An investigation into this summer’s Twitter hack by the New York State Department of Financial Services (NYSDFS) has ended with a stinging rebuke for how easily Twitter let itself be duped by a “simple” social engineering technique — and with a wider call for key social media platforms to be regulated on security.
In the report, the NYSDFS points, by way of contrasting example, to how quickly regulated cryptocurrency companies acted to prevent the Twitter hackers scamming even more people — arguing this demonstrates that tech innovation and regulation aren’t mutually exclusive.
Its point is that the biggest social media platforms have huge societal power (with all the associated consumer risk) but no regulated responsibilities to protect users.
The report concludes this is a problem U.S. lawmakers need to get on and tackle stat — recommending that an oversight council be established (to “designate systemically important social media companies”) and an “appropriate” regulator appointed to ‘monitor and supervise’ the security practices of mainstream social media platforms.
“Social media companies have evolved into an indispensable means of communications: more than half of Americans use social media to get news, and connect with colleagues, family, and friends. This evolution calls for a regulatory regime that reflects social media as critical infrastructure,” the NYSDFS writes, before going on to point out there is still “no dedicated state or federal regulator empowered to ensure adequate cybersecurity practices to prevent fraud, disinformation, and other systemic threats to social media giants”.
“The Twitter Hack demonstrates, more than anything, the risk to society when systemically important institutions are left to regulate themselves,” it adds. “Protecting systemically important social media against misuse is crucial for all of us — consumers, voters, government, and industry. The time for government action is now.”
We’ve reached out to Twitter for comment on the report
Among the key findings from the Department’s investigation are that the hackers broke into Twitter’s systems by calling employees and claiming to be from Twitter’s IT department — through which simple social engineering method they were able to trick four employees into handing over their log-in credentials. From there they were able to access the Twitter accounts of high profile politicians, celebrities, and entrepreneurs, including Barack Obama, Kim Kardashian West, Jeff Bezos, Elon Musk, and a number of cryptocurrency companies — using the hijacked accounts to tweet out a crypto scam to millions of users.
Twitter has previously confirmed that a “phone spear phishing” attack was used to gain credentials.
Per the report, the hackers’ “double your bitcoin” scam messages, which contained links to make a payment in bitcoins, enabled them to steal more than $118,000 worth of bitcoins from Twitter users.
Although a considerably larger sum was prevented from being stolen as a result of swift action taken by regulated crypto companies — namely: Coinbase, Square, Gemini Trust Company and Bitstamp — who the Department said blocked scores of attempted transfers by the fraudsters.
“This swift action blocked over 6,000 attempted transfers worth approximately $1.5 million to the Hackers’ bitcoin addresses,” the report notes.
Twitter is also called out for not having a cybersecurity chief in post at the time of the hack — after failing to replace Mike Convertino, who left in December 2019 to join cyber resilience firm Arceo.
Last month it announced Rinki Sethi had been hired as CISO.
“Despite being a global social media platform boasting over 330 million average monthly users in 2019, Twitter lacked adequate cybersecurity protection,” the NYSDFS writes. “At the time of the attack, Twitter did not have a chief information security officer, adequate access controls and identity management, and adequate security monitoring — some of the core measures required by the Department’s first-in-the-nation cybersecurity regulation.”
European Union data protection law already bakes in security requirements as part of a comprehensive privacy and security framework (with major penalties possible for security breaches). However an investigation by the Irish DPC of a 2018 Twitter security incident is still yet to conclude after a draft decision failed to gain the backing of the other EU data watchdogs this August — triggering a further delay to the pan-EU regulatory process.
This story was updated with a correction: Twitter had failed to replace Mike Convertino as CISO rather than Michael Coates, who was also in the post but left Twitter in March 2019, rather than in March 2020 as we originally stated
TechCrunch an American online publisher focusing on the tech industry. The company specifically reports on the business related to tech, technology news, analysis of emerging trends in tech, and profiling of new tech businesses and products.
Google December Product Reviews Update Affects More Than English Language Sites? via @sejournal, @martinibuster
Google’s Product Reviews update was announced to be rolling out to the English language. No mention was made as to if or when it would roll out to other languages. Mueller answered a question as to whether it is rolling out to other languages.
Google December 2021 Product Reviews Update
On December 1, 2021, Google announced on Twitter that a Product Review update would be rolling out that would focus on English language web pages.
Our December 2021 product reviews update is now rolling out for English-language pages. It will take about three weeks to complete. We have also extended our advice for product review creators: https://t.co/N4rjJWoaqE
— Google Search Central (@googlesearchc) December 1, 2021
The focus of the update was for improving the quality of reviews shown in Google search, specifically targeting review sites.
