FTC Blogs

FTC warns companies to remediate Log4j security vulnerability

Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a serious vulnerability in the popular Java logging package, Log4j (CVE-2021-44228) was disclosed, posing a severe risk to millions of consumer products to enterprise software and web applications. This vulnerability is being widely exploited by a growing set of attackers.

Revised Health Breach Notification Rule resources spell out companies’ legal obligations

Shoppers can find a plethora of apps, trackers, and sensors that hold or capture almost every conceivable form of personal health information. If your business or nonprofit offers products like that or provides certain services to entities that do – and you aren’t subject to HIPAA – you may be covered by the FTC’s Health Breach Notification Rule (HBNR).

Cease and Desist Demands show the role social media platforms play in the spread of dubious COVID claims

The Omicron variant has consumers saying “Omigosh,” but even before the current surge, advertisers have been using questionable COVID-related claims to promote their products. FTC staff sent 25 more Cease and Desist Demands to businesses, most of whom have made unsubstantiated prevention or treatment representations for tinctures, teas, and sundry services.

FTC says Dun & Bradstreet deceived small businesses about services and pricing

Small businesses, the FTC is on your side. According to a proposed FTC settlement with Dun & Bradstreet, D&B took big bucks from small businesses with the promise to improve their credit reports, but the primary business that benefited from D&B’s pricey services was Dun & Bradstreet itself.

How to avoid buying fake COVID tests online

The news is filled with images of long lines at in-person COVID testing sites and reports of limited supplies of at-home test kits. It’s not a surprise that, according to the U.S. Food and Drug Administration, fake and unauthorized at-home testing kits are popping up online as opportunistic scammers take advantage of the spike in demand.

Keep your personal information safe in the New Year

As 2021 winds down, lots of us are making resolutions for a fresh start in the New Year — maybe to exercise regularly, get our finances in order, or spend more time with friends. But your list isn’t complete until you add “update my security software” and “protect my personal information” to the mix. Scammers and hackers are always looking for new ways to steal your personal information online.