terms is that in order to infect a Mac, you must develop software designed for a Mac.

Mac malwareSo while it is technically true that Macs have historically been far less likely to become infected with a virus or malware, the reasons for this discrepancy should be examined. Is it really that Macs are so much more secure? The reality is that Macs are only less likely to be infected…so far, because there are less of them in operation as opposed to PC platforms. As such, they represent a lower possible return on any investment in time and money a cyber criminal or criminals may choose to invest in developing and spreading malware. At this point, because the Mac operating system still owns a minority of the market share, it is comparatively safer than PC operating systems…for now. One scenario that could happen to make attacks on Macintosh computers more common: an increase of Market share of MacOS X computers. Macs must control enough of the market to entice profit-driven malware and viruses to be more commonly developed.

As Internet usage and personal computer ownership continues to become more common the world over, it is entirely plausible that niche-market viruses could develop to focus on Mac operating systems. Remember that while the Mac system is – at this point – more secure, it is more a result of being a less common target of cyber-criminals, and not because the system is inherently more secure. Be wary of links from people you don’t know, or spam emails, as one wrong click can expose your Mac to malware in the same fashion it would a PC. As Macs become ever-more popular, expect the number of threats to increase in a linear fashion.

“Think Your Mac is Immune to Malware? Think Again” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

M86 Security, a global expert in real-time threat protection recently published a security review on the most recent trends they are seeing in cyber-threats during the second half of 2011. After probing e-mail threat tendencies and the Web in general the report makes some interesting assertions. Most notably, taking note of spam trends, the study found that while spam emails on average diminished significantly from September to December of last year, the total amount of e-mail junk having malevolent attachments increased to over 5 percent from not even 1.

The study found that incoming amounts of spam declined to 70% of all incoming e-mail traffic during December 2011. While that seems a large number, when compared to the numbers in September, which were over 90%, it is clear that there was a significant down-trend in spam frequency Additionally, the study made note of the largest host countries for spam and malevolent email activity.

It was somewhat surprising to see that the USA at 51.4% was far and away the leader, with Russia in a distant second place at only 6%. The study showed the most prominent botnets were behind the maximum amount of e-mail junk. M86 reports that during 2011, personalized assaults have become increasingly sophisticated.

Direct assaults on national infrastructure and government sites rose through the use of key-logging. The overall gist of the study points to traditional email spam becoming less common. The threat of malevolent effect through email seems to have increased overall however, as targeted breaches and dangerous attachments to email have become more common. The study seems to indicate that email predators are switching tactics rather than reforming their practice. Be wary of emails from people you don’t know, and never under any circumstances download email attachments unless you are familiar with and trust the source of the email. Keep your anti-virus software up to date and contact the authorities if you feel you have been the victim of an email related scam.

“M86 Cyber Threat Security Review” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the ITRC Blog.

A majority of identity theft cases never make it to court. If they do, you’ll want to arrive armed with the knowledge of what your rights are and what tools the law allows you to use to rectify your identity theft issue. Keep in mind, as you read this information, that each case is unique. What one victim experiences may not be your experience, even within the same jurisdiction and court. This general information is not meant to take the place of legal advice from an attorney, or advice from a DA victim assistance counselor. However, it might help you understand the complexities of the judicial process.

Throughout the process of clearing your name, you have most likely filled out a number of affidavits. On these forms is some information you might not want publicly known. This could be your new driver’s license number, mother’s maiden name, former addresses or names used, new address, birth date and account numbers.

Many victims do not know that you may request that identifying information be redacted (blackened out) from documents being put into court records or given to the defense attorney during discovery. Unfortunately, we have heard of cases where the perpetrator has gotten these documents and now has even more information than he/she originally had. Talk with the detective and DA on your case about your options. These will vary from jurisdiction to jurisdiction. Throughout the court process, take detailed notes. Note names of people who testify, the name of the judge, DA, court reporter and even the probation officer. Write down who said what, judicial rulings, anything the defendant says. Jot down questions about things you don’t understand or items you feel were ignored. You can ask the DA or victim assistance counselor about those later.

