now browsing by tag


#deepweb | Online shops use ‘dark patterns’ to trick you into buying and signing up for more, study suggests

Source: National Cyber Security – Produced By Gregory Evans

Many online shopping sites use our psychology against us by subverting user decision-making through design choices called “dark patterns,” and oftentimes, this causes shoppers to make decisions they otherwise wouldn’t.

According to a new study that analyzed data from more than 11,000 popular shopping sites, these tactics are more pervasive than most people realize.

Dark patterns coerce, steer or deceive users into making decisions that they might not if they were otherwise fully informed or given an alternative.

This includes things like using a countdown timer to pressure shoppers into “snagging a deal” even though the deal doesn’t end after the timer runs out, generating deceptive notifications in a random fashion (e.g. using a random number generator to tell shoppers how many others are “currently viewing” a product) and “confirmshaming” — when a site’s pop-up urges users to sign up and phrases the “no” option as a shameful choice, e.g., “No thanks, I like paying full price.”

It’s an increasingly common choice to implement dark patterns in the design of online spaces, including social media sites, e-commerce sites, mobile apps and video games, and the research team at Princeton wanted to get a better idea of just how often dark patterns are being used and in what ways.

Out of the 11,000 websites analyzed, researchers found that about 11 percent were using some kind of dark pattern on their user interface, and a total of 183 sites were using deceptive tactics specifically.

According to data, the more popular the site, the more likely it was to be using dark patterns.

“At best, dark patterns annoy and frustrate users,” the study’s authors said, “At worst, they can mislead and deceive users. This includes causing financial loss, tricking users into giving up vast amounts of personal data, or inducing compulsive and addictive behavior in adults and children.”

One worry about digital shops in particular is that they have a much greater ability to manipulate shoppers’ cognitive limitations and biases.

“For example, unlike brick-and-mortar stores, digital marketplaces can capture and retain user behavior information, design and mediate user interaction, and proactively reach out to users,” the study’s authors said. “Other studies have suggested that certain elements in shopping websites can influence impulse buying behavior.”

The elements to which the authors are referring are things such as product reviews and ratings, discounts and quick add-to-cart buttons, which are all meant to impact a shopper’s decision-making.

The term “dark patterns” was coined by UX Specialist Harry Brignull in 2010, and he describes them as “tricks used in websites and apps that make you buy or sign up for things that you didn’t mean to.”

A new study from Princeton University found that many online shops use manipulative tactics, called dark patterns, to trick shoppers into buying and signing up for more. (Neil Godwin/Future Publishing via Getty Images)

While the tactic of using dark patterns has been studied before, those analyses relied on anecdotal data or data collected from user submissions. New research from a team at Princeton University provides the the first large-scale evidence documenting the prevalence of dark patterns.

Researchers developed an automated approach to collecting data about the user experience on shopping sites by creating a web crawler, which simulates a user browsing experience and identifies elements of the design interface. They then extracted all of the user interface designs and inspected the resulting clusters for instances of dark patterns. Finally, they categorized and labeled the dark patterns that they identified.

The research was focused solely on shopping websites for the study, and researchers used the web crawler to visit more than 11,000 of the most popular e-commerce sites worldwide, searching for dark patterns that trick people into signing up for recurring subscriptions or making unwanted purchases that result in financial loss.

They discovered 1,818 instances of dark patterns, which represented 15 dark pattern types across seven broad categories. These instances were found on 1,254 sites out of the more than 11,000 sites included in the data set, which equates to about 11 percent, and 183 sites were found to display deceptive messaging.

Researchers also identified 22 third-party entities that provide e-commerce sites with the ability to create and implement dark patterns on their sites.

The majority of dark patterns were found to be covert, deceptive and information-hiding in nature.

Covert dark patterns steer the user into making specific purchases without their knowledge — such as introducing a decoy to make certain other choices seem more appealing. Deceptive dark patterns induce false beliefs either through affirmative misstatements, misleading statements or omissions, such as a site offering up a discount that seems to be time-limited, when in reality it appears each time the web page is opened or refreshed.

Information-hiding dark tactics obscure or delay the presentation of necessary information to the user, such as when a site doesn’t disclose that additional charges will be added at the very end of checkout.

