In episode 54 of The Cyber5, we are joined by Aaron Barr, Piiq Media’s Chief Technology Officer. In this episode, we discuss how data breaches are combined with other open source information to paint a more holistic target profile for bad actors. We also discussed the true information anchors and weaponization that can lead to an online attack against someone. Finally, we discussed what executives and individuals can do to protect themselves and how protective intelligence is playing a greater role in physical security.
Here are the 3 Topics We Cover in This Episode:
1) Common Information Anchors Used to Attack Someone Online:
- Connection to an organization indicating that someone is likely a high net-worth individual.
- Communication platform for content delivery including email address, social media platform, phone number, etc.
- Context for authenticity. The social engineering approach must have the right information about an individual for increased success.
2) Best Practices for Staying Safe on the Internet:
- Keep social media postings about personal information, locations, jobs, education as simple as possible. Be careful not to post pictures with background details that give your location or family profile to potential attackers.
- Ensure profile pictures are minimal as those are public regardless if everything else is private.
- Password managers should be used for personal accounts.
- People should have at least three personal email addresses. Email addresses should be siloed: a) social media accounts b) bank accounts or personal information c) thrown away for rewards, e-commerce, and gifts.
3) Education and Awareness Training Still Important:
Education to executives and the workforce about simple technology such as the ability to flag suspicious emails that get escalated to the security team still goes a long way in securing the workforce.