There are some very basic expectations you should understand for each step in the trial. At the arraignment, you probably will not be asked to speak, and may not be involved. Sometime after the arraignment, someone from the DA’s office may contact you to let you know about the date of the trial. Depending on your city or county, you should expect that this DA will not be the DA who later will try the case. Frequently, victim contact is just an administrative function, and the DA’s rotate this duty. If you become aware that your perpetrator has been arrested, and you have not been contacted by the DA, you should call the DA’s office and ask for the calendar coordinator. You may need to be persistent.

If you are involved in the arraignment, you will be a spectator. Typically, the defendant will go up to the front of the room along with his/her attorney. The court will read the charges and ask how they plead. Expect to hear the words, “Not guilty.” Do not react to this; this is just a legal process. The judge will quickly review the DA’s charges. Then the judge will set a preliminary trial date, a readiness hearing date and decide bail.

Following the arraignment, the formal trial will begin next. Keep in mind; this is the people’s case, represented by the prosecutor, not yours. The DA may not present the information you wish. He/she may not focus on points you think are important and may even settle for a plea bargain without consulting you.
Many factors figure into the way a prosecutor presents a case. The prosecutor must consider the type of penalty asked for, and how many counts (acts of criminal behavior) charged in the case. For example, sometimes your case is just one of several cases that are being charged against an alleged imposter. The DA will focus on the crimes that have the best chance of successful prosecution, or that hold the highest resulting penalty. Those crimes may not be yours. Sometimes a DA has a wealth of criminal activities to prosecute, but going after each incidence won’t help improve his/her case. The judge might see such actions as persecution, or a waste of time. Be aware that the penalty might not change between 31 counts and 15 counts in a specific case.

Again, take notes. Keep your cool and act in a professional manner. You may not even need to say anything until the imposter is found guilty and the court moves into the sentencing phase. If you are called to testify, follow the directions given to you by the DA’s office prior to trial.

If the defendant is found guilty, the judge will set a date for sentencing. If, however, a plea bargain has been struck, the case will move directly to sentencing. You will be notified of the date of this phase and you should talk with the DA prior to this date. You should also talk with the Probation Officer assigned to the case.

You have the right to submit a written Victim Impact Statement. If you want, you can also make a statement in court. The judge must read anything you submit to the court, prior to sentencing. Please do yourself a favor: Prepare a statement, keep it concise, accurate, clear, and complete. This is the best way to have your message heard clearly by the court. You may attach a financial statement detailing your costs and expected costs; include copies of any receipts that verify expenses.

If the imposter is found guilty, the judge will pass sentence. That sentence may include probation with review hearings. The Probation Department will give a report to the judge regarding probation progress (or lack thereof), and law enforcement is also permitted to search the convicted felon’s residence, car, person and belongings for any probation violations. Before a Review Hearing, victims who suspect that the felon is breaking probation or the law should notify either the police detective that was on the case or the assigned probation officer. Review Hearings give victims another chance to address the court, especially if probation violations affect them.

“The Court Experience for Identity Theft Victims” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the ITRC Blog.

In today’s world of commerce and travel, we’re all used to many public places offering free wifi to consumers. Open wifi connections are convenient. They allow us to leave the office and do work outdoors, do homework at a coffee shop rather than at home, or access important information almost anywhere. But though open wifi connections are great in public, they can lead to serious problems at home. Even today, thousands of homes do not have a firewall or security password on their wifi connection. These homes are broadcasting internet access, sometimes as far as a block away. Not only does this allow their neighbors to acquire free internet access, it can allow anybody within range to view the files that are on your computer, and download sensitive information such as your banking formation, tax documents, social security number, stored pictures, and anything else on your computer.

http theftIn rare instances, the thief used the victim’s computer to store illegal material such as child pornography so that the authorities wouldn’t find it on the thief’s computer. But luckily, there are several easy things that you can do to protect yourself from this intrusion.