Researchers also found that most types of dark patterns work by exploiting peoples’ cognitive biases. The researchers cited these cognitive biases as main targets of dark patterns:

  • Anchoring effect: The tendency of an individual to over-rely on an initial piece of information (the “anchor”) in future decisions.
  • Bandwagon effect: The tendency of an individual to want or value something more because other people value it (or at least seem to).
  • Default effect: The tendency of an individual to choose an assigned, default option because it’s easier than seeking out other options.
  • Framing effect: The tendency of an individual to reach different conclusions from the same information when it is presented differently.
  • Scarcity bias: The tendency to place higher value on things that seem scarce.
  • Sunk Cost Fallacy: The tendency of an individual to carry on with an action because they have already invested time and energy into it, even if they might end up worse off overall.

The study’s authors said that users are becoming increasingly more aware of these tactics, but their new data set could be used to build further countermeasures to help consumers make more informed decisions.

“One such countermeasure could be a public-facing website that scores shopping websites based on their use of dark patterns,” the authors said. “Our data set can also enable the development of browser extensions that automatically detect and flag dark patterns.”

The researchers warned that their estimates are likely the lower bound of prevalence due to the limitations of their automated method, which only scraped text data from pages containing products on each site, the site’s cart and the checkout interface.

While this means that dark patterns are probably far more pervasive than the average online shopper realizes, a little awareness can cut down on a lot of subversive manipulation — and hopefully pad your pocketbook in the process.

This story was reported from Los Angeles. 

Source link

The post #deepweb | <p> Online shops use ‘dark patterns’ to trick you into buying and signing up for more, study suggests <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#school | #ransomware | Hospital cyberattacks linked to heart attack deaths, study shows

Source: National Cyber Security – Produced By Gregory Evans Detecting and treating a heart attack is a race against time.Reuters A rise in ransomware attacks and data breaches against hospitals across the US may account for an uptick in heart attack deaths at those hospitals, according to a new study. Ransomware attacks are a rising […] View full post on

#deepweb | Study: Russia’s web-censoring tool sets pace for imitators

Source: National Cyber Security – Produced By Gregory Evans

WASHINGTON (AP) — Russia is succeeding in imposing a highly effective internet censorship regime across thousands of disparate, privately owned providers in an effort also aimed at making government snooping pervasive, according to a study released Wednesday.

The study by University of Michigan researchers says the model can be easily exported to other nations, and it challenges the notion that decentralized internet service can prevent large-scale censorship of the types imposed by Iran and China.

“What this study shows is that Russia has created a blueprint for censoring the internet on top of a network of internet service providers that is very much like the networks found in Western democracies,” said J. Alex Halderman, a leading computer scientist at the university who was not directly involved in the study. “As other governments decide to crack down on the free flow of information online, they may follow Russia’s game plan.”

Seven years of publicly available data reviewed by the researchers, who call their lab Censored Planet, attests to the Russian government’s increasing success at getting privately owned internet providers to block online addresses used by critics of President Vladimir Putin and independent news outlets.

Previously, Censored Planet’s discovery of efforts by Kazakhstan’s government to surveil internet traffic led Mozilla, Apple and Google to add protections to their browsers. Its latest study comes as a new Russian law formalizes Kremlin censorship and seeks to further tighten information control.

Under the law, devices known as “middleboxes” that surgically filter web content are required, and the state will buy the deep-packet inspection technology and provide it to the internet service providers, effectively assuming direct control over internet traffic. The boxes must be configured so that the Kremlin can access and manage internet traffic.

“When the government controls this filtering equipment they can do anything, and civil society can’t scrutinize it. In China and Iran people don’t know what’s being blocked,” said Alexander Isavnin, who lives in Moscow and works with Russia’s Internet Protection Society, a nongovernmental organization. He previously worked at a Russian internet service provider for more than 15 years.

Artyom Kozlyuk, founder of the Roskosvoboda online free speech group, said authorities could use the new law, which took effect Nov. 1, to stifle dissent.

“It gives the government new instruments that would allow it to limit internet traffic the authorities view as negative,” he said in remarks published in the independent newspaper Novaya Gazeta.

Kozlyuk said the law gives Russia’s state communications regulator, Roskomnadzor, broad powers to control the internet.

