Why does this matter?
Cybercriminals and automation are quickly evolving. For example, when sensitive data like the aforementioned is shared on public social media outlets, bots can automatically file away everything about you for later cross-referencing. Also, don’t be surprised if advertisers are keeping this information to target you with related ads.
Once cybercriminals acquire this sensitive data, they can buy and sell your data on the dark web. Anything you say publicly online can be matched somewhere else, and by connecting the dots cybercriminals can compromise an account and cause havoc in your life.
For example, let’s say your email address and password for an online store were leaked in a breach, you use the same password on every website, and you answered a quiz on Facebook and said your first car was a Ford Escort. Cybercriminals head to the dark web and mass purchase lists of breached accounts and ancillary data, such as social media answers. An automated program could cross-reference these lists and target you with high efficiency. In this example, it could be enough to login to your bank account and answer an obscure security question like — “what was your first car?”
The moral of the story is this: don’t answer questions about your personal life on the internet. You could be unknowingly giving away answers to secret questions, and you’re building up a database of information to be used against you.
BONUS: These are two rules to live by when dealing with the internet:
- Never put something on the publicly facing internet that you wouldn’t want your worst enemy to see.
- If something is free, you are what’s being sold. Free email, social media, and free tiers of apps are essentially fronts for data collection efforts that help flesh out your ad profile, leading to advertisers targeting you with scary relevant ads. But, it gets worse. What if cybercriminals breach and sell these databases full of personalized data on the dark web? They guess your passwords, phish you with great accuracy, and more. (FYI 37 billion records were breached in 2020 alone.. Facebook was 530 million of those.)
For more information on passwords, you can check out a few of our related blog posts on the topic.
- Are you Properly Protecting Your Passwords? This List is for You.
- Cybersecurity Series Part II: Why Passwords Matter
Questions? Contact PK Tech here.