  1. Install a Firewall – A firewall determines who has access to your family’s network and who doesn’t. Whoever has access can go online and share files between computers. It is always important to make sure your firewall is constantly ENABLED and that it recognizes which computers can have access as well as have a password to enter.
  2. You Need a Virus Scanner – regardless of if you have a Mac, PC, or Lenox based computer, you need to have a virus scanner. There is no such thing as a computer that is “virus-proof”. Hackers and criminals are clever and there is a code for every type of computer and program. A while ago, there was a virus code that could be imbedded in .jpg files. These viruses can open backdoors in your firewall, record everything you type, or allow thieves to insert other malicious programs or files onto your computer.
  3. Be careful about what you download. Some files on the internet may look harmless but actually contain malware such as Trojans. Pay attention to your virus scanner while downloading new products. If it doesn’t like a program, don’t download or install it.

Initial protection from outside intrusion of your wifi based network is relatively easy. If you need assistance setting up your firewall or picking a virus scanner, consult your local computer expert.

“Direct Connections to the Internet Protecting Yourself and Your Information Against Intruders” was written by Kat. Kat is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

There are several situations in which identity theft can affect the processing of a tax return. Most involve someone misusing someone’s Social Security number (SSN), which the IRS uses to make sure the filing is accurate and complete and that they get any refund they are due.

It could be a sign of identity theft if a taxpayer receives an IRS notice that:taxes

  • More than one tax return was filed for one tax year, or
  • IRS records indicate a taxpayer received wages from an employer they don’t know.

If someone uses a taxpayer’s SSN to file for a tax refund before the taxpayer does, the IRS may believe the taxpayer has already filed and received their refund. The taxpayer might not know this until they get a letter from the IRS indicating that more than one return was filed for them.

If someone has used a taxpayer’s SSN to get a job, the employer may report that person’s income to the IRS using the taxpayer’s SSN, making it appear to the IRS as if the taxpayer did not report all of their income on their tax return. In that situation, the IRS might send the taxpayer a notice that they appear to have received wages from an employer they don’t know.

If You Suspect Identity Theft – Contact the IRS

If you get a notice from the IRS, respond immediately to the name and number printed on the notice. If you think you have tax issues related to identity theft, let the IRS know as soon as possible, even if you don’t have any evidence that it’s affected your tax return. Contact the IRS Identity Protection Specialized Unit (IPSU) at 1-800-908-4490. The IPSU’s hours are 8:00 am to 8:00 pm (your local time).

Specialists will work with you to get your tax return filed, get you any refund you are due, and protect your account from identity thieves in the future. You can document the identity theft by submitting a police report or the IRS ID Theft Affidavit (Form 14039).

You’ll have to prove your identity with a copy of a valid government-issued identification, like your Social Security card, driver’s license or passport.

We welcome you to post/reprint the above article, as written, giving credit to and linking back to ITRC Blog.

Imagine these scenarios:

You are on vacation and you open your laptop in your hotel room. You log into the public wifi network, and quickly agree to the Terms and Conditions (without reading them of course), and start to do your normal Internet activities. For just a second, you have a fleeting thought: “Is my computer at risk?” And then you begin your normal Internet activities and quickly forget all about it.

You are waiting to catch your flight in an airport and, after grabbing a cup of coffee and opening your laptop, you see that there’s a “Free Public Wifi” network available. You login to your banking account to transfer funds. You have a vague sense that you might not be doing something safe, but you figure that you’re only going to be online for fifteen minutes, so you’re probably okay, right?

How Safe Are Wifi Hotspots?

Many of us assume that using a wifi network at a hotel or airport is the same as logging into our network at home or at the office. But the risks of using wifi networks at a hotel or airport are exponentially greater than those experienced at home or in an enterprise setting.

For example, while sharing folders, printers, desktops, and other services can be useful at home or in the office, doing so is inappropriate on a public network, where competitors or hackers can access this information.

Most private networks use firewalls to defend users against Internet-based attacks. This is not necessarily true in public wireless networks, where security practices vary widely. You may assume you are safe from outside attacks, but you really have no idea whether any firewall lies between your laptop data and the Internet.

