Cybercrime and privacy – are you doing your bit?

Man And Data Protection ConceptMaybe I am the canary in the coal mine, but someone has to be.

Ok, this is an observation. I know that Facebook, Twitter, LinkedIn and a myriad of other social media sites are where most people live their lives. We tell people everything about what we do, where we are and what we like. This lets us make new friends, find new job opportunities, and show our old high school classmates how much fun we had in the Bahamas. From our perspective, social media enrich our lives.

From a cybercrime perspective, it is a gold mine of personal information.

In the real world we rely on other people’s honesty. This is how we do business. It is how we relate to others and it is how we socialise. Make a new friend at a party, and unless they give off serial killer vibes, you wouldn’t hesitate to give them your phone number. Accept a new job, and you’d let the HR person photocopy your driver’s licence. Stop by the drugstore, and you hand over your debit card to the clerk without worrying that they’re going to copy down the numbers.

In the real world, this makes sense. Most people have little motive for behaving criminally, and the penalties for doing so are high. And our intuition does a decent job of telling us when to be alarmed. In the digital world this level of trust is not possible.
If I am doing business with someone on the other side of the world, I need to know their motivation for doing business with me. I need to understand what their “buttons” are so that I can sell my widget or my services, but I also need to do this so that I will not get ripped off.

For instance, this may be a case of stereotyping, but if I am doing business with a Nigerian then I am going to be a lot more cautious than I would with someone who is from Japan or Denmark. This is not because of who they are but because of the digital reputation that has preceded them in the last 10 years. When you have little information to go on, you have to use all the data at your disposal—negative and positive. Of course, it doesn’t really matter where someone is from. In the digital world, the absence of good signs (like working for a reputable organization, or having real-world friends in common) should be enough to make you suspicious. If a stranger wants something from you—whether it’s access to your personal profile, or a Western Union money order to claim that Nigerian diamond fortune—there’s a good chance they’re trying to rip you off.

Most of us are less cautious on the internet than we are in real life. It should be the exact opposite. If you can’t see someone face to face and you don’t really know who they are, it’s hard to guess their motives. So unless you can be sure that those motives are honest, assume the worst and protect your money, data and identity.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.