There wouldn’t be 1.44 billion active users on Facebook if the risks outweighed the rewards.
Likewise, with more than a billion using a website that requires you to use your real identity to share our media, thoughts and feelings, we can’t expect there to be zero risks to social media.
The same way someone can study your driveway to find out when you’re not home, your profile can be stalked for insights into your life. Despite this, the worst most of us have had to deal with is being awkwardly contacted by people we’ve purposely kept out of our lives. Most of us will never have to deal with what female gamers were forced to endure when they ignored or rejected friend requests from a seventeen-year old resident of British Columbia.
“He exposed their private secrets to the world, put their lives in danger and shut down Disneyland in the process,” CBC News’ Jason Proctor explains.
His alleged speciality was a combination of “doxing” and “swatting.”
“Doxing” has come to mean “using the internet to find and expose a target’s personal information,” which is technically legal, though against the terms and conditions of many sites, in most places. “Swatting,” which is “the faking emergency calls to trigger the deployment of SWAT teams to a victim’s house,” is not legal anywhere.
What can you do to prevent this kind of behavior? If the perpetrator is fixated enough, not much.
“You’re not going to stop a dedicated attacker from doxxing you,” F-Secure Security Advisor Sean Sullivan told me. “Get offline for that.”
Any threat of harm online should be taken seriously. Take a screenshot and report it to both the platform where the threat was posted and the appropriate law enforcement agency.
But the good news is that most perpetrators are not clever and lawless enough to go to the extremes this young man was. And even if they were, most of us have gotten pretty good at not oversharing after more than a decade of living in a world where Google makes researching people’s lives easy.
“The world has gotten smaller because of the internet, not just social media,” Sean explained.
If you Google your name along with the name of the city you live in, for instance, you may be disturbed at what you find. And even if you are good at limiting what’s posted online about you along with what you share and with whom, you still may be vulnerable.
“Oversharing is not the problem,” he said. “Security questions are.”
The answers to many of the security questions attackers could use to infiltrate your accounts and dig out private information from you or your friends are based on “trivia” from your life, like what school you attended. Such information can be easily Googled.
What can you do about that?
“Consider lying,” Sean said.
But that does create a problem. As Mark Twain said, “If you tell the truth, you don’t have to remember anything.” If you lie on your security questions, you’ll have to remember those lies.
Sean’s suggestion, “Use a Password Manager like F-Secure KEY that has a notes section.”
Then you can record your fibs and protect your strong, unique passwords that are — along with updates system and security software and a reliable VPN — essential for keeping intruders from accessing your accounts.
“Now would be a good time update your security questions.”
[Image by Secretive Ireland | Flickr]
F-Secure invites our fellows to share their expertise and insights. For more posts by Fennel, click…
March 22, 2018