Business travelers willing to connect to any network that offers free Internet access are especially vulnerable to such attacks. It is literally impossible to tell the safe networks from the bad ones. Wireless eavesdropping is possible everywhere. Only a small percentage of public networks prevent wireless eavesdropping, and many networks leave wifi users completely responsible for their laptop security, with extensive or complete file and service exposure.

So What Should I Be Worried About?

Okay, so now you are probably aware that using a public wifi network while on the road exposes you to a lot of security risks. But what risks are we talking about exactly?

The following is a list of different types of hacks that can occur in public wifi hotspots:

Sniffers: Software sniffers allow eavesdroppers to passively intercept data sent between your web browser and web servers on the Internet. This is the easiest and most basic kind of attack. Any email, web search or file you transfer between computers or open from network locations on an unsecured network can be captured by hackers. Sniffing software is readily available for free on the web and there are 184 videos on YouTube to show budding hackers how to use them. The only way to protect yourself against wifi sniffing in most public wifi hotspots is to use a VPN, such as PRIVATE WiFiTM.

Sidejacking: Sidejacking is a method where an attacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies often contain usernames and passwords, and are generally sent back to you unencrypted, even if the original log-in was protected via HTTPS. Anyone listening can steal this log-in information and then use it to break into your Facebook or gmail account. This made news in late 2010 because a programmer released a program called Firesheep that allows intruders sitting near you on a public wifi network to take over your Facebook session, gain access to all of your sensitive data and send viral messages and wall posts to all of your friends.

Evil Twin/Honeypot Attack: This is a rogue wifi access point that appears to be a legitimate one, but actually has been set up by a hacker to eavesdrop on wireless communications. An evil twin is the wireless version of the “phishing” scam: an attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. When a victim connects, the hacker can launch man-in-the-middle attacks, listening in on all Internet traffic, or just ask for credit card information in the standard pay-for-access deal. Tools for setting this up are easily available (e.g., Karma and Hotspotter). One recent study found that over 56% of laptops were broadcasting the name of their trusted wifi networks, and that 34% of them were willing to connect to highly insecure wifi networks.

ARP Spoofing: Address Resolution Protocol (ARP) spoofing, also known as ARP flooding, ARP poisoning or ARP Poison Routing (APR), is a technique used to attack a wireless network. ARP spoofing allows an attacker to sniff traffic on a LAN and modify or stop the traffic altogether. This attack can only occur on networks that make use of ARP and not another method of address resolution. ARP spoofing sends fake, or “spoofed”, ARP messages to a LAN which associates the attacker’s MAC address with the IP address of the victim. Any traffic meant for the victim’s IP address is mistakenly sent to the attacker instead. The attacker could then forward the traffic to the actual default gateway (passive sniffing) or modify the data before forwarding it (man-in-the-middle attack). The attacker could also launch a denial-of-service attack against a victim by associating a nonexistent MAC address to the IP address of the victim. A successful APR attempt is invisible to the user.

“Free Public Wifi” Rogue Networks: “Free Public Wifi” networks are ad-hoc networks advertising “free” Internet connectivity. Once you connect to a viral network, all of your shared folders are accessible to every other laptop connected to the networks. A hacker can then easily access confidential data on your hard drive. These viral networks can be used as bait by an Evil Twin. “Free Public Wifi” networks turn up in many airports. Don’t connect to these networks and you won’t infect your laptop. If you find this kind of network on your laptop, delete it and reconfigure your adapter to avoid auto-connecting to any wireless network.

Man-in-the-middle Attacks: Any device that lies between you and a server can execute man-in-the-middle attacks, which intercept and modify data exchanged between two systems. To you, the man-in-the-middle appears to be a legitimate server, and to the server, the man-in-the-middle appears to be a legitimate client. In a wireless LAN, these attacks can be launched by an Evil Twin.

