About Me

My photo
I am an international security consultant. A licensed bodyguard. Publisher and author and the Managing Director of Concept Tactical Worldwide.

Thursday, 1 July 2010

For your information.

Information is valuable, your personal information is especially valuable.
Therefore you should carefully control who has access to it.

I am writing this piece in response to a recent YouTube video doing the rounds on the Internet about a girl who joins the popular social networking website, Facebook. She displays pictures of herself in various sexy outfits and bikinis and begins to attract the attention of a number of "male" Facebook users. According to the video she accepts "friend" requests without thought or question and without actually ever having met the "friend requester" in person and soon enough has hundreds of "friends" on Facebook. One particular "friend" starts to make sexual advances towards her. She spurns his advances and "un-adds" him as a connection. Unfortunately according to the video it was too late -- as the "bikini girl" had published her address details on her page and the sexual predator had them. A couple of days later the girl is found by the police dead in her home.

While I do not believe this particular video tale to be true I think the message behind the video is important none the less. Protect your information and be careful of who you interact with on social networking websites. The story of the "bikini girl" could very well be true, in the past or in the future. The basic and perhaps obvious message in the video is that you must not display your home address on your Facebook page. Not only that, show commonsensical discretion about what images of yourself you publish on the net.

Be aware that Internet predators and data collectors will not only look for your home address but for the following information:

Your age and more specifically your date of birth, your gender, who you live with, who your family members are, your partner’s name, your family members’ names, where you work, who you work for and with, what your job description is, where you socialise, if you have pets and what their names are.

Additionally they will try to find out if you have any vices - do you gamble, do you drink excessively, do you take drugs.

The reasons for seeking this information about you could be several -- from simply looking for market research information and how best to deliver the right kind of target advertising to you, to more sinister motives such as kidnap and ransom or robbery.

However, according to many law enforcement agencies one of the most common criminal activities perpetrated on the world wide web and through social networking websites is of a sexual nature by perverts and predators who want to take advantage of young children.

So if you have kids, then it is absolutely your primary responsibility to ensure that your children interact on the web in a safe and responsible manner. The potential threat facing children on the web is a very real one and as a parent you should be as mindful of this fact as you are of the perils of letting your child play on the streets at night unsupervised.

Financial Benefit

If not for any other reason, you should protect your personal information in order to safeguard your finances. Access to some of the information I have listed above can allow a cyber-criminal to open the door to your bank account and e-mail accounts.

I shall explain why:

Your password - Answer the following questions honestly:

Does your password contain your date of birth?
Does your password contain your partner’s name?
Does your password contain your pet’s name?

If you answered yes to any of the above three questions, do not be surprised that I knew you would. You are part of the massive majority of Internet users. Cyber-criminals and criminal syndicates have taken full advantage of this fact and have created computer programs that only require your date of birth and the names of the people and pets in your life as well as various other commonly used password elements such as number sequences frequently used by virtue of their place on a common keyboard. They then input this information into these programs which then generate hundreds of combinations using these elements.

These combinations are then systematically entered into your social networking and e-mail accounts - either by program or by human intervention.

A vital part of information that you need to protect but which is often thought of as being the least harmful is your e-mail address. This is an essential part of the process of getting into your accounts and accessing your information. Therefore, never disclose your e-mail address on social networking websites. To further protect yourself from cyber attack, use different e-mail addresses for different purposes. It is a good idea just to have an e-mail address to create social networking website accounts -- then never disclose this e-mail address to anyone.

Also, take note of the domino effect that can take place once just one of your accounts has been breached. For instance, if cyber-scum disguised as an innocent school teacher or hospital nurse becomes your friend and is able to see your e-mail address they can immediately get to work.

They have your e-mail address so they know where your main e-mail account is hosted. All they need to do now is figure out your password. And if you have been as free with information on your personal profile about your pet’s and your partner’s names, then, alas, more than likely your date of birth is freely displayed as well.

The criminals now have the most common elements that make up Internet passwords. All they have to do now is work on the combinations.

Now imagine they crack your password and are able to access your main e-mail account. They are now able to systematically access and change all your passwords on all your accounts linked to that e-mail address.

Remember, when you request a password change on a networking site, the way in which the site asks you to verify who you are is by accessing a link which they will send to the e-mail address you used to create the account in the first place.

A top tip is to have different passwords for different accounts. This makes the chance of the domino effect taking place minimal if just one of your non-main e-mail accounts is hacked.

Another very important fact to remember when on social networking sites is that according to commonly found Internet statistics, between 40% and 50% of all profiles are fake!

I personally know of one particular Facebook user who has created at least 7 fake accounts. I know it is the same user as I look for and have identified the following traits within all of the fake accounts:

All of the fake profile pictures are partially obscured or completely individually un-identifiable. All the profile names have been similarly concocted. All of the fake profiles act towards the same goal -- obviously as it is one person the grammar and writing style are near-identical. Additionally this user always has the fake profiles back each other up. In other words he makes the fake profiles look genuine by using the other fake profiles as a sort of pledge -- by writing on “each other’s” walls and commenting on “each other’s” stories.

Now this user’s goals are simple and not so sinister. This user is trying to sell a company name and product through word of mouth and recommendations through the fake profiles. What amazes me is how many genuine Facebook users seem to eat it all up and fall for what I can only describe as very poor con artistry.

Another tell tale sign of a fake profile is that they often call other accounts – genuine ones -- fake in an attempt to ward off anyone questioning their own authenticity. The alarm bell here for me is that this is taking place in security industry circles and is largely being bought, hook, line and sinker.

While I am on the topic of the security industry, another risk involved in social networking is security professionals such as bodyguards often putting at jeopardy their client’s safety through unbelievably unprofessional and stupid status updates, tweets and photos.

Identifying who their client currently is; pinpointing the exact location of themselves and their client at a concurrent moment; sometimes giving away the fact the celebrity for instance is in another country.

As you probably know, all you have to do to find out a star’s home address is to search the Internet or buy a "Hollywood stars" type map. If you know the star is out of the country -- bingo, free house robbery.

And of course there are numerous stories of people being fired from their jobs because of what they have said on social networking sites.

So protect you information on-line - what you put out and who and what you let in.

It is important not only to be tactically aware of your surroundings but to be tactically aware of your patch of Cyber-Space.

For more info visit http://www.concepttactical.com

No comments:

Post a Comment