Recently a WordPress exploit was discovered for the very popular Akismet spam comment blocking plugin. Akismet uses a white/black list type of technology to determine bad comments. The cross site script (XSS) vulnerability was used in the comment section of a WP site by using a malicious script designed for converting emoticons to graphical icons. Is there a way to prevent this?
WordPress sites are very common and most are used by small bloggers and businesses to have a very professional looking presence on the web. This site uses WordPress. A thing most people forget is that WordPress is open source and one of the most widely used content management system (CMS) on the internet. The internet is HUGE. What this means is WordPress is highly targeted by various types of hacker exploits.
These exploits are usually conducted by automated bots that go to WordPress sites. Because of the bots, it’s very important to have anti bot technology on your site. If you want to test out some anti bot technology check out NoMoreCaptchas with a FREE 6 month commercial trial. Code NOBOTS15
Thank You Very Much!!
Another day, another malware. It looks like ad fraud is going full throttle with malware apps now generating $4M in revenue for the perpetrators.
Advertisers are the ones that really get hurt. As mentioned before, if you need help fighting ad fraud message me HERE.
Google was a pioneer in introducing a feature every advertiser wanted, highly specific target marketing. It was cheaper than TV ads. Programmatic advertising became very profitable for advertisers, publishers, and exchanges. Everybody drank the ad-tech Kool-Aid. The biggest casualties of all that Kool-Aid today are the independent publishers. Is ad tech evil?
The little publishers lose again. The independent publishers don’t have the branding of Time or The Wall Street Journal with highly legit traffic. These small publishers are the people that use GoDaddy and have a WordPress blog.
Another factor affecting the small publishers is the growing trend of ad blockers. We even see the dark side of ad blockers receiving kickbacks for letting paid ads in. Ad blocking is said to have up to 150-200 million users and growing.
With the invention of BioChronometrics, advertising fraud (click, impression, and display) has become an unnecessary evil! If you want to discuss how to get 100% human traffic for your site, please message me using my anti-bot contact form here.
Ticket scams. We’ve all been to concert’s and had to buy tickets from scalpers because robots keep buying tickets on Ticker Master the day they are released. Usually I buy tickets at the event minutes before the event. But, sometimes I get a ticket by checking on Craigslist a few days or weeks before. Although most tickets on Craigslist are legit, there are some bad apples.
If you do a basic Google search you will get all kinds of results for “Craigslist Fraud” which show 19,700 news search results.
Most recently a fellow by the name of Mark Tracy was charged by the Chandler PD for ticket fraud nationwide. Whatever tickets were hot, such as the Taylor Swift concert, there he was swindling away. Police have now charged him with fraud. But what are some things these social sites like Craigslist can do to eliminate or minimize the current fraud situation for concert tickets?
Most people take the usual precautions and are aware of “cash only” scams. Some scammers will even ask you to wire money or bank account details. These are tall tale signs to look elsewhere. Common sense should always be used buying tickets on the secondary market of Craigslist.
Beyond the typical precautions, the perpetrator could be blocked from Craigslist via BioChronometric eDNA. Once the scammers eDNA is stored, the site becomes impenetrable, discouraging the fraudsters from using it. Craigslist would then be a safer place for artists, customers, and ticket sales.
Facebook just announced they have one billion users logged on. That’s quite impressive. Facebook is a power house social network with users. But as we’ve seen previously, there’s alot of bot activity on Facebook. Everybody is wondering how Facebook came up with the “One Billion Facebook Users” that were logged in.
As mentioned before, we can make your social network human with no bots via BioChronometrics.
The Dow plunged over 1,000 points today. At the open the market proceeded to rally then sell off several times thru out the day. Computer traders known as high frequency traders (HFT) were having a field day. The retail public on the other hand using typical online broker dealers like TD Ameritrade, Scottrade, and Interactive Brokers for order entry were slowing to a crawl. Some couldn’t even log into their accounts. Orders and fills were delayed up to 10-20 minutes before getting a report. I wouldn’t be surprised if this login issues was a DDOS attack on them.
Looking at this from a security breach point of view, was this really a typical flash crash or was this an attack on exchanges and online broker dealers from cyber attackers at the user login? The steps involved:
- Flash out exchanges via quote stuffing
- Disable retail investor login via DDOS attack
- Run wild
Below is a display of the volume from last Friday vs. Monday’s open in the first 10 minutes of trading. The market began to do massive volume through out the day. Nanex has some great stats of the quote stuffing and algos going crazy. As always, we probably won’t hear much from this for awhile.
The New York Times put out an interesting article about an Airbnb Horror Story. This has elements of a Hollywood horror film except it really happened.
Mix Hostel with new tech and we have an Airbnb horror story. A 19 year old gets traumatized by a transgender Airbnb host with sexual demands and later survives by using reverse psychology. After the horrific event. Airbnb is taking better precautions on directly phoning the police when events like this happen.
“We realize we can learn a lot from this incident and we can do better,” Mr. Papas said by email. “We are clarifying our policies so that our team will always contact law enforcement if we are made aware of an emergency situation in progress. Safety is our No. 1 priority, and we want to get our hosts and guests as much help as possible.”
The article then ends with precautions to take when using Airbnb such as:
- Family/friends should have the host address accessible.
- Carry a global phone with emergency number access.
- Study Facebook profiles.
Other than these Mickey Mouse solutions, the host should be completely eliminated off the Airbnb network so this doesn’t happen in the future from the same person. But, how would Airbnb do this? For one, the host’s BioChronometrics eDNA can be used to eliminate access to Airbnb sites or it’s mobile apps.
The past few days we’ve heard of Jeeps getting taken over by potential hackers. Instead of recalling the 1.4M vehicles Ford is sending out a USB thumb drive to update the car brain. If this happens again, Ford will be sending out thumb drives again! But, is this really necessary in today’s techno environment? Shouldn’t more precautions be used?
Device recognition is changing rapidly because of so many cyber breaches and hacks today. Potential threats can be eliminated or minimized with device recognition of the vehicle, car key, iWatch or a users cell phone. I’m not talking about wasting time with multi factor authentication (MFA) and text messaging letter/number inputs. I’m talking BioChronometric device recognition which is passive device recognition to the user. It is faster than opening your car door or car ignition. Why hassle the user with text messages when you can authenticate the car and user passively?
Cars are getting so tech’ed out, they will need to be protected from remote access just like any other type of security access point. We will soon see cars come out with device recognition. Will it be Ford, Toyota, or Tesla???
It seems like ad fraud has no boundaries. Not only are bots penetrating PC web plugins, but mobile apps are now turning into bot nets. Basically this is seen as mobile device hijacking. A new study shows that ad fraud in the mobile market is hitting almost $1 Billion per year.
Ways of eliminating this type of fraud is very difficult for most participants because the mobile users, advertisers, and exchanges don’t’ even know this is going on with their publishers.