A Googler tweeted a description of the kinds of sites that would be targeted for demotion in the search rankings:
“Mainly relevant to sites that post articles reviewing products.
Think of sites like “best TVs under $200″.com.
Goal is to improve the quality and usefulness of reviews we show users.”
Continue Reading Below
Google also published a blog post with more guidance on the product review update that introduced two new best practices that Google’s algorithm would be looking for.
The first best practice was a requirement of evidence that a product was actually handled and reviewed.
The second best practice was to provide links to more than one place that a user could purchase the product.
The Twitter announcement stated that it was rolling out to English language websites. The blog post did not mention what languages it was rolling out to nor did the blog post specify that the product review update was limited to the English language.
Google’s Mueller Thinking About Product Reviews Update
Product Review Update Targets More Languages?
The person asking the question was rightly under the impression that the product review update only affected English language search results.
Continue Reading Below
But he asserted that he was seeing search volatility in the German language that appears to be related to Google’s December 2021 Product Review Update.
This is his question:
“I was seeing some movements in German search as well.
So I was wondering if there could also be an effect on websites in other languages by this product reviews update… because we had lots of movement and volatility in the last weeks.
…My question is, is it possible that the product reviews update affects other sites as well?”
John Mueller answered:
“I don’t know… like other languages?
My assumption was this was global and and across all languages.
But I don’t know what we announced in the blog post specifically.
But usually we try to push the engineering team to make a decision on that so that we can document it properly in the blog post.
I don’t know if that happened with the product reviews update. I don’t recall the complete blog post.
But it’s… from my point of view it seems like something that we could be doing in multiple languages and wouldn’t be tied to English.
And even if it were English initially, it feels like something that is relevant across the board, and we should try to find ways to roll that out to other languages over time as well.
So I’m not particularly surprised that you see changes in Germany.
But I also don’t know what we actually announced with regards to the locations and languages that are involved.”
Does Product Reviews Update Affect More Languages?
While the tweeted announcement specified that the product reviews update was limited to the English language the official blog post did not mention any such limitations.
Google’s John Mueller offered his opinion that the product reviews update is something that Google could do in multiple languages.
One must wonder if the tweet was meant to communicate that the update was rolling out first in English and subsequently to other languages.
It’s unclear if the product reviews update was rolled out globally to more languages. Hopefully Google will clarify this soon.
Google Blog Post About Product Reviews Update
Google’s New Product Reviews Guidelines
John Mueller Discusses If Product Reviews Update Is Global
Watch Mueller answer the question at the 14:00 Minute Mark
Survey says: Amazon, Google more trusted with your personal data than Apple is
MacRumors reveals that more people feel better with their personal data in the hands of Amazon and Google than Apple’s. Companies that the public really doesn’t trust when it comes to their personal data include Facebook, TikTok, and Instagram.
The survey asked over 1,000 internet users in the U.S. how much they trusted certain companies such as Facebook, TikTok, Instagram, WhatsApp, YouTube, Google, Microsoft, Apple, and Amazon to handle their user data and browsing activity responsibly.
Amazon and Google are considered by survey respondents to be more trustworthy than Apple
Those surveyed were asked whether they trusted these firms with their personal data “a great deal,” “a good amount,” “not much,” or “not at all.” Respondents could also answer that they had no opinion about a particular company. 18% of those polled said that they trust Apple “a great deal” which topped the 14% received by Google and Amazon.
Amazon and Google are more trusted than Apple is with consumer’s personal data according to a survey
However, 39% said that they trust Amazon by “a good amount” with Google picking up 34% of the votes in that same category. Only 26% of those answering said that they trust Apple by “a good amount.” The first two responses, “a great deal” and “a good amount,” are considered positive replies for a company. “Not much” and “not at all” are considered negative responses.
By adding up the scores in the positive categories,
Apple tallied a score of 44% (18% said it trusted Apple with its personal data “a great deal” while 26% said it trusted Apple “a good amount”). But that placed the tech giant third after Amazon’s 53% and Google’s 48%. After Apple, Microsoft finished fourth with 43%, YouTube (which is owned by Google) was fifth with 35%, and Facebook was sixth at 20%.
Rounding out the remainder of the nine firms in the survey, Instagram placed seventh with a positive score of 19%, WhatsApp was eighth with a score of 15%, and TikTok was last at 12%.
Looking at the scoring for the two negative responses (“not much,” or “not at all”), Facebook had a combined negative score of 72% making it the least trusted company in the survey. TikTok was next at 63% with Instagram following at 60%. WhatsApp and YouTube were both in the middle of the pact at 53% followed next by Google and Microsoft at 47% and 42% respectively. Apple and Amazon each had the lowest combined negative scores at 40% each.
