If you have completed the first lesson of this course, you are well aware that personal data has no place in the public domain. So how does it end up there?
There numerous ways, and not all are under your control. For example, a cybercriminal can steal information from the server of an online store or hotel if it is not secure enough. This might include your name, home address, birthday, and even passport details!
Information that you consider to be personal can get accidentally leaked by relatives, friends, and even ordinary acquaintances. For instance, a pal might absent-mindedly post a stupid photo from a bachelor party, which could potentially ruin your reputation. They might even tag you, so that everyone in your list of friends — including your boss — will see it.
But far more often we spill personal information ourselves, through carelessness or ignorance./
You might, for example, post some silly photos on a social network, forgetting that some colleagues follow your page. However, there are less obvious cases.
Do you sometimes apply for loyalty cards and take part in promotions? Are you OK with giving your phone number and email address during registration? Did you read the terms and conditions? It’s bound to be written there that the company can share this data with anyone. And one day it could fall into the hands of spammers.
Spammers might also get your contact details from ad sites like Craigslist. They don’t need to wheedle anything out of you. You put it there yourself!
Decided to send some sample contracts to a client via free Wi-Fi in a cafe or hotel? Your work email password might get intercepted — and used to penetrate the internal network of your company, where the cybercriminals will find plenty of juicy fodder. All these are instances when we ourselves are sloppy with personal information. But sometimes such data is systematically targeted and stolen.
It can be particularly nasty if an attacker gains access to a social media account that you actively use. They will get their hands on a treasure trove of personal data, such as information about your interests and family contact details, which are very handy for phishing or extracting money posing as you. Or personal correspondence, which can be turned into a blackmail tool.
But an even greater threat is having your main mailbox hijacked. Armed with this, cybercriminals can reset the passwords for all services you use and take full control of them.
So they avidly prey on mail accounts, trying to bruteforce passwords or steal them from you or a company server. Want to know how to protect this data? We reveal all in the next lesson.
You receive an email: An online store is offering a 20% discount. You follow the link to the website and see a form asking you to log into your Instagram account. What do you do?