Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Provocative headline, isn’t it? Well, yes, but stay with me for a bit. Let me explain why lying online may be a good thing.

    If you’re not worried about data breaches yet, you ought to be. It seems that data loss issues have been cropping up left and right. In an ideal world, sites and institutions would do a much better job of securing our data. However, we’re not yet in that ideal world so we just have to deal with the consequences.

    Unfortunately, the advice that’s normally given tends to amount to “be careful about what you were already doing.” The truth is that once your data has been stolen, it’s out in the wild for online crooks to play with. You may not suffer immediate problems—not unless your financial information was leaked—but I’d still rather not have my email address in an online gang’s address book.

    The bottom line is that everyone online—that means you and me, reader—has to be responsible for their data. Too many sites ask for too much information, which you may not want them to know. Does a message board really need to know how much money you earn, what industry you work for, or when your birthday is?

    The question then is when should you give out real information? If something involves money (i.e., buying or selling something), it’s not a time to lie. If it involves the government or any other group where there would be real consequences to giving out the wrong information—”lying,” as it were—don’t.  If it’s something much less important though like joining a message board, you may want to consider “lying”—or giving out false information. Why not? Your real information is too valuable for you to hand over too casually, especially since this can be used for marketing or advertising purposes.

    One instance where you really don’t want to give out real information has to do with providing password recovery questions that many popular sites use. Some sites force you to pick from preselected questions like “what is the name of your pet?”  Unfortunately, information like that is likely to end up on social networking sites. In fact, this very technique was used to break into former Alaska governor Sarah Palin’s Yahoo! email at the height of the 2008 U.S. presidential campaign.

    It might be better, instead, to create an emergency password, preferably as random as possible, that you store somewhere safe like a drawer. Use this emergency password as the answer to the password recovery question. This would ensure that the “right” answer to your recovery question is never online and can’t be found by search engines.

    Here are a few more tips on when and where to give up your data online:

    • Cybercriminals can’t steal what you don’t give a website so if it’s marked “optional”—as these fields sometimes are—don’t give out the information.
    • Before giving your data up, consider if what you’re getting in exchange is really worth it.
    • If it is worth it, consider if you need to give up your full (and truthful) personal information. Consider giving up made-up personal information instead.
    • If money is involved, be especially careful about giving out your data.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice