Thursday, May 1, 2008
"What's the big deal anyway?". A remark we hear very often when discussing personal data issues.
"Nothing to be concerned about, who would be interested in my personal data, and what can they do with it anyway?"
Everyone agrees that a credit card number or bank account number is not something you should share (even
Jeremy Clarkson eventually). But what can people do with my name and address, social security number or date of birth?
Personal data can be used for identity theft - impersonating someone by using as much as you know about that person to get financial or other benefit in that person's name. For example you could go to a bank and request - and receive - a new credit card in the name of the person you are impersonating, with the bills of course being sent to the original person.
How do criminals get their hands on your data? Everybody knows about skimming - a technique where a debit or credit card gets copied by attaching a small device onto an ATM machine. Another well known technique is to steal files from people's computers, by hacking them or by installing viruses or Trojan horses. And of course there is social hacking, asking seemingly
harmless questions to a person online or in person, and using that information to build a complete profile.
And criminals move with the times. A
BBC team exposed, in a proof of concept, how easy it is to socially hack
Facebook and harvest information on other users, including names, passwords and other information.
How do criminals use this data? It seems that
data thieves set up data supermarkets to sell stolen personal data to whomever might be interested. Yes, you can get a working credit card number for a few euro, or even buy complete corporate log files (containing names and passwords, server locations, numbers and confidential information) for as little as 200 euro. When closed down, they just reopen on another location.
Stuff to think about. Perhaps you will consider this the next time before revealing some of your personal data to anyone.