THE BLOG

Careful Surfing Required In The Digital Age

23/11/2016 13:46

It used to be that visiting websites of an 'adult' nature was dangerous for very different reasons than it is today in the digital age. But while in the past visiting these sorts of sites might have been damaging to your marriage or relationships, today it is getting a whole lot worse it seems.

Sites like Adult Friend Finder which was last week hit by what has been described as one of the biggest data breaches ever with over 412 million user account details compromised are today putting our digital reputation at risk as well as our personal reputation.

Last year a similar site - Ashley Madison - reported that hackers had exposed data from about 36 million users. But this is small fry compared to this latest adult website breach.

But why does it matter?

The truth is that exposed credentials from adult dating sites hold particular value for cyber criminals given their potential to extort victims. Most subscribers to these services want to remain anonymous and don't want their employers or families to know. Users are likely to be prepared to pay large amounts of money to prevent their details being exposed online where others can see them.

What's even worse is that for the Ashley Madison breach it was found that the leaked details included more than 200,000 exposed corporate credentials such as company email addresses. We know that often people use the same password across multiple sites and applications, so this sort of email and password combination is extremely valuable to the cybercriminal underworld.

Of course the Adult Friend Finder breach could be 10 times bigger, so there would likely be a significant amount of corporate credentials that could leveraged for malicious purposes.

Account takeovers, spear phishing, and extortion are just a few of the risks that corporate staff could face. Companies should proactively monitor for credential dumps relevant to their organization's accounts and be ready to force password changes in the event the credentials haven't been exposed in the past.

The reality is that no matter what sites we subscribe to, we need to be diligent about what contact details we use. I know many people who have a separate email address that they only use when registering online. In addition we need to be more disciplined about the passwords we use - simply using the same one across multiple sites, is opening us up to all sorts of risk as criminals know that with an email address and password combination, it is highly likely they can target other sites and gain access to more accounts.

Ultimately we need to be conscious of the cyber risk in everything we do - make sure we use even basic security techniques and approaches when accessing ANY sort of online service or website.

It is important we are aware of the risks - to our digital reputation - and take steps accordingly to protect ourselves.

Comments

CONVERSATIONS