It is no secret that the American consumer reliance on online media has increased significantly over the past decade. The rise of convenience (read: immediacy) has forced online marketers to launch new, faster, and flashier avenues to grab our attention. The frenzy to be "the chosen one" among online advertisements has only increased with the economic downturn, as advertising dollars must go further to achieve big-budget results. While this influx of immediate information is, in most cases, a blessing for busy lives, the security pitfalls in the form of viruses and identity theft are, most certainly, the opposite. We expect, as consumers, to be protected, especially when visiting legitimate, well-known websites. However, the economic climate has created a marketing squeeze that unfortunately allows certain safety checks to fall by the wayside, exposing the less-than-careful busy consumer to viruses and identity theft.
The Wall Street Journal reported on June 15, 2009, that attacks from virus-inundated advertisements are on the rise, as more and more legitimate businesses are finding their website's advertising systems hacked by individuals taking advantage of the increasingly complicated business relationships prevalent in online advertising. The economic downturn has forced web publishers to outsource their website ad sales to middlemen and resellers, creating a long, and ultimately dangerous, chain of vendors, few of whom are subjected to security checks.
This chain begins when a company's website publisher sells advertising space on its forum sections, often visited by millions per month. As noted in the Wall Street Journal, ideally, ad networks who visit these forums purchase the available ad space to sell directly to business marketers. However, if the network fails to sell the space within a given time, the space will be resold to another ad network. In some cases, unused advertising space is auctioned off to the highest bidder. The chain of buyers and sellers becomes longer, reducing the certainty that every step in the buyer/seller process is checked for security purposes. The end result – a hacker who ultimately buys the ad space, posts either a false, virus-laden advertisement, damaging the consumer's operating system, or a false ad redirecting the consumer to a website requesting sensitive, personal information.
Businesses usually discover and remove the dangerous material within hours, however, hours often equal years in internet-surfing real time, and consumers' computers and personal information are often compromised before the fix is implemented.
The business of online advertising continues to march forward, raising questions about privacy and security. Facebook, the popular social-networking site, recently launched new targeting methods for its advertisers, posting 11 new ways to hone in on potential consumers based on information on individuals' Facebook profile pages. These targeting features, available to all businesses who advertise through Facebook, will identify and contact consumers based on (among other factors) the consumer's birthday, listed connections, and geographic location, in addition to gender, age, relationship status, and other parameters.
As noted by Jeff Chester, executive director of the Center for Digital Democracy:
Currently there are no advertising platforms (that I'm aware of) that provide this level of targeting capabilities. With these new features, Facebook will be able to increase revenue while increasing the effectiveness of ads. One thing that has been challenging for Facebook is to receive high conversion levels but with these new targeting features, creative advertisers will be able to increase their conversion levels.
One group that can also benefit from this new ad platform is application developers. Want to get new users that aren't yet using your application? Now you can exclude all users of your existing application and only target those that haven't installed it. This is something that as far as I know, no cost-per-install networks are able to provide yet. Facebook has been heavily focused on improving their advertising offerings over the past few weeks and with this latest announcement, it's clear that Facebook is looking to provide powerful tools for all advertisers.
Full article content is available at: http://www.democraticmedia.org/jcblog/?p=847.
In June of this year, Jeff Chester testified before a House subcommittee on the issue of security and privacy in consumer targeting by advertisers. Chester urged Congress to implement more sophisticated online policing measures to protect consumers' privacy, stating, "As with our financial system, privacy and consumer protection regulators have failed to keep abreast of developments in the area they are supposed to oversee," he explained. "In order to ensure adequate trust in online marketing—an important and growing sector of our economy—Congress must enact sensible policies to protect consumers." Full article content is available at: http://www.democraticmedia.org/release/cdd-testimony-20090618.
While Facebook, and other well-known sites currently have security measures in place, they are not invulnerable to hacking and manipulation. As tools for consumer profiling rise in sophistication and availability, it is essential for businesses and consumers alike to keep security in mind, especially as protective measures for internet privacy may well lag behind.
Best practices include keeping your browser and operating system current by installing software updates and new patches as vulnerabilities become known; using a limited-privileges account for everyday browsing; blocking harmful IP addresses with a firewall; using high-security settings in your browser and taking advantage of browser add-ons, such as NoScript, which prevents untrusted sources from running scripts on your computer without your approval, and Adblock Plus, which prevents advertisements from being downloaded and displayed.
Vol. 53, June 2010