« Interview with Rain Forest Puppy | Main | AJAX: Selecting the Framework that Fits »

A black market for search terms and user interests?

Google has recently added search history and this got me thinking about how this information could be useful. Currently gmail is linked to all of google and if you search for something while logged into google and have search history turned on, it gets recorded. Now you have data on what the user is searching on and their habits. This information could be used to

- Target phishing and spam
- Gather topics that are popular that usually only google would have

By utilizing a wordlist across a million or so gmail accounts chances are you'd be able to get into a few. This opens up opportunity to sell search history to advertisers, spammers, and phishers.

The same goes for the email, an attacker could identify trends in email (such as topics the user reads about) and sell to spammers the email address and topic list. An advantage here is that by not stealing the users bank account information (if it exists) you're not tipping them off to anything allowing this to continue. This also allows selling an email address to multiple parties instead of 1 per party (since they'd suck it dry). Of course this could affect any email system and not just gmail. Enough ranting for today.


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!