teiss Cyber Brief - Example 4

“Don’t Believe The Hype”

Latest scams: ”You could be entitled to compensation”

When there is a major security breach that involves people’s personal data, it is often reported in the media. This is especially true when it is large companies that are breached. The public get to see all the gory detail of the case, and in many cases it’s members of the public who have had their data stolen.

British Airways were breached in 2018. The case has been settled with the UK’s Information Commissioner’s Office, and a fine levied. And this has been reported widely.

The trouble for us, however, is that cyber criminals can use these very public cases. Under the guise of “you could be entitled to compensation, click here” emails, they draw the unwitting to carefully crafted websites set up to steal your personal information or payment card details.

The lure of “free money” is a powerful one, especially when attached to a credible narrative that you already know about from the media. Sometimes, the best lies are the ones that are closest to the truth.

Salutary tales: A simple trick that cyber criminals don’t want you to know

In a recent article, the ten biggest data breaches of 2020 were laid out. It made for interesting reading. Five of the ten were breaches of well known, large companies that really should have known better: Twitter, Marriott, Zoom, MGM Resorts and Nintendo.

It is a sobering thought that well-funded and high profile companies still struggle to get the basics right. Your personal and payment information is at risk as a result of this failure.

There is one single thing you can do to help protect yourself and reduce your risk of breaches. It is to ensure you have a different password for every site you have an account with. That way, if your details are stolen, the attackers won’t have access to all of your other accounts. Make this one change today!

Regular Tips

Social Media Sharing

Social media is both the high point and low point of our society, depending upon your viewpoint (and perhaps how many followers you have!) The increase in social media usage is astounding, with over 346 million people creating new digital identities over the past year.

Perhaps even more astounding is the type of information that people share on social media. BitDefender have run the numbers and estimate that nearly 60 percent of accounts share more than 12 personal data points publicly including:

– 79%: home or physical address
– 05%: gender
– 30%: names
-85%: URLs
– 21%: jobs
– 32%: usernames
– 53%: dates of birth
– 45%: email addresses
– 44%: education
– 24%: phone numbers

This is problematic as attackers can use this information to build a profile of you as part of preparing an attack. Additionally, this information may highlight you as being more vulnerable to an attack as well: the more you share online the better a target you are.

Criminals can use this information to fool you into thinking it really is your bank calling because they know your home address and date of birth. Combine this with any other information they may have gleaned from other attacks, and they can build a startlingly accurate picture of you. The more information they have, the easier it is for them to fool you into trusting them.

Don’t overshare your personal information on social media. Be aware of what your public profile actually looks like to an outsider. Find a close personal friend and ask them to check out your public profiles to see what they can find out about you.

You may be surprised.