Metropolitan Digital

Google


.

  • Written by Ravi Sen, Associate Professor of Information and Operations Management, Texas A&M University
Your digital footprints are more than a privacy risk – they could help hackers infiltrate computer networks

When you use the internet, you leave behind a trail of data, a set of digital footprints. These include your social media activities, web browsing behavior, health information, travel patterns, location maps, information about your mobile device use, photos, audio and video. This data is collected, collated, stored and analyzed by various organizations, from the big social media companies to app makers to data brokers. As you might imagine, your digital footprints put your privacy at risk, but they also affect cybersecurity.

As a cybersecurity researcher[1], I track the threat posed by digital footprints on cybersecurity. Hackers are able to use personal information gathered online to suss out answers to security challenge questions like “in what city did you meet your spouse?” or to hone phishing attacks by posing as a colleague or work associate. When phishing attacks are successful, they give the attackers access to networks and systems the victims are authorized to use.

Following footprints to better bait

Phishing attacks have doubled from early 2020[2]. The success of phishing attacks depends on how authentic the contents of messages appear to the recipient. All phishing attacks require certain information about the targeted people, and this information can be obtained from their digital footprints.

Hackers can use freely available open source intelligence[3] gathering tools to discover the digital footprints of their targets. An attacker can mine a target’s digital footprints, which can include audio and video, to extract information such as contacts, relationships, profession, career, likes, dislikes, interests, hobbies, travel and frequented locations.

Your online activities may feel fleeting, but they leave traces.

They can then use this information to craft phishing messages[4] that appear more like legitimate messages coming from a trusted source. The attacker can deliver these personalized messages, spear phishing emails[5], to the victim or compose as the victim and target the victim’s colleagues, friends and family. Spear phishing attacks can fool even those who are trained to recognize phishing attacks.

One of the most successful forms of phishing attacks has been business email compromise[6] attacks. In these attacks, the attackers pose as people with legitimate business relationships – colleagues, vendors and customers – to initiate fraudulent financial transactions.

A good example is the attack targeting the firm Ubiquity Networks Inc. in 2015[7]. The attacker sent emails, which looked like they were coming from top executives to employees. The email requested the employees to make wire transfers, resulting in fraudulent transfers of $46.7 million.

Access to the computer of a victim of a phishing attack can give the attacker access to networks and systems of the victim’s employer and clients. For instance, one of the employees at retailer Target’s HVAC vendor fell victim to phishing attack[8]. The attackers used his workstation to gain access to Target’s internal network, and then to their payment network. The attackers used the opportunity to infect point-of-sale systems used by Target and steal data on 70 million credit cards.

A big problem and what to do about it

Computer security company Trend Micro[9] found that 91% of attacks in which the attackers gained undetected access to networks[10] and used that access over time started with phishing messages. Verizon’s Data Breach Investigations Report[11] found that 25% of all data breach incidents involved phishing.

Given the significant role played by phishing in cyberattacks, I believe it’s important for organizations to educate their employees and members about managing their digital footprints. This training should cover how to find the extent of your digital footprints[12], how to browse securely[13] and how to use social media responsibly[14].

[Over 150,000 readers rely on The Conversation’s newsletters to understand the world. Sign up today[15].]

References

  1. ^ cybersecurity researcher (scholar.google.com)
  2. ^ doubled from early 2020 (apwg.org)
  3. ^ open source intelligence (osintframework.com)
  4. ^ craft phishing messages (www.knowbe4.com)
  5. ^ spear phishing emails (www.mitnicksecurity.com)
  6. ^ business email compromise (www.fbi.gov)
  7. ^ Ubiquity Networks Inc. in 2015 (krebsonsecurity.com)
  8. ^ fell victim to phishing attack (www.zdnet.com)
  9. ^ Trend Micro (www.trendmicro.de)
  10. ^ gained undetected access to networks (csrc.nist.gov)
  11. ^ Verizon’s Data Breach Investigations Report (www.verizon.com)
  12. ^ find the extent of your digital footprints (www.techjunkie.com)
  13. ^ browse securely (www.howtogeek.com)
  14. ^ use social media responsibly (www.digitalgrads.com)
  15. ^ Sign up today (memberservices.theconversation.com)

Authors: Ravi Sen, Associate Professor of Information and Operations Management, Texas A&M University

Read more https://theconversation.com/your-digital-footprints-are-more-than-a-privacy-risk-they-could-help-hackers-infiltrate-computer-networks-177123

hacklink hack forum hacklink film izle hacklink kavbet girişslot888kiralık hackersahabetpusulabet girişDeneme Bonusu Veren Sitelerholiganbet girişwbahispradabetGrandpashabetjojobetMavibet色情casibomnakitbahisjojobet güncel girişstarzbet1xbet girişjojobetgobahismatadorbet girişbetofficeenjoybetvaycasino girişgiftcardmall/mygiftmarsbahisbets10royalbetmamibetjustintvcasibomtarafbetugwin288sekabetmeritkingcasibomJojobetpusulabetkingroyalPorno İzlecasibom girişsweet bonanzabetoviscasibomcasibom girişmasterbettingmasterbettingyakabetartemisbet güncel girişbetpuan girişbetnanodinamobet girişbetkolikvdcasino girişsekabetmarsbahis girişbetkolikpusulabetprimebahismeritkingprimebahismadridbetbetcioyakabetyakabetyakabetjojobetbetlikebetovissahabetpacho casinoaertyerCasibom Girişenjoybettipobetcolor pickerholiganbet girişholiganbet girişmavibetmavibetmavibetholiganbetcratosslot girişMarsbahisdeneme bonusu veren siteleronwinonwinpusulabet girişeskişehir escortmatbetmatbet girişcasibom girişbets10bets10 girişholiganbetholiganbet girişbets10kavbetroyal reelsonwinKayseri Escortjojobet girişjojobetprimebahisbettiltmatbetyabancı dizi izlepadişahbetaviator gamesetrabettimebetbahisoistanbul escort telegramcasibomcasibomlocabetpusulabet girişmarsbahisvaycasinoJumbobet girişstreameastjojobetholiganbet girişjojobet girişpadişahbetcasibomgiftcardmall/mygiftttpat.com링크모음주소모음 주소킹주소모음 주소모아eb7png pokiesbest online casino australiaanadolu casino girişbest online pokies australiabcgame96 casinocrown155 hk casinobest online casino in cambodiapadişahbet girişStreameastjojobetmarsbahisgalabetartemisbet girişjojobetgooglebets10bets10betorderjojobetjojobetStreameastjojobetklasbahismatadorbetjojobetNo Deposit Bonus Casinos 2025marsbahiscasibomsadfasdfsdfasdasdasdasdkonya escortjojobetroyalbetprimebahispin up azmamibetslot gacorCasibomtrendbethiltonbetsweet bonanza girişkavbetcanlı maç izlesahabetbetebetjojobet girişcasibomแทงหวย24casibomhazbetcasibomsitus slot gacorcasibomGalabetcasino online non aamsperabetkulisbetperabetkulisbetjojobetmarsbahisBest eSIM for Caribbean Cruisecasino non aamsjojobetjojobet giriştrendbethiltonbetholiganbet girişkonya escortmatbetcasibom girişpusulabetmatbet girişholiganbet güncel girişkingroyalสล็อตเว็บตรงgiftcardmall/mygiftmamibet loginpusulabet güncel girişvdcasino girişmatbetMatbet