Sep 29 2007

Bloggers Beware! Your Privacy Might be at Risk

Published by at 6:32 pm under blogging

I urge you to read this. Your home address details might be displayed to anybody who wants them. Mine were.

Background

My mother purchased CA Internet Security which provides anti-virus and a suite of internet security products. By her account she is happy with the product.

One of the components she installed was “CA Website Inspector” which is powered by “CallingID Limited“. What this does is provide information about the website owner whenever you hover over a link or visit a site.

When she was visiting this site (Blogpond) she hovered over my name (as in published by “Meg“). To her horror, and mine, my home address was displayed. I don’t hide my identity, but my home address being displayed in absolutely abhorrent to me.

Follow Up

The first thing I did was to call CA in Australia (I am thinking Indian call centre by the accents). Neither sales nor technical support could assist. After 15 minutes of trying to get them to understand the issue, they eventually disclaimed that “CallingId” had anything to do with them so they couldn’t possibly help me.

All I wanted to know at this point was which database they were using that connected this website with my home address. I am really protective of this, and I’m at a complete loss as to how the information got into their database. It was NEVER listed on the “whois” information. I have always used a PO box, or my company address.

By this stage, I had found the CallingID website and found out they actually have a product that you can download, that will provide you with information about any website you visit. I have downloaded the “Link Advisor“, and I’m sure that the product is well intentioned.

You donโ€™t have to be an expert to be safe. CallingID is your bodyguard. It automatically scouts the sites you intend to visit and provides you with all the information you need to make an informed decision โ€“ Can I follow the link or should I ignore it because there are risks I don’t want to take.

How CallingID Link Advisor work?

CallingID Link Advisor uses many different sources to find site owners, to verify that the owner is a real organization and to ;deliver the most accurate information to all users. Running complex verification tests on the CallingID servers, Cross-Searching several international information databases, Advanced Risk Assessment conducted by Link Advisor when the page is loaded and by the CallingID team are all pooled together to give you the most informed and accurate assessment available.

How does Link Advisor Work?

Action

CallingID have a link for webmasters to update their address details. I updated the information and my request was actioned within 24 hours. I am still none the wiser as to where the information was sourced from.

Whilst this service is provided to protect innocent consumers, it’s ironic that the information provided could potentially be used against innocent individuals.

I urge you if you have a blog (on your own domain), or any website for that matter, to manually check the information that is listed for your domain.

Added:

Just A few more points

1. If nothing at all comes up for the site, it could be that the site has not been โ€œverifiedโ€ yet, as there has not been a request made.

2. You might also check http://www.whois-search.com/ to see what details are being displayed there.

3. Even though my address details were not showing on the whois search, they were still showing on the CallingID check. So it might pay to recheck the CallingID search until something eventually shows up.

17 responses so far

17 Responses to “Bloggers Beware! Your Privacy Might be at Risk”

  1. # cardiogirlon 29 Sep 2007 at 7:35 pm

    (Hyperventilating) This will cause me many sleepless nights. Thanks for the info.

    cardiogirl, low tops optional

  2. # Alister Cameron // Blogologiston 29 Sep 2007 at 8:16 pm

    Ouch!

    Since moving last year I have been pedantic about my home address.

    Everyone gets the PO Box, and as far as I can tell people would have some fun trying to work it out.

    I just think this is basic wisdom for anyone with any kind of online profile. Or profile, full stop, really.

    Hope you still manage to get to the bottom of it :)

    “Jinx” for posting about privacy at the same time!!

    -Alister

  3. # Carloon 29 Sep 2007 at 8:28 pm

    Good to know. Thanks!

  4. # Megon 29 Sep 2007 at 8:42 pm

    Cardiogirl – I hope it’s all ok.

    Alister – Absolutely agree it would appear to be common sense – and perhaps it mightn’t bother someone who’s 6’4″, trained in karate, lives alone and built like the proverbial…

    But the rest of us need to be just a tad cautious. Recent stories about flame wars on forums, Kathy Sierra…. It just takes one unstable person *shiver*.

