How limiting our online information can safeguard our lives

Cybersecurity experts have warned that cybercriminals could use information on social media to harvest personal information to boost the efficacy of a broad range of cyberattack types. According to Werno Gevers, cybersecurity expert at Mimecast, any information shared online can be used to develop social engineering and other cyberattacks. “Our love of sharing details of our personal and professional lives online can give cybercriminals useful information about our location, date of birth, occupation, place of work, hobbies and even intimate details about our personal lives. Cybercriminals then use this information to improve their techniques and launch increasingly sophisticated and convincing attacks that can trick even experienced and cyber-aware internet users.”

“As much as we love sharing photos of our kids’ birthdays and special moments, it can pose a very real and direct security risk to parents, kids and others in their personal or professional lives, including employers. For example, if a parent posts a photo of a child’s birthday outfit outside their school, it reveals information about the child’s age, location, the school they attend and more, which cybercriminals could potentially access and utilise in their attacks.”

The line between personal and the business worlds is also blurring. Posts on business oriented sites like LinkedIn are becoming more “social” and employees and companies are inadvertently leaking sensitive business and personal information.

“That job advert for a firewall engineer with very specific requirements tells a cybercriminal important information about your choice of security vendors and where there are gaps in your cyber skills, information that they can’t easily obtain elsewhere,” explains Gevers.

In Mimecast’s State of Email Security 2022 report, 60 per cent of organisations in Saudi Arabia and 66 per cent of those in UAE were concerned over risks to the business from employees oversharing company information on social media.

“As soon as content exists in digital format, it’s out of your control and could potentially fall into the hands of unscrupulous criminals,” says Gevers. “In the case of photos and other information shared to social media, all it takes is for threat actors to develop online personas that can ‘connect’ with your social media profiles and they have direct access to all the personal information you post online. Sharenting poses additional risks, as cybercriminals could use the information you post about your kids to commit identity theft that can put kids at risk for years to come.”

Some studies estimate that by 2030 nearly two-thirds of all identity fraud cases affecting kids will have been a result of sharenting. And since anything posted online lives on indefinitely, kids may have a hard time later in life disassociating themselves from pictures or other information posted online by their parents.

Gevers advises that social media users take extra care before posting anything online. “Never reveal intimate personal details about where you live, where you work, or where your kids go to school. Avoid posting photos from the office that can provide insight into your company’s security measures, as threat actors could use this information to circumvent the organisation’s defences. Critically, remember that the internet doesn’t forget: anything you post online is likely to remain there indefinitely, so take care to consider whether that photo or social media post could create risks to you or those in your immediate circle, including your employer.”

Read: Steps to protect against online brand impersonation attacks