Do you know what data you have shared with the World?
With all aspects of cyber security there is an overarching assumption that you, as an individual knows what data you own and what you may have shared with the world. But do you?
Cyber crime is based on the concept that data has value, if that data can be stolen then that value can be realised. So, as a quick self-assessment why not ask yourself how much data you have provided, for free, to one of the World’s biggest social media companies – Facebook.
Now before you think that I’m about to go off on a soft rant about the perils of social media and how Facebook is the root of all evil, I’m not. I’m a fan of social media, if used correctly it is incredibly powerful and to give Facebook its due they are transparent on what data they hold and they freely allow their users to modify, edit or delete it if they so wish. Hence why I’m using them in this quick example.
When you are logged into your Facebook account, up on the top right hand corner is a little drop down triangle. If you click on this and drop down to the ‘settings’ menu, you will be taken to a new screen. At the top of this screen there is a tab called ‘General’. Here it gives you the basic information about your account. – name, username, email address etc. At the bottom of this list of information there is the intriguing option to ‘Download a copy of your Facebook data.’ – have you ever done that? Why not give it a go? in fact I’d highly encourage you to do this.
What will happen is that once you have validated your password, Facebook will go off and collate all the information that it holds on you, all your posts, all your ‘likes’, all your comments, all your photos, all your contacts and much more. It will tie it up in a little package of data and offer you the opportunity to download it. Depending on how much data you have placed with them, this process could take a few minutes, or a couple hours. Regardless Facebook will email you and let you know when the data is ready to download.
Once downloaded you will be provided with a folder full of data. Facebook don’t make it exactly obvious, but look in the folder titled ‘html’. Here you will find the lists of all your contacts, all your friends, all your messages, all the places you have ‘checked into’ and much more. As Facebook has a much better memory than you, you may have even forgotten that you tagged your Mum in a picture 5 years ago as you moved her into her new home.
Keep going, browse the photos folder to see all the photos and comments on those photos going back over the years. All the videos you have ever watched – they are listed too! And all the events you have been invited too, interested in, attended or declined. They are there too.
Now look it again with the eye of a cyber criminal. You can do this, I’m sure you’ve seen some Police based investigation TV show, so see if in any of your data you find some information that might catch the eye of a criminal. Maybe your mother’s maiden name, maybe your date of birth, your address, your phone number, your spouse, your place of work. Could this information be used for identity theft, or perhaps even, as many cyber criminals have done, to apply for lines of credit based on a stolen identity and commit fraud?
The answer will be more likely yes! How do I know? Because I did this little exercise myself and although being ‘cyber aware’ I was shocked to what data I had slowly handed over to Facebook. Data that is protected by, in many cases nothing more than a simple password.
And that’s just one social media platform. As we know there are many more, Twitter, Instagram, LinkedIn, Pinterest. Plus, all that data you have stored on your Google account including your YouTube viewing habits. Throw in your iCloud accounts, maybe one from Microsoft too and before you know it data about you, that certainly has a value, is sprinkled liberally across the internet.
If this doesn’t bother you, or raise even the smallest concern, then that’s ok. I’m not here to suggest you take any action. But remember many cyber criminals are very patient. They only need to target the identities of a few individuals – those who celebrate they takes for the high life online perhaps and have weak security – to make cyber crime a very profitable venture.
If you are concerned, then perhaps it’s time to trim back some of the more intimate data about you, lock your account with additional security and privacy controls and maybe think twice about what you are sharing and with whom.
This simple little self-assessment exercise can do more to raise awareness, at an individual level, about cyber security than anything else I’ve come across. Let me know how you get on.