Dox marks the spot - security in the age of social media
Dec 11, 2018, 3:26:35 PM Published By Wirex Team
It may come as a surprise, but social media has been a part of our world for almost 25 years now. It has evolved from basic online networking provided by the likes of SixDegrees.com, to todays Snapchat, Twitter, Facebook and Instagram-filled world, showcasing the minutia of our day-to-day lives. While these platforms connect us like never before, there are inherent risks that are associated with an online presence.
DoxingDoxing is defined by Technopedia as, the process of retrieving, hacking and publishing other peoples information such as names, addresses, phone numbers and credit card details. The term originates from 90s hacking slang dropping dox, which was the method of leaking someones personal (usually incriminating) documents onto the internet. It was done to question someones legitimacy for example Hillary Clintons leaked emails during her 2016 presidential campaign - or to cause general havoc, like the hack that leaked the names of people on the Ashley Madison database. Self-doxing is a more recent phenomenon. To self-dox is to inadvertently leak your personal information onto the internet, and the advent of Twitter, Facebook, Instagram and other popular social media channels has made it easy to do. Kim Kardashians 7.8m robbery in Paris in 2016 was an example of self-doxing. Kardashian uploaded a selfie to Instagram (with her location tagged in the post) showcasing her 18.88-carat engagement ring; she was then tracked down to the flat she was staying in and robbed of millions of pounds worth of jewellery. This also happens in the crypto world. Heres a crypto example of self-doxing:
Your digital footprintSelf-doxing can happen to anyone. You can inadvertently give away personal information in photos, videos, gaming, statuses, comments - anything that contributes to your digital footprint. Think of your digital footprint as the trail you leave behind you as you move around the internet. It includes things you post, comments you leave and cookies that track your browsing activity. With a bit of digging, a hacker can uncover a wealth of information about you that will enable them to commit fraud. In November 2018, RBS was forced to pay out thousands of pounds in compensation as a result of a phone banking scam. According to a report by the BBC, bank records show the fraudster initially called the bank, posing as the customer, and asked for her account to be reset for security reasons. Staff followed the banks usual security protocol and called the customers landline number, unaware that the call had been diverted to a mobile number. All a hacker needs are small bits of information - like your pets name or the place you were born - to be able to pass security. They can then unearth more personal information, to access your accounts or even visit your home.
How to safeguard yourselfIts important to remember that much of what you put online can be seen by anyone, and so vigilance is key to keeping yourself safe. Thankfully, there are measures you can take to make yourself less of a target, including:
- Google yourself - no, not out of vanity. Googling yourself in incognito mode shows you your visibility online. Whatever comes up on Google is what others can see. If you dont like it, change it. Which leads us to...
- The Right to be Forgotten - since 2014, the Right to be Forgotten has been officially part of EU law, and further supported with the introduction of GDPR legislation, which states EU residents have the right to request that links to pages of data that are out of date, irrelevant, excessive or inaccurate be removed from Google search results.
- Long, strong and varied passwords - this makes them more difficult to be guessed and hacked. Its also advisable to enable 2FA with an authenticator app (rather than authentication by text) so that more than one device is required for logins.
- Read policy updates - dont blindly accept social media app updates and policies, they generally change your visibility settings. When you click accept, go to your settings and check whats changed in terms of privacy.
- Uploads - when uploading onto social media, think about what your photos, tweets and posts might reveal of your personal information.
- Friend requests - dont be that person who has 4000+ Facebook friends - no one really knows that many people. If you receive a friend request from someone you dont know, you should ignore it. Scammers send requests to profile you in the hopes of getting enough information to either scam you or send malicious links that contain viruses, spyware, or ransomware that can compromise your devices.
- Beware of geotagging - any time you add a location to an Instagram post, or tag yourself on Facebook flying off from an airport, youre sharing your exact location - potentially with the world. Its not difficult for someone to quickly build up a picture of your routine, or worse, know exactly when youre away from your home.