You Should Know What You Are Agreeing To

Remember those Terms and Conditions that you agreed to and didn’t read? Well, we’ve actually read them, and here is what some of them say:

  • Starbucks: It is the Customer’s responsibility to ensure the security of its network and the machines that connect to and use IP Service(s).
  • Boingo Wireless: There are security, privacy and confidentiality risks inherent in wireless communications and technology and Boingo does not make any assurances or warranties relating to such risks. If you have concerns you should not use the Boingo software or service. We cannot guarantee that your use of the wireless services through Boingo, including the content or communications to or from you, will not be viewed by unauthorized third parties.
  • JetBlue: Wireless internet connections such as that provided through the Service are not secure. Communications may be intercepted by others and your equipment may be subject to surveillance and/or damage. Since the wireless connection providing you with access uses radio signals, you should have no expectation of privacy whatsoever when using the service. Accordingly, in providing this service, JetBlue cannot and does not promise any privacy protection when you use the service. It is your sole responsibility to install and deploy technological tools to protect your communications and equipment that may be compromised by use of a wireless network.”

So How Can I Protect My Laptop?

Okay, so now you know how dangerous wireless networks can be, and the various kinds of attacks you may face when using them. So what specifically can you do to protect yourself and your data?

Below are some proactive steps you can take to protect yourself when using such networks, and services you can use that provide laptop security.

Disable or block file sharing

  • Enable a Windows Firewall or install a third party personal firewall
  • Use file encryption
  • Most importantly, use a VPN

The one thing that they all have in common is that it is your responsibility to protect yourself. The best way to protect your sensitive information is to use a Virtual Private Network, or VPN, which encrypts the data moving to and from your laptop. The encryption protects all your Internet communication from being intercepted by others in wifi hotspots. In addition, VPNs can prevent hackers from connecting to your laptop and stealing your data files.

The above article was posted on Friday, July 1st, 2011 by Jared Howe for Private WiFi. Private WiFi is a personal VPN software that encrypts your data in public wireless hotspots. Using our easy software prevents identity thieves from hacking into your emails, online banking, social media accounts, and other personal information. You can check them out at www.privatewifi.com.

After any kind of data breach or hacking event, there are a handful of possibilities for what criminals will do with your stolen information. The outcome typically depends on what types of data they were able to steal, but possibilities include holding it for ransom to prove to a company that they were hacked, using it themselves for identity theft and fraud, or selling your records on the Dark Web to others who would use it.

Considering the heavy emotional and financial toll that identity theft can have on its victims, it’s shocking how little a consumer’s record can sell for on this internet black market. Recent studies have shown just how much money your life is worth to a scammer.

1. Credit card or debit card information – Hackers used to actively seek out credit and debit card numbers, as well as any PIN numbers or security codes associated with those cards. Due to better fraud detection and things like “card not present” transaction alerts from financial institutions, it’s easier than ever to spot criminal use of someone’s card and cancel that account. That could be why card account logins only fetch a few dollars. According to McAfee’s recent findings, a card number with the CVV2 code from the back is worth between $5-$8 dollars, but if it also comes with the bank’s ID number, it could go for $15 online. If the stolen credentials included something called “fullz,” that is, the card owner’s complete information, that would be worth around $30.

2. Online Payment Service Account Information – Whether it’s your own bank account that you can access and use online or a payment service like PayPal, there’s an interesting finding of the value of these stolen logins: the higher your available balance, the more money the criminal pays to purchase it from the original thief. For example, McAfee’s “The Hidden Data Economy” found:

$400-$1000 Balance is worth $20-$50
$1000-$2500 Balance is worth $50-$120
$2500-$5000 Balance is worth $120-$200
$5000-$8000 Balance is worth $200-$300

3. Medical Identities – When people think of identity theft, they tend to overlook their medical identities. This is the information contained in your medical records, such as your name, address, Social Security number, health insurance ID number, prescription medications, or other necessary information. A study by NPR found that a group of ten Medicare numbers will fetch about $4700 online; it’s important to remember that Medicare numbers—unlike most health insurance numbers now—are still currently the member’s Social Security number, which can make the stolen profiles doubly valuable.

But what about a typical case of stolen identities where the victim’s name, address, phone number, birth date, Social Security number, and other details are just thrown onto the black market for someone to steal? They go for about twenty dollars each at the current market prices.