    Jinx LOL – spoken like a true dad ๐Ÿ˜€

  5. # Snoskredon 29 Sep 2007 at 9:48 pm

    I was also pretty careful re the whois info on my site – we’re taught that as scambaiters. I have to say that has been one of the most useful pieces of info I learnt as a baiter, was how to protect my identity online. ๐Ÿ˜‰ I checked my site –

    snoskred.org
    Company Information:
    Name: Hides its identity
    Address: Unavailable Unavailable Unavailable Unavailable
    Country: Unavailable

    That’s what I like to hear.. ๐Ÿ˜‰

    Snoskred
    http://www.snoskred.org

  6. # Cellobellaon 29 Sep 2007 at 11:04 pm

    Great post… thankfully mine was okay.
    The Domain Name of the URL you submitted is: redsultana.com
    Company Information:
    Name: Unavailable
    Address: Unavailable Unavailable Unavailable Unavailable
    Country: Unavailable

    My site is hosted in the US… I wonder if that makes a difference? (The company I host with had a security scare a while back and I know they’ve got a lot more anal about security – a good thing.)

    CB
    xx

  7. # cardiogirlon 29 Sep 2007 at 11:39 pm

    I, too, host in the US and thankfully I came up as unavailable as well. It’s still a very useful tip. Thanks again!

    cardiogirl, low tops optional

  8. # Law School Blogon 30 Sep 2007 at 1:02 am

    My domain host explicitly allows this information to be hidden. You should theoretically be able to get yours obscured as well.

    Oh, and please do let me know if you can see my address. That would be creepy, and I would have to take issue with them over it.

  9. # Leighon 30 Sep 2007 at 10:36 am

    That is a worry Meg, I hope you are able to get the the bottom of why your personal home details were on display.

    Like everyone else, mine displays what it is suppose to.

    I also wouldn’t recommend installing the calling id thing, I did last night to have a sticky, and have spent an hour this morning reconfig my firefox after the mess it made when I un installed it.

  10. # Megon 30 Sep 2007 at 10:52 am

    CB – Glad you passed :)

    Cardiogirl – it looks like you have domain privacy activated, which is safe practice. Phew!

    Law School Blog – I’m sure you’re ok.

    Leigh – Me too. Thanks for the heads up about downloading the tool. Too late for me :( But hopefully it will be a warning for others (sorry).

    ***********************

    Just A few more points

    1. If nothing at all comes up for the site, it could be that the site has not been “verified” yet, as there has not been a request made.

    2. You might also check http://www.whois-search.com/ to see what details are being displayed there.

    3. Even though my address details were not showing on the whois search, they were still showing on the CallingID check. So it might pay to recheck the CallingID search until something eventually shows up.

  11. # Leighon 30 Sep 2007 at 11:17 am

    I use dt whois a firefox addon for easy whois lookup.

    Like Meg said, if your details didn’t show up with the CallingID site it does not mean your details aren’t being displayed in whois.

    Also, those who have a .com.au, your full name as registered with your ABN will be displayed. A search on your ABN will also display your postcode.

  12. # jenon 30 Sep 2007 at 7:09 pm

    I’ve paid extra for privacy re the Whois thing when I realised that the first domain I ever registered was showing up some of my details.

  13. # Megon 30 Sep 2007 at 7:58 pm

    Hi Jen

    It’s really easy to forget – and something a lot of people don’t think to check. As I commented to someone, it really should be set to private by default with a big box saying – “yes I want the world to know who I am, where I live and how some sicko can call me in the middle of the night”.

    Unless you’re a business with working hours contact – even then displaying a contact email address leaves you open to spam in many instances.

  14. # Sephy's Platzishon 02 Oct 2007 at 4:14 am

    This was the Week that Was, Vol. 15…

    I’ve had a heck of a week, as I mentioned yesterday. Another reminder to members of the US Blogs community that the icon you have will not work shortly. Please read below to make sure you get the upda……

  15. # Laurel Papworthon 15 Oct 2007 at 4:09 pm

    *shrugs* Australian domains always show who registered them and the company address. My name and address can be found in the telecom white pages. That’s, what, an extra 5 seconds work? It’s too much hard work to manage multiple identities/avatars with varying amounts of information and I won’t expend energy hiding my personal details online. Hence my home number and address on my blog. Plus it kinda takes the fun out of stalking when it’s all open and apparent. ๐Ÿ˜›

  16. # Sueblimelyon 10 Dec 2007 at 3:02 pm

    Thanks so much for this warning, Meg. Although I had paid my domain name provider for privacy, my address was still showing up. It may still be doing so, not sure my instructions not to show it have been carried out yet.

  17. # A sneaky way to find out who you are | redsultana.comon 17 Feb 2008 at 1:10 pm

    […] from Blogpond’s post Bloggers Beware! Your Privacy Might be at Risk is a must read. And if it turns out your privacy is not exposed for the entire cyberworld – then […]