New Class of Malware Will Steal Behavior Patterns

KentuckyFC writes "The information within huge, supposedly anonymized data sets can be used to build a detailed picture of an individual's lifestyle and relationships. This data is hugely valuable, which is why many companies already mine the pattern of links in their data to help them build things like recommender systems. Now a group of computer scientists say it is inevitable that a new class of malware will emerge for stealing this behavioral pattern data from social networks. They've analyzed the types of strategies this malware will use to collect information from a real mobile phone database of 800,000 links between 200,000 phones. They point out that the theft of behavioral data can be much more serious than the theft of other personal information. If somebody steals your credit card or computer password, for example, you can just get another card or change your password, thereby limiting the damage. That can't be done with behavioral data, they say. Who would be willing or able to change their real world pattern of person-to-person relationships, friendships and family ties?"

fud

[Anonymous Coward]

This is pseudo-science FUD and that kind of data would be useless to a criminal. Really, how can "behavioral patterns" be more useful than credit card or bank info to a criminal?

Sophisticated credit card fraud

[netsavior]

one of the best tools in fighting financial fraud is people's behavior patterns. I work for a big bank and have several applications which are used for pattern recognition both across a business unit, and across a single customer's account. If you buy something in Rome, than in Dallas Texas, then in Istambul, your account is going to be flagged... But what if someone had your card information plus your geographic habits? There are plenty of opportunities to make fraudulent credit card usage seem much more legitimate to an algorithm, all that is missing is social information... for now.

Re:fud

[danbert8]

Which is totally pointless if you are a reasonable and dilligent user of your credit card, and actually check your statements every month. Of course maybe they can read from your behavioral patterns if you are an idiot that just pays bills without looking them over first.

Re:fud

[AHuxley]

http://webcache.googleusercontent.com/search?q=cache:5jex52BhXYEJ:wikileaks.org/wiki/EU_social_network_spy_system_brief,_INDECT_Work_Package_4,_2009+INDECT+Work+Package+4&cd=1&hl=en&ct=clnk [googleusercontent.com]
Seems like the lite version of the above. Mb they track mentions of backs, holidays, wealth, private banks names ect?
Then go searching for the more useful emails they never would have found in the wild?
It would also help with any CC location block.

Re:fud

[Anonymous Coward]

No.
The point of stealing via fraudulent credit card purchases is not to steal from you, it's to steal from a credit card company.
The credit card companies employ a level of behavioural pattern recognition to stop large, unusual transactions on your account. I've had times when I've tried to put an unusual item through on my card and received an immediate phonecall from my credit card provider, asking whether it's me doing the ordering.

If I can sell you the credit card numbers of a bunch of people who I can identify as habitually making purchases of a given type of item, you can then make a series of non-suspicious orders on their cards and get away before they check their statements.

Re:Sophisticated credit card fraud

[MachDelta]

Must be a new system, because when my CC was skimmed last year in Vegas it took them a week (and about $3000 in purchases) for them to figure out that it was stolen - despite the fact that charges were being made in two different countries on the exact same day. Visa must think I regularly take 8 hour flights to and from Vegas to buy gas, groceries and shop at Best Buy. :\