By Cynthia Hetherington
Data, at its most annoying, is a commodity with social media sites selling your Likes to data providers. Data, at its most dangerous, allows terrorists and scammers—as near as your neighbor or from faraway lands—to farm from open sources the personal addresses of our military personnel to threaten them and their families. They robocall mercilessly and prey on the elderly. Unfortunately, we share much of the data that generates these annoyances and threats.
In this new blog series, we help you understand the dark side of information sharing. You will learn the pitfalls of oversharing and how to reduce your online risks. You will gain useful tips for protecting your personally identifiable information (PPI) and preventing identity theft, learn how to opt out of online vendors and how to remove your PPI from three major DNA collection retrieval services.
A variety of information is available to businesses and organizations. While most of the information is non-sensitive, some of it can be sensitive. This week, we review types of information, where it is stored, and federal laws regulating the sharing of such information.
Social Media: The Enemy in Your Home?
Reconnecting with old friends, networking with colleagues and clients, even finding long-lost loves, are now all real possibilities with information from social networks accessed on desktop and laptop computers or cell and smart phones on a global scale. No extraordinary efforts and, more importantly, no extraordinary talents or intelligence are necessary. With plug-and-play social network applications, you simply fill in the blanks to answer a few questions, and you become part of a global network.
In the past, when Websites were developed and maintained by a select few, those unique participants were the only authors of what happened online. That which was once a medium for the few is now an open market for all users—good, bad, indifferent, and sometimes downright ugly. Today, anyone can share thoughts, opinions, and photos online through easily accessible social networks.
And they do.
But often with ease-of-use comes lack of control. While people are reuniting, connecting, and sharing in online social networks, the dark side is also online—fomenting a space in which pedophiles are viewing the Instagram images of children, gangs are tweeting amongst one another, ISIL is recruiting, and criminals are trolling for target homes to rob as owners announce on their social networks, “We’re on vacation this week!”
Everyday millions of people, once content surfing the Web and emailing their friends, are now using social tools such as Instagram and Twitter to keep everyone apprised of their day-to-day lives, often in the most minute details.
Online technology has also reached the young and innocent among us who easily and readily adapt to new technologies. Their physical-world lives are also their Internet lives—with no filter. Young users can say and do pretty much anything online, and often do. On the other hand, adults and seniors also participate on online social media networks; but, unlike the younger set, these more mature folk, who grew up in an era of discretion and modesty, are not as open in their online social network postings. In general, younger people will join social networks openly; adults will exercise some modicum of caution before sharing their lives online, despite the occasional errant CEO sending out a random, damaging Tweet or unpopular image via Snapchat.
People connected on social networks can be exposed to the most rudimentary and personal information. These shifts can initially be unsettling for the first-time user. In the physical world, good or bad news would be shared over the telephone or spoken in person to a few close friends. It would not occur to you to walk into a local grocery store and announce to your fellow patrons that you just finished a load of laundry or that you were staying home with a sick child that day. Doing so would seem awkward and inappropriate. And, yet, in online social networks such as Facebook, it often seems like the social norm to mention these details—in fact, it can feel almost a social obligation to do so.
In an environment of such relatively uninhibited, open communication, it is not long before overzealous opinions, bits of rage, drunken rants, and other embarrassing entries get posted. The user could be upset, deranged, or overjoyed; and his or her natural reaction is to share the emotion—often on their social network. Friends don’t let friends drive drunk, right? Consider taking not only the keys away from that person, but also the keyboards.
Sharing your thoughts and activities online is not necessarily a problem. The problem comes when users forget that everyone in their social network is reading their online post. So, when you post something in frustration about your boss, co-worker, spouse, or friend, remember that the boss, co-worker, spouse, or friend—and all their networked friends (and all their networked friends)—may also be reading your posts.
There are free resources for monitoring social media networks including but certainly not limited to Twitter, Instagram, and Reddit. String searches such as “hate my boss,” “cheated on my husband,” or any other such confessional phrase, can be monitored using resources such as Twitonomy.com or Google Alerts if your profile is public.
Are you an analyst or investigator looking for advanced OSINT training on risk assessment and risk monitoring? If so, check out Hg’s webinar series, where you can attend live sessions and receive CEUs or watch previously recorded sessions to beef up your investigative skills.
Are you concerned about your company’s or employees’ points of vulnerability through online and open sources? Our skilled analysts are experts at removing personal information that puts you, your business partners, and your family at risk. Learn how our team can assist you in assessing and monitoring your risks.
Cynthia Hetherington, MLS, MSM, CFE, CII is the founder and president of Hetherington Group, a consulting, publishing, and training firm that leads in due diligence, corporate intelligence, and cyber investigations by keeping pace with the latest security threats and assessments. She has authored three books on how to conduct investigations, is the publisher of the newsletter, Data2know: Internet and Online Intelligence, and annually trains thousands of investigators, security professionals, attorneys, accountants, auditors, military intelligence professionals, and federal, state, and local agencies on best practices in the public and private sectors.