Services familiar to us are not 100% protected from data leakage. Pavel Parmon, an analyst at Falcongaze, a cybersecurity firm, wrote a column on why and how cybercriminals steal information, and how to complicate the theft process.
Why do they steal personal data of users?
The reasons for identity theft are completely different:
- This data can be sold to other cybercriminals;
- A person’s personal data can help “tailor” a phishing email to a specific victim, which will increase the likelihood of performing the desired actions (entering credentials / payment data on a phishing page, downloading a file with malicious content, etc.);
- With the help of the user’s personal data, you can access his accounts and devices and use them for your own purposes;
- Also, using personal data and user accounts, you can learn more about other users. Attackers can more accurately select attack mechanisms on a target and even find its personal data from other users. For example, in correspondence on a social network.
How cybercriminals gain access to other people’s personal data
There are many ways to get to personal data, but the main ones are:
- Hacking company databases. Unreliable, outdated protection against threats or just an unresolved bug in the system that no one knew about before the incident – all this can lead to data leakage;
- Phishing mailings. If your friend fell for a phishing email and his account was stolen, then phishing mailings may be sent from him to his social circle. As a rule, this method will be more effective, because subsequent victims are already writing on behalf of a familiar person;
- Insider leaks. There are times when attackers bribe an employee of the organization and he gives access to customer data;
- Simple search. Sometimes, due to misconfiguration, the server allows search engines to index the data that is stored on it. Such databases can be found using special queries in a search engine, and they often contain personal data of users. And users themselves leave a lot of information about themselves. For example, links to their accounts in other services, which contain even more information … after spending a couple of hours analyzing social networks and forums on which the victim sits, you can learn a lot about her: from opinions about the new series to sleep patterns and allergies to, let’s say strawberries.
How to protect yourself
Unfortunately, the user himself cannot protect himself from data leaks. After all, a large amount of data leaks just as a result of hacking of service databases or insider leaks.
But we have prepared some tips on how to make your data leak, if it does happen, less painful, and the life of attackers is more difficult:
- Provide only the minimum required data. If only mail and password are enough to work with the service, leave it that way. At the very least, the “bank security service” or collectors who gave your number as a contact will not be called.
- Subscribe to the newsletter from havibeenpwned.com. This service collects information about known leaks of mail addresses and will notify you if your mail has been noticed in a leak. But for each mail you need to issue alerts separately.
- Use different passwords for different services. Even if a leak does occur, attackers will not be able to spread networks to all your accounts associated with the received mail. And it’s harder for them to continue working, and it’s easier for you to restore one account instead of a dozen.
- Update your account passwords regularly. Data leaks happen all the time and do not always make it into the news. You may not even notice that your account has been hacked and is being used by cybercriminals;
- Set up two-factor authentication. It will prevent attackers from gaining access to your accounts even if they have login details;
- When verifying on a service with the help of documents (passport, driver’s license), a good preventive measure will be watermarks on the photo or a signature on paper, when and for which service the photo was taken. There is every chance that tech support will reject these photos if attackers try to use them to verify your account on other services;
- If a leak has occurred and your personal data was noticed in it, it would be a good idea to contact the competent authorities. Even if the investigation stalls, you will have confirmation that someone may have used your data. This will help challenge the responsibility for the actions of the intruders that they performed on your behalf. This, for example, helped Rafael Khalilov in February last year to cancel a bank loan that fraudsters took on him;
- Well, if you are good at security, you can participate in bug bounty programs and simply find vulnerabilities and notify companies about them. This will make their services safer and your personal data more secure.
The main danger of data leaks is that it can go unnoticed by the user. Companies do not always cover such incidents at least somewhere, and even if they do, the information about them does not always reach users. Therefore, it is very important to take care of your personal data in advance.