Security News > 2021 > August > ‘I’m Calling About Your Car Warranty’, aka PII Hijinx

‘I’m Calling About Your Car Warranty’, aka PII Hijinx
2021-08-04 21:34

Black Hat: Researchers created 300 fake identities, signed them up on 185 legit sites, then tracked how much the sites used signup PII to pester the accounts.

Researchers created 300 fake identities, signing them up on 185 legitimate websites ranging from Target to Fox News, with each identity used on a single website.

The university has created an open-source dataset of the research, available on GitHub, that contains the raw data, as well as the 300 fake identities, 171 privacy policies with scoring rubrics, and the scripts and tools used for automating analysis.

Because the 300-identity test was only passive - that is, the accounts didn't respond to any of the email messages, phone calls, or text messages they received - the messages gradually trailed off over time, the researchers said.

While the researchers received 1,423 email attachments, none were found to be malicious.

Areas of future research include whether any of the fake identities show up on the dark web, the researchers said.


News URL

https://threatpost.com/im-calling-about-your-car-warranty-aka-pii-hijinx/168375/