Russian hackers recently stole 1.2 billion internet passwords and alarmed millions of people around the world, but one of the Pentagon’s top cyber-security experts says there are far more sinister online threats and you may be leaving you and your family vulnerable through your activities on the world wide web.
Whether it’s an effort to gain access to bank accounts, steal your identity or lure you into divulging volumes of personal information, criminals are looking to exploit Americans at every turn in a practice known as “catfishing”. But what is it?
“What it essentially means is someone is lying to you in the online domain, whether it’s something innocuous like adding a couple of inches to their height or taking away a few pounds from their weight or whether it’s something much more insidious by someone lying to you about who they are, whether it’s a predator or someone trying to lie to you to get information to steal your identity,” said Tyler Cohen Wood.
Wood is a cyber branch chief at the Defense Intelligence Agency. She is also author of “Catching the Catfishers: Disarm the Online Pretenders, Predators and Perpetrators Who Are Out to Ruin Your Life.” She says there several things that should give you pause about your online connections.
“Some of the red flags are simple things like: If this person you’re talking to won’t Skype with you or have a video conversation, that’s a red flag. If someone will not send you a photograph in real time that’s a red flag too. That could indicate they took a photograph from someone else’s site,” said Wood.
“I also recommend if they do send you a photograph and it’s just one photograph, that you do a Google Image Search so you can determine if that photograph appears on someone else’s Facebook site or any other of their social media,” she said, noting there are other warning signs as well.
“You also want to look at their social media and make sure that the social media makes sense. Make sure that they have friends, that they have regular banter with those friends and they don’t just have a bunch of filler friends and it didn’t look like they just created the social media in one day. Those are just some of the red flags you want to look for,” said Wood.
As you take time to scrutinize the validity of your new cyber friends, Wood says you also want to be very protective of your own personal information.
“You want to not put up personal identifying information. You don’t want to have your address or the exact location of where you work. If someone’s trying to steal your identity, all they need is your birthday, your name and an address that you’ve lived at,” warned Wood.
“I go through in my book how to protect yourself from giving away that information. A lot of times we give away this information without even realizing that we’re doing it by using location services or just self-disclosure of information,” she said.
In addition to the obvious information you shouldn’t be sharing with most people, Wood says there are other “digital crumbs” to avoid for individuals and business owners.
“One of the greatest risks to businesses protecting their intellectual property and corporate IP is the fact that we no longer just sit in an office. We’re always on the go. People use their personal smartphones for business or their tablets. There’s something that I’ve called application permission creep. That’s when the personal applications you use on your phone extend the permissions that they should be allowed,” said Wood, who says there are solid ways to address this problem.
“You can go to the permission settings, regardless of android or iPhone and see what permissions the applications that you use have. You would be surprised. A lot of applications on android will have permissions to view your text messages, your contact list, the things that you’ve stored on the phone. They have full access to sell that data. A lot times contact lists or the things you say in text messages are corporate intellectual property, so I recommend businesses really look at the applications their employees are using on their phones and look at the permissions that those have,” said Wood.
But what should you do if those preventative steps fail and your personal information is compromised or you discover a “catfisher?”
“That’s when you contact authorities. You can also contact the social media site that you’re using because a lot of them have bullying or protection laws so they can help disable the account. But i would definitely capture all the information and contact your local authorities,” said Wood.
She says the teenage daughter of a friends was able to spot a fake romantic interest posing as a 17-year-old boy. When confronted, the person stopped communicating, but Wood says the confrontation spoiled a chance to identify the perpetrator.
“If they had chosen to contact the authorities, the social media site they were using or the (internet service provider), a preservation letter could have been sent and we could have determined who this person was if that was the route they decided to go down,” said Wood.