Posted on by Eiman

How secure is your privacy on the internet?

On July 31, 2020, Twitter, a popular microblogging platform, tweeted –

“The attack on July 15, 2020, targeted a small number of employees through a phone spear-phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.”

The moment this tweet was made, it took the entire world by storm with a wave of threat. The company became a target of a cyber attack through a phone spear-phishing attack where the attackers gain access to employees’ credentials with direct access to the tools. The attack targeted approximately 130 Twitter accounts, meaning – Direct access to meeting from 45 accounts, DM inbox of 36, and access to the Twitter data of 7 accounts!

Time and time again, we hear about such incidents of a data privacy breach that hurt millions of people worldwide. Indeed, it can get us to think of security and privacy on the internet is real or just a hoax? Is privacy dead on the internet, or it’s just a matter of fact?

How and why businesses collect your personal data?

Browsing websites is a common thing for any internet user. It can be anything – the blog or website you regularly visit to read stuff, the social media platform you use, the shopping websites you shop from. While it may seem like a normal thing for you as a user, the bigger picture isn’t the same.

Whenever you visit a website, all your activities and data is recorded by the service provider. This makes customer data the central focus area on its own. Businesses keep records of their customer data for a variety of purposes. It can be to analyze consumer behavior, conduct predictive analysis, and offer a better user experience. While this recording of data is just a small segment of the whole framework for most businesses, some of these have already built an entire business model around the paradigm of consumer data.

Let us have a closer look at the type of consumer data that businesses collect and store.

  • Personal data: It is the information that can be personally identified. This category includes data such as social security numbers, your name, gender, location, and other personal data. It is also inclusive of your non personally identifiable data such as browser cookies, device ID, IP address, etc.
  • Engagement – related data: This data category includes the consumer’s interaction with a business’s website, mobile applications, emails, paid advertisements, customer service routes, and social media pages. It is highly beneficial for a company to conduct consumer behavior analysis and develop strategies to improve user experience.
  • Behavior – related data: This data segment includes data such as transaction details, browsing history, purchase history, and other qualitative data. The main focus behind collecting behavioral data is to assess the usual behavior on the internet.

How do businesses use consumer data?

Every information or activity that a business record can be used in several ways to draw insights from it. Here are a few instances of all such possible reasons why your data is collected –

For many businesses, this consumer data enables them to understand consumer behavior and offer a better experience to meet their demands. By accessing customer behavior, these businesses can also modify their reach in the digital space or gain a clear understanding and place in the marketplace.

Consumer data also helps businesses to gain a clear picture of how consumers engage with and respond to their marketing strategies and campaigns. It offers businesses an idea of what consumers like and what they have already shown interest in. Indeed, all such information can help develop strategies that can grow their existing and prospective consumer base.

Some businesses may also use consumer data to secure more sensitive information for security purposes. One prominent example of this is the collection of voice recognition data by banking institutes. It allows a user to access their financial information. It is also used to educate the users about potential security threats to protect them from fraudulent activities.

What are the potential threats to your online privacy?

Since many data and activities go out over the internet, sometimes there is a possibility that there can be several potential threats to your privacy in the digital space. From fraudulent attempts to malware and phishing attacks, many security issues can happen without necessary precautions. To get a clear picture of such prominent threats, let us look at a few cases.

  • Malware – Malware is one of the most prominent cybersecurity threats that an internet user can be exposed to. It is malicious software that activates when a user clicks on the attached link or media. It can be spyware, ransomware virus, and even worms that lead to installing harmful software on your device. Once activated, it can block access to your device’s main network components and install harmful additional software without your knowledge. It can even harm individual parts of your device, which can disturb the whole system!
  • Phishing – Next prominent set to your security on the internet is a phishing attack. It uses fake communication through messages, calls, or emails to treat the user into opening the attachment and follow the instructions provided. The ultimate aim of phishing attacks is to steal all the sensitive information such as credit card information, login information, or even to install malware on the user’s device. The only way to protect yourself from any such phishing attacks is to never trust any unauthentic source and share your sensitive data with anyone on the internet.

One of the most prominent cases of phishing attacks is that of Crealan Bank. The Belgian institute fell prey to a business email compromise scam that cost them approximately $75.8 million!

The case involved a compromise of a high-level executive’s account where the existing employees were instructed to transfer money to an account that was being controlled by the attacker. The attack was noticed during an internal audit. Still, the company was able to cover the losses since they had enough reserves. However, the bank didn’t release any other related information. They made a public statement announcing that they will be taking exceptional measures to automate their internal security measures and prevent similar attacks from happening in the future.

  • SQL injection – Popularly known as Structured Query Language, SQL is a type of cyber attack due to malicious code insertion into a server using a structured query language. Once your device gets infected with the same, the server releases the complete information. Submission of the malicious code usually results from attempts where a user enters it into a vulnerable website search box, which is unauthentic.
  • Password attacks – One of the most common cyber attacks people usually fall prey to. Once a cyber-attack gets access to the right password, he has access to a whole mine of information. There are several passwords that attackers used as attempts as a strategy to trick people into sharing their sensitive information, including essential passwords. There are also instances where the attackers access a password database, resulting in vulnerable and sensitive user information.

Some famous cases of privacy breach

Users’ data privacy breach is another issue that has been posing a significant threat to the users time and time again. Not long ago, the privacy breach that risked the data of millions of people would have been bizarre news. Even the cases of privacy breaches involving millions or billions of people are a lot more common. The contrast is so significant that around 4 billion people lost their personal data to theft during the initial data breaches themselves. In contrast, the least significant one involved a data breach of 135 million users!

One of the most prominent privacy breach cases is that of Canva, an Australian graphic design tool website. The company became a victim of an attack that leaked sensitive data of 137 million users. According to one of the official statements made by the company, the attackers managed to view it. Still, they failed to steal the partial credit card and payment information.

Further, the suspected culprits even boasted about the incident claiming that the victim company had detected their attack before and blocked the data breach server. They also claimed you have gained the necessary login credentials for users who signed using Google. Consequently, the company later confirmed the incident, notifying the users and prompting them to change their credentials and reset the tokens.

What’s the bottom line?

We live in the age of the internet, where everything is opaque and transparent at the same time. Willingly or unwillingly, knowingly or unknowingly, every activity that we do on the internet is being watched out and can become a target of attacks and breaches. While this transparency is not always harmful to the users, it can still affect your decisions. Ultimately, it’s up to us what we choose to share and the extent to which we give access to our information.

Share it!

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.

Sign In

Forgot password?

Register

Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.

Call Now Button