“If mass protests erupt in some regions, we may see shutdowns of mobile internet, or even entire internet access,” Kozlyuk said.

Russian media have reported that it may take another year to install the deep-packet inspection equipment needed to implement the new “sovereign internet” law. Experts predict diminished internet quality in Russia.

The use of “middleboxes” has grown globally. Much of the equipment is sold by U.S. companies like Cisco Systems, Inc. and Procera Networks, Inc. Other providers include Russia’s EcoFilter and VAS Experts, China’s Huawei Technologies Co., Ltd., and Israel’s Allot Communications, Ltd.

Censored Planet founder Roya Ensafi, a University of Michigan computer scientist, said the boxes can be found for as little as $8,000. The technology is often used, especially in the United States, by telecoms and businesses for analyzing online customer behavior and protecting users from phishing attacks.

Deep-packet inspection is a dual-use technology that can be used beneficially for security purposes but also abused for population-scale information-access control, Halderman said.

Under Putin, the Russian state has been steadily tightening censorship against what the government calls “external threats.” It has tried to block the messaging service Telegram, which has refused to hand over users’ encrypted messages in defiance of a court order.

That effort caused unintended blockages, temporarily knocking offline unrelated apps — including Volvo car repair services — leading the Kremlin to pause that effort.

The study released Wednesday, aided by on-the-ground activists in Russia, reviewed seven years of content blocking by internet providers, who daily are given an updated copy of a centralized blocklist maintained by Roskomnadzor. By April 2019, the list had grown to 132,798 internet domains, roughly 63% in Russian and 28% in English.

Virtual private network technology that can hide users’ web activity from their internet provider is used globally to circumvent such blocking, though Russian law requires domestic VPNs to connect to the regulated network.

Plenty of VPN apps continue to allow Russians to circumvent the censorship, according to Valentin Weber, an Oxford University researcher who recently authored a study on efforts by the Russian and Chinese states to control information online.

The website blocking is transparent. Internet providers even notify customers when a site is blocked by government order. In many cases, those pages now also carry ads, Ensafi said.

Weber said the deep-packet inspection technology used by the middleboxes “increases not only your ability to filter and do censorship but to do increased surveillance capabilities.”

Ensafi said she is worried about other countries — she named India, Indonesia, Portugal and Britain — with decentralized internet service adopting the same technology. Russian-sold filtering equipment is already deployed in former Soviet republics like Belarus and Ukraine and farther afield in Algeria, Cuba and Mexico, according to the Oxford study.

Britain uses a similar “censorship architecture,” with the government asking internet providers to block child sexual abuse, which is primarily done using deep-packet inspection technology.

“It would only be a matter of programming to repurpose it to block other kinds of content,” Halderman said.

In the U.S., meanwhile, the repeal of net neutrality allows internet service providers to favor certain content over others — the same technical starting point for the use of deep-packet inspection in Russia and what has since allowed the jump to greater censorship there, the report says.

Isavnin said the trend in Russia should be a wake-up call for engineers, hardware and software developers at internet service providers who often prefer to stay in their geeky world and not get into politics.

“You cannot be just an engineer,” he said. “You have to understand the consequences of what you’re doing in the real world.”


Associated Press writer Vladimir Isachenkov in Moscow contributed to this report.

Follow Tami Abdollah on Twitter at

Source link

The post #deepweb | <p> Study: Russia’s web-censoring tool sets pace for imitators <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Salary #increase likely for #cybersecurity, #HR workers: study

Source: National Cyber Security – Produced By Gregory Evans

Professionals in cybersecurity and human resources are likely to get salary increases next year, while e-commerce and IT-related jobs will be in demand, underscoring the economy’s shift to digital, a consulting firm said Tuesday.

Robert Walters Southeast Asia said that based on its study, salaries of mid-level human resource officers could increase by as much as a 30 percent while cyber security experts could see their incomes go up 20 percent.

Companies in Southeast Asia are hiring experts in these fields as they create online and mobile platforms in to enhance competitiveness and increase market share, said Toby Fowlston, Managing Director for Robert Walters Southeast Asia.

“As a result of these transformations, many companies were looking to hire professionals with digital expertise, across both marketing and information technology, especially those who are proficient with back office digital infrastructure or niche with technology skills,” Fowlston said .