74% of those surveyed called targeted online ads invasive
The survey also found that a whopping 82% of respondents found targeted online ads annoying and 74% called them invasive. Just 27% found such ads helpful. This response doesn’t exactly track the 62% of iOS users who have used Apple’s App Tracking Transparency feature to opt-out of being tracked while browsing websites and using apps. The tracking allows third-party firms to send users targeted ads online which is something that they cannot do to users who have opted out.
The 38% of iOS users who decided not to opt out of being tracked might have done so because they find it convenient to receive targeted ads about a certain product that they looked up online. But is ATT actually doing anything?
Marketing strategy consultant Eric Seufert said last summer, “Anyone opting out of tracking right now is basically having the same level of data collected as they were before. Apple hasn’t actually deterred the behavior that they have called out as being so reprehensible, so they are kind of complicit in it happening.”
The Financial Times says that iPhone users are being lumped together by certain behaviors instead of unique ID numbers in order to send targeted ads. Facebook chief operating officer Sheryl Sandberg says that the company is working to rebuild its ad infrastructure “using more aggregate or anonymized data.”
Aggregated data is a collection of individual data that is used to create high-level data. Anonymized data is data that removes any information that can be used to identify the people in a group.
When consumers were asked how often do they think that their phones or other tech devices are listening in to them in ways that they didn’t agree to, 72% answered “very often” or “somewhat often.” 28% responded by saying “rarely” or “never.”
Entireweb Articles – Read the latest Articles and News in Search Engine related world!
Google’s John Mueller on Brand Mentions via @sejournal, @martinibuster
What’s A Brand Mention?
A brand mention is when one website mentions another website. There is an idea in the SEO community that when a website mentions another website’s domain name or URL that Google will see this and count it the same as a link.
Brand Mentions are also known as an implied link. Much was written about this ten years ago after a Google patent that mentions “implied links” surfaced.
There has never been a solid review of why the idea of “brand mentions” has nothing to do with this patent, but I’ll provide a shortened version later in this article.
John Mueller Discussing Brand Mentions
Do Brand Mentions Help With Rankings?
The person asking the question wanted to know about brand mentions for the purpose of ranking. The person asking the question has good reason to ask it because the idea of “brand mentions” has never been definitively reviewed.
Continue Reading Below
The person asked the question:
“Do brand mentions without a link help with SEO rankings?”
Google Does Not Use Brand Mentions
Google’s John Mueller answered that Google does not use the “brand mentions” for any link related purpose.
“From my point of view, I don’t think we use those at all for things like PageRank or understanding the link graph of a website.
And just a plain mention is sometimes kind of tricky to figure out anyway.”
That part about it being tricky is interesting.
He didn’t elaborate on why it’s tricky until later in the video where he says it’s hard to understand the subjective context of a website mentioning another website.
Brand Mentions Are Useful For Building Awareness
Mueller next says that brand mentions may be useful for helping to get the word out about a site, which is about building popularity.
“But it can be something that makes people aware of your brand, and from that point of view, could be something where indirectly you might have some kind of an effect from that in that they search for your brand and then …obviously, if they’re searching for your brand then hopefully they find you right away and then they can go to your website.
And if they like what they see there, then again, they can go off and recommend that to other people as well.”
Continue Reading Below
“Brand Mentions” Are Problematic
Later on at the 58 minute mark another person brings the topic back up and asks how Google could handle spam sites that are mentioning a brand in a negative way.
The person said that one can disavow links but one cannot disavow a “brand mention.”
Mueller agreed and said that’s one of things that makes brand mentions difficult to use for ranking purposes.
John Mueller explained:
“Kind of understanding the almost the subjective context of the mention is really hard.
Is it like a positive mention or a negative mention?
Is it a sarcastic positive mention or a sarcastic negative mention? How can you even tell?
And all of that, together with the fact that there are lots of spammy sites out there and sometimes they just spin content, sometimes they’re malicious with regards to the content that they create…
All of that, I think, makes it really hard to say we can just use that as the same as a link.
…It’s just, I think, too confusing to use as a clear signal.”
Where “Brand Mentions” Come From
The idea of “brand mentions” has bounced around for over ten years.
There were no research papers or patents to support it. “Brand mentions” is literally an idea that someone invented out of thin air.
However the “brand mention” idea took off in 2012 when a patent surfaced that seemed to confirm the idea of brand mentions.
There’s a whole long story to this so I’m just going to condense it.
There’s a patent from 2012 that was misinterpreted in several different ways because most people at the time, myself included, did not read the entire patent from beginning to end.
