With how widespread the use of technology and the internet has become, it is practically impossible to come across someone that hasn’t used Google at least once in their lifetime. Likewise, people who don’t own a single social media account are far and few between; and while access to such websites have their perks, their accessibility in itself could easily lead to one’s downfall.
In a presentation entitled “Online Privacy and Risk Management” by OSINT Intelligence Analyst Ritu Gill held during Trend Micro’s annual cybersecurity conference DECODE 2021, Gill points out common habits of internet users that could be threatening their safety. Gill also shares instances when we unknowingly leave traces of our identity and ‘digital breadcrumbs’ that hackers could easily use to access sensitive information.
While the conference is primarily attended by cybersecurity professionals, students looking to learn about the field are still welcome. “The various panel discussions and presentations are designed to cater to different sectors as part of our efforts to educate vulnerable audiences and raise awareness on online safety and security,” said Alma Saturnino-Alvarez, Director of Threat Hunting at Trend Micro.
To better protect ourselves and minimize our digital footprint, here are some DOs and DON’Ts from Intelligence Analyst Gill herself that can apply to everyone –expert or otherwise.
1. Be careful when posting photos of things that could contain sensitive information
While this may be obvious and self-explanatory, it still persists to be a common mistake of social media users. Gill shares that even when covering up flight information and ticket numbers, an exposed barcode or QR code alone could already make your personal information (such as destination, boarding gate, address, and even bank information) available to anyone that knows where to look (or anyone that’s used an online barcode reader).
P.S. This also goes for photos of packages bought from online stores and vaccination cards!
2. 20 questions? This or that? Favorite ____? Be mindful of the information you publish online
What may look like an innocent game to get to know people better, might actually be the key for hackers to unlock your personal data. These games, according to Gill, are prime examples of oversharing sensitive data online. Answers to seemingly innocent questions like “What street did you grow up on?” or “Name of first pet?” could provide hackers with the answers to security questions commonly asked for when securing an email address or bank account.
Posting or publishing information like addresses, phone numbers, and birthdays without any security settings can unlock a mine full of data for hackers.
3. Don’t click on suspicious links even and especially if it states that you’re now supposedly the heir of a recently deceased monarch and a billion times richer
Being on the receiving end of a suspicious text or email is something most of us have probably experienced at one point in our lives. While some links come accompanied by intriguing messages or seemingly automated “official” looking notifications, they’re no different from those obviously sent to scam in that one click on the link could automatically infect your entire system. Gill suggests using URL or website checkers like urlscan.io to get a read on where the link came from and to trace malicious activities from the source.
Remember to ALWAYS think before you click.
4. Everything you post online builds your digital footprint. Be aware and thoughtful of what you post and how it can potentially endanger yourself and others
Always exercise caution when posting online, especially if your accounts are not on private. Aside from refraining from posting phone numbers, addresses, and bank information avoid geotagging locations you are presently in or posting while on vacation. Such information could make people aware that your house is empty at the time or may compromise the location of you or your family. Gill warns to keep in mind that privacy settings don’t always work and sites may be “leaky” so manual precautions like these could save your life.
You have control over the information you release online; therefore, do so responsibly.
5. Utilize the resources available to you to build your security and stay secure
While it may seem taxing, simply going through and adjusting your privacy settings could make a big difference. Gill advises to use strong passwords (not based on the names of pets or loved ones), turn on two-factor authentication, and install the latest software and app updates on your devices. Additional steps you can take include using a password manager, encrypted email, and a paid Virtual Private Network (VPN). Securing ourselves online can also be as easy as removing old accounts that are no longer in use and deleting software or unnecessary third-party apps from devices.
Beyond securing social media accounts, Gill also reminds us to think about our online search habits and the search engines we use. Even on incognito, websites and service providers can still access search histories. Sites like coveryourtracks.eff.org, amiunique.org, and whoer.net can easily show how your browser appears to other sites. Using browser extensions like HTTPS Everywhere or Privacy Badger can help further adjust your privacy settings and keep you protected.
In this age of digital and technological transformation, information about anything and everything is readily available online. While we may reap the benefits of this more often than not, we must still remain vigilant and take active steps to protect ourselves and the people around us.
To quote Gill’s final words, “Don’t be a soft target. Take control of your online privacy and security”.
To learn more about how to keep yourself secure online, check out DECODE 2021 keynote and sidetrack sessions by visiting https://decodeph.com. All recorded sessions will be available on-demand until July 22, 2022.