How Your Digital Footprint Fuels Cyberattacks — and What to Do About It
Where you live, where you jog, what your pet’s name is and which email address you use the most is no longer a secret to cybercriminals. Hackers are exploiting the digital breadcrumbs — your personally identifiable information (PII) — that you leave behind daily to launch their cyber attacks. So what can you do to protect yourself?
Your Digital Footprint is a Vulnerability
If you are like most of us, you have been using digital services for years not realizing that you have been giving hackers access to the details of your personal life. On social media, we voluntarily share PII about who we are and where we are, using the location check-in features. The personal information we share on apps like Facebook or even something simple like the workout route information we log on our fitness apps can be compiled by cybercriminals to paint a complete picture of our online identity.
Perhaps you use the Strava fitness-tracking app, which runners and athletes use to record and automatically share their activities and workouts with a community. Did you know the app has also been used to map sensitive locations, like military bases?
According to a recent investigation by the French newspaper Le Monde, this fitness app also makes it easy to track the highly private whereabouts of world leaders like President-Elect Donald Trump and President Joe Biden online because their bodyguards use it. The investigation suggested U.S. secret service agents were using Strava in the weeks following the assassination attempts on Trump. These are extreme examples, but they underscore the risks of oversharing in a hyperconnected world.
Anyone can be a Cybercriminal
You no longer need to be a tech wizard to be a cybercriminal. The barrier to entry has never been lower. Now, anyone can simply buy what they need to successfully launch an attack via online marketplaces that sell everything from breached accounts to automated tools that scrape the web for personal information.
Over the past few years, we’ve seen tools emerge that make it easy for even novice cybercriminals to access large databases of stolen information. The databases often include sensitive information like credit records and bank account credentials. Unfortunately, legitimate tools designed to help cybersecurity professionals identify vulnerabilities are also being abused by hackers. These tools make it easy to quickly gather extensive personal information on individuals from their online presence. For example, some tools use bots that can automatically combine your social media details — like your spouse’s name or your birthday — to generate a list of potential password combinations for your accounts. AI is also being used to draft up highly personalized phishing emails that appear legitimate and trustworthy and prey on human psychology. Some attackers target cancer patients with emails promising access to life-saving treatments. Cancer patients are particularly vulnerable to potential fraud and exploitation of their digital footprints.
How to Protect Yourself in a Hyperconnected World
Reducing your digital footprint doesn’t have to mean going off the grid. Here are some practical steps you can take:
- Use separate emails for different accounts: Don’t rely on one email for everything. This minimizes the damage if one account is hacked — it won’t lead hackers to all your other services.
- Review privacy settings regularly: Many apps have default settings that overshare your information. For instance, on apps like Strava or Telegram, you can turn off location tracking and limit who can contact you or add you to conversations. A quick check of these settings can significantly reduce your exposure.
- Avoid saving passwords in web browsers: Browsers prioritize convenience, not security. Instead, use a password manager. These tools securely store your passwords and can generate strong, unique ones for each account. This reduces the risk of malware or phishing attacks stealing your credentials directly from your browser.
- Think before you post: Share less on social media, especially in real time. This will make you harder to track and target.
Your digital footprint is a goldmine for cybercriminals, but it doesn’t have to be. By being mindful of what you share, where you save your data and how you secure your accounts, you can make their job a lot harder.
