The article Facebook Data Privacy Scandal: A Cheat Sheet (Links to an external site.) gives the reader an almost weekly timeline of Facebook’s data protection woes. It seems to me that there has and there will always be an issue concerning data privacy if information can be monetized. It is my opinion that tech companies (primarily social media) will always take the money and apologize later, if they get caught. I have an information security certification and it is too easy to protect data either by encryption or a defense in depth approach. If Facebook utilized a quarter of the basic rules of safeguarding information they would be broke and user information would be protected. Comedian Adam Carolla has simple logic for these situations “Stupid or Liar.” Anytime someone or something just doesn’t make sense, in this case a tech company that can’t seem to secure data or is always apologizing for data security situations that are less than ethical, the entities making the comment or performing the action are either too dumb to realize what they are doing or they are lying about it. I guarantee that my data has been “Stolen” at some point, but I am also aware that you shouldn’t put anything out there (on the web) that you don’t want linked to you or used to target you for advertising purposes. It is just a question as to when and by whom was my data given or taken. Was I one of the 87 million users whose data was used by Cambridge Analytica? I don’t know, nor do I care. Data breaches mean nothing to responsible web users who utilize best practices when making important decisions on what to put on the web and what not to. It is concerning that there are users that are susceptible to influence via web advertising when making decisions that have a lasting effect on society.

I chose to write about Pharming because most people have heard of Phishing but draw a blank when Pharming comes up. Pharming is essentially DNS spoofing, which means that users type in a web address then go to the web page (DNS) but if where the DNS takes you is not the correct website but a malicious one made to look like a legitimate one. When this is used in the financial industry, users can unknowingly input username and password information into a fake website (that looks like a real one) and give bad guys their login information then they go back to the legitimate website and log in as the legitimate user and transfer all of their money out of their accounts never to be seen again. Pharming Attack Targeted Bank Customers Worldwide (Links to an external site.) outlines when this happened in 2007. I used this case because it outlines how much effort hackers put into making these fake websites look legit. The article does not mention how much money (if any) was stolen but with it happening at over 50 financial institutions, and being live for three days, one could guess.