Symantec tool calculates your data's value to thieves

It's no secret that criminals are stealing credit card and bank account data and selling it underground. But most people would find it shocking to learn just how little their sensitive personal information costs.

Symantec on Thursday is launching its Norton Online Risk Calculator, a tool that people can use to see how much their online information is worth on the black market. The tool also offers a risk rating based on demographics, online activity, and estimated value of online information.

I tried the tool when I was initially briefed on it a few months ago and was surveyed about my gender and age range; online assets (including credit card and bank account data, brokerage accounts, e-mail accounts, and social network accounts) and an estimated value of all that information; whether I use security software; how cautious I am when online; and how much I think my information is worth.

I use security software (and do my financial transactions mostly on a Mac at home), am fairly cautious while Web surfing, and didn't put a high dollar figure on the value of my digital information. My security risk turned out to be 37 percent, or medium, and the black market worth of my online assets was calculated to be $11.29. Those figures didn't change when I modified the gender, age, and estimated value of the data.

A recent Microsoft Research report concludes that stolen data offered for sale in underground IRC channels is difficult to monetize because of all the--get this--con artists there.

Regardless of whether the underground revenue figures are overblown, the data is being harvested, sometimes in huge batches, during data breaches at large payment processors, and there is a market for it.

It's discomfiting to think a criminal could pay as little as $11 to get access to my sensitive personal data for identity fraud purposes, while I could end up spending lots of energy and time--years even--reporting the crime, trying to fix my credit rating, and getting my life back to normal.

Symantec isn't trying to scare consumers with the Norton Online Risk Calculator, but to raise awareness of the risks, said Marian Merritt, Internet safety advocate at Symantec.

"We still find consumers who think using just antivirus is sufficient," she said.

Merritt recommends that people use security suites that offer antivirus, firewall, and intrusion detection and prevention software, as well as keep their operating system and browsers updated.

[karpenterskids]

Wow...very interesting!

Now I'm curious how much MY info is worth...

[fejack]

The calculator is pretty blunt:

Do you use the internet? Yes
Do you have antivirus software? Yes
Ok... then we guess you're fine.

If one uses long hard-to guess passwords, always makes sure to log through secure protocols and only exchange critical information over secured connections, then the job becomes much harder for data theft. I'm not even talking about encrypting local data and using email certificates...

[4score20]

Symantec offers this tool to see how at risk we may be on the same day their Norton 2010 Internet Security software becomes available for purchase. Awesome. I score "Medium" too which probably means I'm able to communicate with the dead and solve complex criminal cases. Or my risk isn't high or low just, "eh".

[spdickey1]

I wonder why Symantic wants to "raise awareness of the risk," is it because they want to sell you a bloated, resource hogging pile of "anti-whatever: software?

Keep your passwords long and private, and that's the best you can do. If the data center at some giant-monster-megabank gets hacked, your information is worth about .05 cents oer person to a hacker.

And when you get the credit card bill, just dispute it.

Please tell me why that when you click on the Norton Online Risk Calculator link in CET News Security Week newsletter it takes you to everyclickmatters.com/victim/assessment-tool.html site instead of a Norton or Symantec web site?

[krosafcheg]

Their site is broken, prints out the same no matter what you answer.

I think they're just farming your information.

[toddeverett]

Yeah, I'd feel a lot more secure if the link connected to a Symantic URL.

This tool is just an ad to sell Norton products. I have to be honest, I use them, but this is an odd way to do this. If they are really concerned about us, make the tool so it runs, then offer an email or something to promote their product. Their motivation is clear hear, not making the community safer but selling more product. Pretty standard I guess. One reason I am moving to Linux, and if it wasn't for a couple core apps I use would be there all totally now. I am tired of the auto renew, no auto upgrade with Norton. You pay essentially the price of an upgrade and are auto renewed on your old software. Who wants that? Oh sure you can call customer service and they will credit you, and upgrade you. About a 3 out of five stars for them. The only thing that keeps me using their software is the quality of the protection. So I put up with the bull, just like this tool.

[Björn Lundahl]

I think this is silly. Today's antivirus, apart from a firewall, protects Windows from all malware that is viruses, spyware, adware and rootkits. There is nothing more than malware. I use Avast, a router firewall plus Windows firewall, Firefox and WOT. That is enough. With Avast you not only use the software for free but you also receive all upgrades for free. Sometimes I also scan my PC online with NOD32. I have been very happily using Avast for more than four years. I do not trust Norton and Alwil (the company behind Avast) is more serious and trustworthy. Avast has about 90 000 000 users around the world. There are many times more Avast users than Norton users.

Norton or Symantec only tries to mace people scared.


Bjorn Lundahl
Gothenburg, Sweden

[angeljeanne]

Sorry but I have been using my Norton for years and yes I agree with what they have stated, being a person who has had my I.D. taken because I was on a different computer (not mine) I learned a lot from that miss hape so I will always be with my Norton. Listen and learn, don't be a know it all, take care, thanks JWJ

[Björn Lundahl]

Yes but why listen to Symantec? Why not for instance listen to Vincent Steckler who has joined as a CEO at Alwil company which produces Avast and he says this:

"Myself, I joined Avast from Symantec?the World?s largest (in terms of revenue) consumer security/antivirus company. For the last several years there I ran the world-wide consumer sales and e-commerce. I started my career as a programmer nearly 30 years ago and think I have quite a good understanding of security and the security business. In future entries I will write about that some. I am American and lived there for about 40 years. But I am now living here in Prague and before this, I lived in Singapore about 7 years."

" But we do believe all users should have access to top notch security even if they can?t or won?t pay for it. That is why we have the free product.

So, don?t worry that paid security companies claim your free protection is not good enough. It is."

Google "Avast blog Can you Trust Free Anti-Virus?" And you will find some very interested articles written by Vincent Steckler. He should be "the expert" as he has worked for Symantec!!

Bjorn Lundahl