We enjoy sharing a photo post, on social networks with our friends and family. Little do we know that the photograph of a happy smiling face, tagged with a geo location could cause that much trouble, in addition to all the personal information we leave when opening a profile in the first place. And then we hear that someone we know, has been a victim of identity theft. Is it really all the hacker’s fault, or do we as users have our share of guilt as well?
Past few months’ news about ransomware have been rapidly spreading over the internet. Most of them blaming Microsoft Office products for the vulnerability in their files. Microsoft patched their products back in 2014, but fact is that the corporate and home users do not update their software regularly. This, consequently kept those users vulnerable for a breach. Another good example for user-side vulnerability is the fact most users keep their login credentials written in a file on their computer, un-encrypted.
So yes – hackers are the ones to blame, but we as users should not ‘call to action’ that easily. We should keep our computers and software up to date, and perhaps use simple solutions, such as a password manager for example, which keeps our passwords privately secured.
Human Negligence – Open Door for Identity Theft
It is not just specific files that attract attention. Two out of five US households never changed the router password from the day they received it. Home networks are always good entry-points for cybercriminals. We trust these networks because we own them, we use a computer connected to this network, and log in to our bank accounts, Facebook profiles, Emails etc. Whenever we connect to Internet, we leave detailed traces of our online activity.
Apart from companies like Google following our behavior to make the user experience personal and more enjoyable, some are using these traces for their own personal gain. Criminals set to make profit on someone else’s expense, will use any tool available to uncover information. One such case of small business owner, that was handling multiple personal and company accounts with login credentials, ended up with his bank account depleted. The owner had his passwords stored on a computer, using file name ‘pass.doc’. For a culprit that has breached security network, entered his computer this was an obvious and easy take. Soon after, the owner realized his bank account has been robbed for over 38,000$.
Hackers as we call them, will go a great distance to accomplish what they set out for. A more valuable target, a more prized a reward. They will follow patterns and invest time to get what they want. Contrary to general stereotypes, cybercriminals have gained a special skill set to gain victims trust. Cyber Investigators, a special police department that investigates Internet-related crimes, reports that several victim categories fit ‘the easy target’ profile. These victims are constant and include:
- People who are new to the Internet,
- A naturally naïve person, mostly elderly,
- People who are disabled or have serious illness.
They are often victims of scams involving healthcare products, business and investment opportunities, identity theft and credit card fraud.
Considering all the intentional or unintentional negligence from users and company employees, hackers are abusing the free information so easily available to them. The most effective way to protect yourself is to imagine that you share your computer with someone you don’t trust or know nothing of. The most affected victims of identity theft are the consumers (home users), they don’t end up with ruined financial history alone, but also a criminal record. By the time they clear their names they are emotionally, spiritually, financially and physically exhausted.