Researchers at Norton LifeLock have found that web trackers are collecting much more information about users’ browsing activity than had previously been believed. Such trackers can follow users around much of the Internet in order to build a profile about them. The profiles are usually compiled for advertising purposes.
“It’s common knowledge that web trackers know an astonishing amount of information about you,” the researchers write. “Our new research discovered that sometimes they know as much as twice what was previously found. And even if you delete your browser's data history, they can reconstruct your ‘data identity’ within hours.”
While web trackers aren’t inherently malicious, users should be aware of how much of their information is being collected. If a company that holds this information is breached, attackers can easily use the data to launch large-scale social engineering attacks.
Norton LifeLock offers the following findings:
- “Top Trackers: Our study reveals that top trackers can see 73% of an average user’s browsing history despite appearing on a smaller number of unique domains.
- “The power of sharing: We also estimate how much additional knowledge organizations can gain if they cooperate. Two organizations would see a 5% bump if they shared data; more than two organizations cooperating could push that number up to 50%.
- “Getting to know you — quickly: Consumers encounter, on average, 177 tracking organizations in one week, they will encounter half of those trackers in the first two hours of browsing. In other words, if the user were to start over with a fresh browser, it would only take two hours on average to re-encounter 50% of all trackers.”
People need to know that much of their online information is public, that scammers and spies can use this information in targeted phishing attacks, and that phishing and other forms of social engineering are threats to organizations as well as individuals. New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for social engineering attacks.
Norton LifeLock has the story.