The ever-growing use of social media and mobile devices by everyone has opened easy gateways for cybercriminals to steal personal information, identities, and money. Individuals are making it even easier for them by sharing too much online.
This is according to Charl Ueckermann, CEO at AVeS Cyber Security, who comments: “Information has become more valuable than oil, making it big business. Here we are talking about the average Joe’s information. Any person with an online presence or some money in the bank has personal information worth taking,.
He points out that the global data economy is estimated to be worth more than $3-trillion while the total revenues for the oil and gas drilling sector was 2-trillion in 2017.
“Cybercriminals are using social media platforms as spam and phishing tools and to spy on users. In the wrong hands, your personal information can be used against you. Users have had their accounts hacked and cloned, allowing hackers to distribute spam and other offensive content, as well as scam users out of money. Worse still, they can steal your identity. In essence, anyone’s business is their business.”
Ueckermann describes the trend to get tagged and liked on social platforms and the compulsion to overshare online as dangerous addictions. When done without forethought to privacy, people put themselves – and anyone connected to them online – at risk.
“Your internet presence, if you don’t manage it carefully, can cause you some trouble. Social media and the Internet have become a reflection of real life, and everyone can have access to you and your go-bouts.
“Your real-life audience is controlled and small in comparison to your online presence if not set-up with caution. Whatever you share publicly is in the public domain, which means anyone can see it. They can see where you have been, what your interests are, who you are friends with, where you work, your contact details, what you look like, and so much more.
“This is personal information, your information, and it is valuable to cybercriminals, because the more information they have about you, the easier it becomes to impersonate you.”
The protection of personally-identifiable information (PII) is becoming an obligation with pieces of privacy legislation like POPI (South Africa); GDPR in the European Union and the Information Protection Act (UK). There is an onus on companies to protect the information they store about their customers.
Think about banks, which must store bank account numbers; medical aid companies, which must keep personal and medical information safe, and governmental organisations that must keep ID numbers on file.
“Yet, individuals are putting their personal information into the public domain every day. Thanks to Google, Facebook and other information platforms that have monetised the information they have retrieved from users, we have become more aware of our privacy. But, most people are not aware enough, and they are not doing much to protect their privacy,” says Ueckermann.
So what should internet and social media users be doing to protect their information?
Ueckermann says that any personally-identifiable information should be kept private by default and shared with discretion. This includes contact numbers, ID numbers, home addresses, and email addresses.
“Start by checking your privacy settings on the social media platforms that you use so that only your ‘friends’ and contacts have access to what you share. Screen the people you allow onto your social media profiles. If you don’t know them, should they really be able to see your life and your personal information?
“Secondly, watch what you share. Always think about what you share and how that information could be used against you if it landed in the wrong hands. Social engineering cybercriminals can often get your personal information with just a few data points, so the less you share publicly, the better.
“Thirdly, always use the most updated versions of social media apps and lock down your login by using authentication tools and not only usernames and passwords. Use complex passwords with a mix of lower and uppercase letters, numbers and symbols. Never use the same password across your social media accounts. Keep your passwords and usernames private.
“You should also install internet security software and anti-spyware on the devices that you use to browse the Internet and connect with people online. This includes your smartphone and tablets. Make sure that these tools are regularly updated to protect your devices against intrusions and infections.
“Lastly, be wary about entering credit card and banking details on websites. Always make sure that the URL at the top of the page begins with https. The ‘s’ stands for secure. If there is no ‘s’, do not enter payment details on the website.”
Ueckermann concludes: “In this highly connected, digital world, it is unrealistic to say that people should not connect, share, transact and engage online. It is the way of the world. However, there is such a thing as oversharing, and there are common-sense limits to the type of information you should put into the public domain. Always think, ‘would I like a bank robber or a fraudster to see this’? If not, don’t put it out there. The responsibility to protect your information starts with you.”