The patent itself is about ranking web pages.
The structure of most Google patents consist of introductory paragraphs that discuss what the patent is about and those paragraphs are followed by pages of in-depth description of the details.
The introductory paragraphs that explain what it’s about states:
“Methods, systems, and apparatus, including computer programs… for ranking search results.”
Continue Reading Below
Pretty much nobody read that beginning part of the patent.
Everyone focused on a single paragraph in the middle of the patent (page 9 out of 16 pages).
In that paragraph there is a mention of something called “implied links.”
The word “implied” is only mentioned four times in the entire patent and all four times are contained within that single paragraph.
So when this patent was discovered, the SEO industry focused on that single paragraph as proof that Google uses brand mentions.
In order to understand what an “implied link” is, you have to scroll all the way back up to the opening paragraphs where the Google patent authors describe something called a “reference query” that is not a link but is nevertheless used for ranking purposes just like a link.
What Is A Reference Query?
A reference query is a search query that contains a reference to a URL or a domain name.
The patent states:
“A reference query for a particular group of resources can be a previously submitted search query that has been categorized as referring to a resource in the particular group of resources.”
Continue Reading Below
Elsewhere the patent provides a more specific explanation:
“A query can be classified as referring to a particular resource if the query includes a term that is recognized by the system as referring to the particular resource.
…search queries including the term “example.com” can be classified as referring to that home page.”
The summary of the patent, which comes at the beginning of the document, states that it’s about establishing which links to a website are independent and also counting reference queries and with that information creating a “modification factor” which is used to rank web pages.
“…determining, for each of the plurality of groups of resources, a respective count of reference queries; determining, for each of the plurality of groups of resources, a respective group-specific modification factor, wherein the group-specific modification factor for each group is based on the count of independent links and the count of reference queries for the group;”
The entire patent largely rests on those two very important factors, a count of independent inbound links and the count of reference queries. The phrases reference query and reference queries are used 39 times in the patent.
Continue Reading Below
As noted above, the reference query is used for ranking purposes like a link, but it’s not a link.
The patent states:
“An implied link is a reference to a target resource…”
It’s clear that in this patent, when it mentions the implied link, it’s talking about reference queries, which as explained above simply means when people search using keywords and the domain name of a website.
Idea of Brand Mentions Is False
The whole idea of “brand mentions” became a part of SEO belief systems because of how that patent was misinterpreted.
But now you have the facts and know why “brand mentions” is not real thing.
Plus John Mueller confirmed it.
“Brand mentions” is something completely random that someone in the SEO community invented out of thin air.
Watch John Mueller discuss “brand mentions” at 44:10 Minute Mark and the brand Mentions second part begins at the 58:12 minute mark
What should you focus on in 2022?
5 Technical SEO Issues On Large Ecommerce Sites & How To Solve Them
Will Google Go After Fluff Content In Search
15 Content Marketing Metrics Your Platform Must Track
Twitter’s Latest Promotional Campaign Focuses on Celebrities Who’ve Manifested Success Via Tweet
Everything You Need To Know About Performance Appraisals
Google Shares Advice on Site Migrations
Snapchat Adds New Limits on Adults Seeking to Connect with Minors in the App
Why data-driven decision-making is the foundation of successful CX
New Google Search Console Page Experience Report For Desktop
WordPress 5.9 to Introduce Language Switcher on Login Screen
14 Top Reasons Why Google Isn’t Indexing Your Site
20 Tips and Best Practices
Pages That Look Like Error Pages Can Be Considered Soft 404s By Google
Here’s How Meta Is Changing Facebook Ads Targeting For 2022
Are Nofollow Links a Google Ranking Factor?
17 Actionable Content Marketing Tips for 2022
Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites …
10 Things You Need To Know To Be Successful
Picking SEO Keywords: An Expert’s Guide
SEARCHENGINES4 days ago
Google Versatile Text Ads Are Responsive Search Ads?
MARKETING6 days ago
5 Social Media Strategies that Boost Your SEO
SEARCHENGINES4 days ago
Microsoft Bing Testing Related Searches On Left Side Bar
SEO3 days ago
Are Local Citations (NAP) A Google Ranking Factor?
SEO3 days ago
Is It A Ranking Factor?
SEARCHENGINES7 days ago
Google Search Ranking Algorithm Update On January 11, 2022 (Unconfirmed)
SEO6 days ago
5 Competitor Analysis Tools You Should Be Using
SEARCHENGINES5 days ago
Google 1/11 Search Algorithm Update, Manual Actions Delayed, Core Update Specifics & Microsoft Bing IndexNow News