StumbleUpon Privacy Risks

Be careful, be very careful when use social networking sites! Some social networking sites and some sites that pretend to be social networking, but are marketing profiling sites, may pose huge privacy risk. I will talk here about very popular StubmleUpon which shouldn’t but actually yes.

When you sign for StumbleUpon, you have possibility to email everyone on your mail lists including MSN/hotmail, Yahoo mail, Gmail, AOL, facebook, Outlook, Outlook Express etc and call to join you on your friends list. It is offered through very simple user interface in browser.

Stumble Upon Import Your Contacts

If you chose to use this possibility you will need to provide your user name and password for MSN/hotmail, Yahoo mail, Gmail! Seems as password scam, isn’t it.

Much more, if you choose to Outlook i.e. tick radio button next to the Outlook logo it will immediately start downloading add-on called StumbledUpon Contact Import. I hope that you have proper Security level set in your IExplorer; otherwise you will provide them with list of all your Outlook contacts by just one (even accident) click.

Stumble Upon Contact Import Add-On

If you click on above image, you’ll see larger size image and read message which says “Don’t worry, it’s safe :)”. Message ends by smile, yes… Funny! By reading terms and privacy policy of StumbleUpon, you probably will not find many details about this. It looks like usual benign privacy policy without mentioning high privacy risks that you are exposed to by using this social networking site.

After sending question to support using Web based contact form, automated response arrived which I answered by additional e-mail question stating urgency of response. There is no answer on these questions yet.

There are also other privacy risks of this social networking site including list of friends visible by everyone, visited (stumbled) Web sites, contacts, preferences, messages etc. StumbleUpon offers its toolbar which is considered as spyware by some antispyware scanners.

There is also post on Steve Riley’s blogthat talks about some FaxBox. When you sign up for FaxBox, they ask for your permission to email everyone in your address book (FanBox knows how to talk to most webmail systems).

My recommendation is to avoid clicking on anything suspicious, especially something which will talk to your mail clients, Web based mails and your contacts there. Or to say it stronger: do not click on anything like this never ever!

There is also earlier post on this blog “The Privacy Risks of Social Networking Sites”.

Note:StumbleUpon sent many visitors to my blog and it seems that some stumblers like this blog – thanks all of them. But I have to be honest – StumbleUpon poses privacy risk.

Share

2 thoughts on “StumbleUpon Privacy Risks

  1. Pingback: Facebook Privacy Problems | Dragan on Security

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>