Recent considerable attentions have paid to the popularity and success of crowdsourcing. However, the crowdsourcing paradigm has several open security and privacy concerns in processes, such as task submission, data collection and truth discovery. Throughout the comprehensive study in current works, we present a review of the existing security and privacy issues in crowdsourcing. We have identiﬁed ﬁve most representative security and privacy attributes (i.e., conﬁdentiality, integrity, fairness, accountability, and privacy-preservability). We present the existing attacks and the vulnerabilities that may be exploited by attackers, the threat models, as well as existing countermeasures in crowdsourcing scenario. Future research directions and open questions are also concluded and discussed in this survey.