Tag Archives: oversharing

Sharing personal information plays part in Neiman Marcus hack

Data that you share on social media could end up for sale on the Dark Web.

Adjust your privacy settings on social networks. You never know who may be watching!

Adjust your privacy settings on social networks. You never know who may be watching!

The luxury retailer Neiman Marcus is the latest victim of a data breach. At the end of January, Neiman Marcus notified their online customers that unauthorized individuals attempted to access customer’s online accounts by trying various login and password combinations using automated attacks. The hackers were able to accurately guess the username and password combinations and access some online accounts. Neiman Marcus reported that only a small number of these accounts were used to make unauthorized purchases.

Personal information shared on social sites combined with Personally Identifiable Information (PII) and username and passwords for sale on the Dark Web, are making data breaches of this type more common.  Cybercrooks, terrorists, and nation states buy information from shady sites, then use it to break into banks, launder money, or make trouble for big U.S. companies like Neiman Marcus Group.

“These bad guys are assembling portfolios of individuals,” said Avivah Litan, an analyst at Gartner in an interview with DataBreachToday about the breach. “They’ve got a big database of American citizens and all the data associated with their identity, and lots of different people are buying up this data on the Dark Web. And they’re using this data to get to their targets.”

Unsafe practices make hacker’s jobs easier

Responsibility for customer safety belongs heavily with the organization. They should encrypt any customer contact information and use stronger authentication methods than just a username and password. But, we as consumers make the hacker’s job easier by using the same username and password on multiple accounts. Once one set of credentials is compromised, then hackers will test them to get access to other websites.

We can take steps that make it harder for a cybercrook to gather information on us and break into our accounts.

Clean up those passwords

One of the simplest ways to protect yourself against online threats is to use strong passwords for each of your accounts. Yesterday in the Avast blog, we told you how Avast Passwords can help you manage multiple accounts across the web and create encrypted, strong, unique passwords. Every Avast Antivirus customer can use this feature for free.

Avoid oversharing on social sites

Social media is fertile ground for cybercrooks to gather personal information. Sharing something seemingly innocent like your dog’s name, your birthday,  or your mother’s maiden name can give insightful crooks the answers to security questions of your bank account. Put that together with PII and they’re in.

  • Lock down your social profiles. Each social site has security settings so you can have more control over who sees what you share. Use these direct links to update your privacy settings on popular devices and online services.
  • Limit the number of online quizzes you take. Yes, they are popular and fun but these quizzes can gather information about you, your interest, and your life assisting bad guys in creating an online portfolio of user information.

We like the ‘Oversharing on social media’ message aired during Sugar Bowl

In last night’s broadcast of the Sugar Bowl, a showdown of two power-house college football teams in the USA, Allstate Insurance, aired a series of brilliant commercials about the risk of over-sharing on social networks. The social media team at Avast has been preaching this message for a while now, so we were happy to see this clever series of advertisements.

The ads are about a couple who shared on social networks that they were away from their house, actually attending the game. Allstate’s “Mayhem” character took advantage of this knowledge and broke into their unoccupied house, and proceeded to have a “MayhemSale” of all their possessions. “Buy Matt & Shannon’s stuff now at MayhemSale.com,” he announced, then soon after took to Twitter to sell off items one-by-one. I immediately visited the website, but apparently there were so many other interested people, that it kept crashing.

Burglars can easily search Facebook or Twitter for targeted keywords or see who has checked into airport lounges on Foursquare. According to FBI statistics, summertime is the most active for burglaries and oversharing can tip off thieves to your absence. Homeowners should be extra vigilant about protecting their goods.

Our advice – be extremely cautious what you share on social media, and wait until after you are back to share your vacation pictures.