PRIVACY ON THE INTERNET?
As I’ve delved deeper into my career in cyber security I’ve become increasingly aware of just how difficult it can be to maintain your privacy while browsing the web. There are so many ways that data is taken from you during your time on the internet, much of which is completely innocent. However, in some cases, you may be opening yourself up to issues, such as hacking or fraud.
Here I’ll look at some of the most common ways that sites and potential fraudsters get information from you and some of the uses that are found for this data.
WAYS YOUR DATA MIGHT BE TRACKED OR OBTAINED
So how might companies get their hands on your personal information? It can happen in a few ways, some of which are legitimate and consensual, whereas others are scams.
LEGIT DATA CAPTURE
Data is captured on you all the time while you’re browsing the web. This list is by no means comprehensive but here are a few ways it happens.
Website Cookies – Most websites use cookies, which are little files that are placed on your computer. They’re generally pretty benign and are used for things like making later browsing experiences on the same site easier, however, some more malicious sites may install cookies that are capable of tracking other data too.
Data Capture Forms – If you have ever signed up to a newsletter online or created a profile on a site, all of the data that you enter is captured by the site in question. Again, this is usually fairly harmless but it may be worth checking out the site’s privacy policy just to make sure they use the data they obtain legally.
MALICIOUS DATA CAPTURE
The far bigger threat to your computer security are the techniques that are used to capture your data for malicious purposes. These are some of the techniques used.
Email Scams – We’ve all heard about the Nigerian Prince emails that did the rounds a few years back. These are the sorts of scams that are pretty obvious but there are many more besides. What are more dangerous are the emails that look like they come from legitimate companies. As a general rule of thumb, you should avoid replying to any emails that are pushing you to enter or change details via a link in the email. Most legitimate companies will not do this, as scammers can mask links so the data you enter goes into their hands.
Computer Viruses and Malware – Computer viruses range in purpose from being essentially harmless ways for hackers to mess with your computer, through to exceptionally complex viruses that can track the buttons you press on your keyboard. The latter are dangerous because they can track things like usernames, passwords and any bank details you may enter into websites.
HOW IS THIS DATA USED?
There are many ways that the data that is captured on you may be used by the sites that get it. Again, these uses can be split between legitimate and malicious and this list is definitely not comprehensive.
LEGIT USES
It’s always important to check privacy policies on websites, as submitting data to them usually means you are giving them permission to use that data. Here are a few ways that might happen.
Improving Browsing Experiences – This is usually the main focus of cookies, which is why you might find that site’s slow down again should you delete all of the cookies on your system. Cookies may also be used to track things like what you do on a site, which can be used to determine ways to develop those sites further.
Marketing And Advertising – Have you ever noticed how the adverts on Facebook and websites using AdSense tend to be fairly relevant to you? This is because a lot of online advertising services use your personal data to cherry pick ads that are more likely to interest you. A lot of people are uncomfortable with this, as it is an in-your-face reminder that somebody has this data about you.
Selling – A lot of companies make money from selling their data pools to third parties. They usually need to ask your permission, though, so make sure you check any online forms and privacy policies carefully to make sure this can’t happen if you don’t want it to.
MALICIOUS USES
The data captured on you using malicious practices is usually used to break the law in some way.
Identify Theft and Fraud – By far the most common issue with malicious data capture is identify theft and fraud. Criminals can use the data they gain to make purchases, drain your bank account and even create profiles in your name on sites you’ve never visited.
Selling – Malicious data capturers are also just as likely to sell your data as those who get your permission. An email address may only sell for a couple of cents, but if criminals get enough of them that’s a tidy penny. Add passwords and other personal info into the mix and you will see where the profit lies in malicious data capture.