Safer Internet Day is observed every year on 7th of February and is a day that aims to raise awareness of emerging online issues and current concerns. Since social media is a significant part of our daily lives, it is important to understand the dangers of sharing too much information online. This Safer Internet Day, perhaps it’s time to reflect on whether our propensity for sharing every detail of our lives, and the lives of our children, is putting us, our families and even our employers and colleagues at risk.
‘Sharenting’- the trend of parents sharing photos and other details about their kids online – is of particular concern not only for the individuals and their children but for their employers as well.
According to Stanley Hsu, Regional Vice President of Asia, Mimecast, “With the rise of social media, the line between personal and business world is blurring. Posts on business-oriented sites are becoming more ‘social’ and employees and organisations are inadvertently leaking sensitive business and personal information. For example, a job advertisement for a firewall engineer with very specific requirements reveals to a cybercriminal important information about your choice of security vendors and where there are gaps in your cyber skills, information that they can’t easily obtain elsewhere. Information that is freely shared on social media channels creates ammunition for the cybercrime industry’s onslaught on consumers, businesses, and public infrastructure.”
Hsu has shared tips for consumers and businesses on the dangers of social media oversharing and what to be aware of:
- Weaponising our personal data
Our love of sharing details of our personal and professional lives online can reveal intimate details about ourselves that cybercriminals would struggle to find elsewhere. Such details include our location, date of birth, occupation, place of work, hobbies, and even intimate personal details such as where we’re going on holiday.
The more personal information people share on public platforms, the easier it becomes for cybercriminals to build profiles of their potential victims which are used to develop and launch sophisticated social engineering and other types of cyberattacks. Such attacks can not only compromise the person’s personal cybersecurity, but also that of their immediate family, friends and especially employers. 89% of Singapore respondents in Mimecast’s State of Email Security 2022 report, were concerned about employees making a security mistake due to oversharing of company information on social media.
- Online permanence calls for greater awareness of risks
One of the great dangers of sharing information online is that, once something exists in digital format, it ‘lives forever’ and is largely out of one’s control. This makes it more likely that at some point the information will fall into the wrong hands.
In the case of photos and other information shared to social media, all it takes is for threat actors to develop online personas that can connect with a person’s social media profiles, giving them full access to the inner workings of the person’s life.
- ‘Sharenting’ poses additional risks
Sharing photos of children’s birthdays and special moments can pose real and direct security risks to parents, children, and others in their immediate personal and professional circles, including their colleagues and employers. For example, if a parent posts a photo of a child’s birthday outfit outside their school, it reveals information about the child’s age, location, the school they attend and more, which cybercriminals could potentially access and utilise in their attacks.
Or if a parent posts a picture of their ‘take-your-child-to-work-day’, anyone watching would suddenly have multiple data points about that parent that could be weaponised by threat actors to improve their attack methods. Moreover, cybercriminals could use the information people post about their kids to commit identity theft.
Given the above concerns, parents – and internet users in general – should:
- Never reveal intimate personal details about where they live, where they work or where their kids go to school
- Avoid posting photos from an office that can provide insight into the company’s security measures, as threat actors could use this information to circumvent company defences
- Always remember that the internet doesn’t forget: anything posted online is likely to remain there indefinitely. Take care therefore to consider whether that photo or social media post could create risks to you or those in your immediate circle, including your employer
It is also essential that organisations prioritise regular and ongoing cyber awareness training which can equip employees with the necessary knowledge to avoid risky online behaviour.