Interestingly, selling a stolen set of “fullz” online isn’t a one-and-done proposition. Once a thief has accessed someone’s complete identity, he can sell the same records to multiple customers. That means the work of recovering from the crime can feel insurmountable; you resolve one issue with a credit card someone opened up in Minnesota only to turn around and get a bill for a medical procedure in Florida. That’s why it’s important to start your recovery process with an identity theft report, and then by reaching out to agencies that can give you clear instructions on what to do next.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

Last month, State Attorney General Kamala Harris announced the creation of a new law enforcement unit to address the growing problems associated with identity theft and cybercrime. According to the F.T.C., California has the most identity theft complaints of any state (over a million complaints annually), and the third highest number per-capita. Known as the California e-Crime Unit, this new law enforcement group will include a group of 20 investigators and prosecutors whose sole responsibility will be to prosecute cybercrime.

 

While Florida, Texas, and Louisiana already have similar units in place, California’s promises to be the largest such unit yet created, with a broader mandate. Criminal activity such as identity theft, internet scamming, and hacking will be the units’ primary focus. The problem with catching cybercriminals is not the ability to track their activity, or to find sufficient evidence of their crimes. So then why is it decidedly more difficult to actually bring a cybercriminal or identity thief to justice? The primary reason is the relatively new unique challenges cybercrime presents.

Primary amongst these is the fact that a significant amount of cybercrime transcends traditional jurisdictional boundaries. Often it is beyond the scope of an individual local police force or district attorney to effectively build a case against and prosecute criminals who may commit their crimes in multiple counties, states, or even countries. Additionally such complication makes it confusing for the consumer to know just how to most effectively get help for their identity theft issues. These are exactly the issues Harris and this new task force are hoping to address. By developing a unit completely focused on cybercrime, with the mobility to help individual local and county jurisdictions seamlessly could potentially be a game changer in the battle on identity theft and cyber crime that has to this point, been a losing one. This is one of the strongest and most encouraging indicators yet that the severity of this problem is finally starting to hit home in the minds of legislators and law enforcement officials.

“Identity Theft and Cyber Crime Blues: California’s New eCrime Unit Gets Tough on Cyber Criminals” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center.

When it comes to web browsers, you have options. The ultimate goal of any web browser is to provide people with a better Internet experience. Regardless of your preference, ask yourself what makes for a better Internet experience?

browser security

According to Firefox, they provide an “open community” where the key features are “openness, innovation, and opportunity.” It gives the users the ability to “shape their own online lives.” In terms of privacy and security, Firefox offers the add-on Flagfox 4.1.11 – said to provide several tools like site safety checks, malware checks, Whois (domain search – who owns the website), page code validation, and display of a flag to tell the user the location of the current website’s server, amongst others. This is supposed to add an extra layer of awareness to the user’s browsing experience, and the user has the ability the select these features or customize their own actions. Firefox’s goal is to be “unobtrusive” – thus, Flagfox does not actually track anything, nor does it send the information anywhere.

Google Chrome on the other hand, is dedicated to “help protect you and your computer from malicious websites as you browse the web.” This web search engine features safe browsing, sandboxing, and automatic updates. For Google Chrome’s safe browsing, users are informed with a warning message if the site they are visiting poses a malware or phishing threat – “Warning: Visiting this site may harm your computer!” Like Firefox, which also offers updates, Google Chrome offers automatics updates. These updates check for the latest security features, and require no action on behalf of the user. According to Google, their feature Sandbox adds an extra layer of protection by “protecting against malicious web pages that try to leave programs on your computer, monitor your web activities, or steal private information from your hard drive.” It prevents the self-installation of malware to your computer. Software Engineer, Nicholas Sylvain, notes that Sandbox was meant to be generic; therefore, it is not just limited to Google – which means that it can be used by others if they share Google’s “multi-process architecture.”

Whether your preferred web browser is Firefox or Google Chrome, both seem to place an emphasis on browser security – of course, through different approaches. Yet, nonetheless, they both express a deep concern for their users’ interests – an interest that lies in the power of the internet.

“Google Chrome vs Firefox: Which is safer?” was written by Gabby Beltran. Gabby is the Public Information Officer and a Bilingual Victim Advisor at the Identity Theft Resource Center.