As I clean the news pile for the long weekend, it results in fascinating data points.
Despite built-in security features in mainstream operating systems, nearly half of Americans still use third-party antivirus software. Of those who rely on their OS security, 12% plan to switch to third-party software. Paid users prefer Norton, McAfee, and Malwarebytes, while free users prefer McAfee, Avast, and Malwarebytes. US consumers continue to purchase third-party antivirus software primarily due to fear of malware (84%), followed by concerns about privacy (54%) and online shopping (48%). Fear of losing cryptocurrency has also increased to 8%. The use of paid third-party security software is higher among the over-65 age group.
I also want to highlight this from 404 Media: Freelancers on Fiverr claim access to a powerful data tool, TLOxp, containing personal data on much of the U.S. population. They advertise the ability to dig through the data, including uncovering Social Security numbers, for as little as $30. Fiverr removed the listings after being informed. While some listings may be scams, the existence of these advertisements poses a content moderation issue. Hackers and fraudsters have used TLOxp and similar tools to dox people. TransUnion, the maintainer of TLOxp, did not provide a response. Fiverr stated that such services are not allowed on their platform, and they have taken action to remove the listings and suspend accounts.
Why do we care?
Isn’t the baked-in security software good enough? It’s a solid question: how much security software is too much security software? Are customers buying the right security software because there is too much security software?
I wanted to highlight outsourced doxing as a new risk vector. I don’t have a solution, but being surprised by this one would be bad.