Experts in digitalization and e-commerce will be in demand, especially those skilled in cloud computing, platform-based solutions, cyber security and big data, Fowlston said.

Jobseekers who are changing companies in the HR industry, IT and accounting and finance are also likely to get 15 to 30 percent wage increases, according to the study.

However, Robert Walters also noted that companies in Southeast Asia were having difficulty attracting and retaining talented professionals.

“To attract and retain (talent) in this candidate-driven market, hiring managers will have to look beyond competitive salary packages and be more creative in their offers to potential hires,” said Eric Mary, Robert Walters Philippines Country Manager.

He added that employee training, clear career progression plans and communication on top of competitive salaries, and strong employer brand will help companies retain their best people.

The post Salary #increase likely for #cybersecurity, #HR workers: study appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

American Men Most Attracted to Women With Israeli Accents, Study Finds

To Purchase This Product/Services, Go To The Store Link Above Or Go To A recent survey by online dating site MissTravel found that American men were most attracted to women who spoke English with an Israeli accent. Women, on the other hand, were most attracted to men who spoke…

The post American Men Most Attracted to Women With Israeli Accents, Study Finds appeared first on

View full post on

Software developers are easy targets for hackers study finds

Source: National Cyber Security – Produced By Gregory Evans

Netsparker Ltd., a company in the web applications security industry, has released survey results showing that most software developers make themselves easy targets for hackers, even when they are behind a corporate firewall. The primary reason is not that their web server software is out of date, however. Instead, it…

The post Software developers are easy targets for hackers study finds appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Study finds hackers could use brainwaves to steal passwords

Source: National Cyber Security – Produced By Gregory Evans

Researchers at the University of Alabama at Birmingham suggest that brainwave-sensing headsets, also known as EEG or electroencephalograph headsets, need better security after a study reveals hackers could guess a user’s passwords by monitoring their brainwaves. EEG headsets are advertised as allowing users to use only their brains to control…

The post Study finds hackers could use brainwaves to steal passwords appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures


Europe is now the global hub of websites hosting child pornography, after a 19 percent jump in content since last year, a new report has found.

The report, conducted by the Internet Watch Foundation (IWF), found that Europe hosted the greatest number of websites with graphic images and videos of children. The Netherlands has become the country with the most online sexual imagery of children in Europe. (For the purpose of the report, Europe includes Russia and Turkey.)

The IWF is a non-profit, responsible for finding and removing graphic sexual content from the internet.

Until recently, most child sexual abuse images were found in the United States (57 percent), but this has now shifted to Europe, which hosts 60 percent of all material says the report.

Read More


View full post on Parent Security Online

Nationwide Teen Bullying And Cyberbullying Study Reveals Significant Issues Impacting Youth

One of the latest and most ambitious studies on bullying and cyberbullying in middle and high school students begs to differ with the age-old adage, “sticks and stones can break my bones, but names can’t hurt me.” The study, conducted by researchers at Florida Atlantic University and the University of Wisconsin-Eau Claire (UW-EC), used a nationally-representative sample of 5,600 children between the ages of 12 to 17 years old to address various forms of bullying and cyberbullying, sexting and dating violence, as well as thoughts of suicide, deviant behavior, and resilience or coping mechanisms.

Sameer Hinduja, Ph.D., a professor of criminology and criminal justice within FAU’s College for Design and Social Inquiry and co-director of the Cyberbullying Research Center, and Justin W.

Read More

The post Nationwide Teen Bullying And Cyberbullying Study Reveals Significant Issues Impacting Youth appeared first on Parent Security Online.

View full post on Parent Security Online

Bullied kids suffer academically, too, study says

Bullying isn’t just about physical violence or emotional pain — it can impact kids’ educations, too.

Kids bullied their entire school career have declining test scores, a growing dislike of school and failing confidence in their abilities, say the authors of a study published Monday in the Journal of Educational Psychology.
Researchers tracked several hundred children in the United States from kindergarten through 12th grade, and found nearly a quarter experienced chronic bullying through their school years.
“The good news is that it goes down. The longer kids stay in school, the less likely it is that they will be victimized,” said Gary W.

Read More

The post Bullied kids suffer academically, too, study says appeared first on Parent Security Online.

View full post on Parent Security Online