As we all grow to be more reliant on the internet, with just a little bit of digging, most likely anybody can find at least a piece of sensitive information about your online: your full name, your email address, your phone number, or even your physical address.
In this guide, we will share some actionable tips in preventing hackers from stealing your sensitive data, and proactive ways to protect your privacy. Let us begin, however, by discussing what kinds of information are at risk.
What Information Is Available to Cybercriminals?
You might be surprised by how much your sensitive information is actually readily available for hackers to access on the internet:
- Personally identifiable information (PII) including but not limited to your name, physical and email address, social security number, date of birth, educational records, tax number, medical records, and employment records. For example, a hacker can breach Amazon’s database and obtain details of purchases that you’ve made on Amazon. Cybercriminals can then use this private information to, for example, attempt to guess your password and access your online accounts.
- Online conversations (emails, IMs, text messages, etc.). The content of your conversation is kept on servers, and hackers can potentially access it. Also, when they’ve gained access to your email/IM accounts, they gain access to your contacts and they can then send spam emails to everyone you know.
- Audio calls made over the internet, video conferencing via Zoom, etc., are all potentially compromised, no matter how secure the platform hosting the data is, there is always the possibility that the server can be breached one day.
- All your browsing data. We all know how cookies are tracking our browsing activities, and when the business publishing these cookies is compromised, so is your data.
We should also consider the fact that cybercriminals are always evolving: new methods, new technologies, and new tools. With time, our data is only going to become more vulnerable if we don’t implement cybersecurity best practices as soon as possible.
How Compromised Privacy Can Affect You
The impact of stolen data and information can go beyond the embarrassment when your illicit emails and IMs are leaked online, but can also cause more serious damages. Of course, many of us still remember how there has been an alleged hacking intervention in the 2016 U.S. presidential election. In other countries, there have also been some serious attacks that have impacted so many people’s sensitive information.
The consequences of data breaches and other cybersecurity attacks on your personal information include:
1. Identity Theft
The most common impact of a data breach for individuals is the theft of confidential or sensitive information. The cybercriminals can then use this information to impersonate the victim electronically (identity theft). Alternatively, the hacker can also blackmail the victim and potentially ask for ransom unless the information would be released to the public.
Cybercriminals, for example, can use the stolen information to steal:
- Medical benefits: for example, the hacker uses the victim’s insurance information to send fraudulent bills to the insurance company by fooling hospitals or other health-care providers
- Tax refunds: using the victim’s stolen SSN to receive a tax refund before the victim files the real return
- Government benefits: using victim’s stolen SSN to apply for government benefits, especially if the victim is a senior or a minor since they aren’t likely to notice the opening of new accounts.
- Credit card: applying for credit cards using the victim’s personal data
Spyware is a type of malware (computer virus) that is secretly infecting the victim’s devices (laptop, smartphone, etc.) and can perform things like tracking keystrokes typed on a keyboard and even record audio/video information using the device’s camera and microphone. Spyware can then be used to spy the individuals and steal information.
Potentially Unwanted Programs (PUPs) like malware, adware, and spyware (as discussed above) can track you and slow your device’s performance. For example, there are PUPs that load unwanted advertising that obstructs content on the victim’s screen and significantly slow down the attack. Nowadays, PUPs can also be utilized by hackers to mine cryptocurrencies using the victim’s resources.
Cybercriminals can infect the victim’s device with malware and taking the device under their control, turning it into a part of a botnet. In turn, the hacker can use this device (and the whole botnet) to launch a Distributed Denial of Service (DDoS) attack on other websites.
In a DDoS attack, the hacker can use the botnet to generate a massive amount of requests to a website/app to slow down its operation or even to completely deny service to its users.