With the professional and personal life now fully interconnected, online actions directly influence the real world. One of the most affected areas in this regard is the communication and exchange of personal information, as the user's details can be used against him. Kaspersky researchers analyzed two major consequences of the exchange of personal data - provided publicly with or without permission - doxing, which is the public anonymization of a person online and the sale of personal data on malicious websites.
By researching how much an online person's security can cost, it turns out that accessing important data, such as medical history or identifying information, can cost less than a cup of coffee.
While people's level of information about privacy issues is rising, most of us still have only a general understanding of why this matters, with 37% of millennials believing that they are too boring to be victims of cyber-crime. But that's really not the case. For example, doxing, which is, in a way, a method of cyberbullying, can affect any user who is vocally online or who does not conform to the subjective standards of other users.
Doxing occurs when a person shares private information about another person without their consent, with the aim of embarrassing, emotionally hurting or endangering the target. Users do not usually expect personal information to be disclosed in the public domain, and even if they do, they do not anticipate what harm they might do to them. But, as practices show, with cyber attackers or malicious users, doxing can turn into hacking of target accounts - a service offered on the black market.
To gain a better understanding of how users' personal information can be used in the wrong hands, Kaspersky's research looked at active offers on 10 unauthorized international forums and markets. The research showed that access to personal data can be priced starting at 50 cents (USD) for an ID, depending on the depth and extent of the data provided. Some personal information remains as requested as it was almost a decade ago - mainly credit card data, bank access and electronic payment services - with those prices unchanged in recent years.
Price range in USD for different types of data identified as a result of analysis of offers on illegal market forums
However, new types of data have also emerged. These now include personal medical information and selfies with personally identifiable documents, which cost up to $40. The increase in the number of photos in which users hold certain documents in their hands and the schemes they use also reflects a trend in the "cyber-goods game". Abuse of this data can lead to quite significant consequences, such as taking over the name or services of the victims, based on their identity.
The consequences of abuse on other types of personal data are also significant. The data sold on the black market can be used for extortion, execution of scams and phishing schemes and direct theft of money. Certain types of data, such as access to personal accounts or password databases, can be abused not only for financial gain, but also for reputational damage and other types of social harm, including doxing.
In recent years, many areas of our lives have become digitized - and some of them, such as our health, for example, are mostly private. As we see from the growing number of data leaks, this leads to more risks for users. However, there are also positive developments - many organizations are taking additional steps to ensure the security of their users' data. Social media platforms have made great strides in this regard, as it is now much harder to steal a user's account. That being said, I think our research highlights how important it is to be aware that your data is actually requested and can be used for malicious purposes, even if you don't have a lot of money, don't express controversial opinions, and generally , you are not very active online.
The Internet has given us the opportunity to express ourselves and share our stories, and that's fantastic. However, we need to understand that being present and expressing yourself in an online environment is not exactly a private endeavor - it is much more than when you shout on a busy street and you never know who might get in your way, who disagrees with you and how others might react. In such a situation, there are risks. This does not mean that we should delete and close our accounts on social platforms, of course. It is important to understand the consequences and potential risks and to be prepared for them. The best course of action when it comes to your data is this: to know what information others know, to eliminate what you can, and to take control of the information about you that appears online. It's so simple, but it takes effort.
To minimize the risk of your personal information being stolen, I recommend:
Watch out for phishing emails and websites;
Always check the permission settings for the applications you use to minimize the likelihood that your data will be shared or stored by other users - and not only - without your knowledge;
Use two-factor authentication. Remember that using an application that generates unique codes is safer than receiving the second SMS authentication factor. If you need extra security, invest in a 2FA hardware solution;
Use a reliable security solution to generate and secure unique passwords for each account and to resist the temptation to reuse the same password for multiple accounts;
To find out if any of the passwords you use to access your online accounts have been compromised,
Always consider how the content you share online might be interpreted and used by others.
My successful faucets!
PipeFlare & Hive ZCash - ZEC with tier 4 referral program
FreeCryptos: (DASH), (TRX), (ETH), (Cardano), (BNB), (LINK), (NEO), (LTC) & (BTC)
Never heard of Doxing before! Thank you 😊