Some common cyber threats facing the retail industry include ransomware attacks, social engineering, system intrusions and insider threats. The retail sector is often targeted by cybercriminals
Cybercriminals gather personal information about their targets by using social engineering techniques, looking at social media accounts and collecting data that gets leaked from public data breaches. The more personal information a cybercriminal can collect about their target, the easier it is for them to launch cyber attacks that their targets will easily fall for.
Continue reading to learn more about how cybercriminals gather their target’s personal information and how you can keep your data safe.
Why would a cybercriminal want my personal information?
Two reasons a cybercriminal would want your personal information are to steal your identity or money.
Steal your identity
Depending on the type of information a cybercriminal gathers about you, they can use that information to steal your identity. With a stolen identity, cybercriminals can take out loans and credit under your name, use your health insurance benefits and steal your tax return.
Steal your money
If your bank account, debit or credit card information is exposed in a data breach or other means, cybercriminals can use it to steal your money. Cybercriminals are fueled by monetary gain, so it’s one of the first things they’ll attempt to do.
How cybercriminals gather information about their targets
Here are the three most common ways cybercriminals gather information about their targets.
Social engineering
Social engineering is a psychological manipulation technique cybercriminals use to get victims to do something or reveal their private information. Often, when using social engineering, cybercriminals will pretend to be someone the victim knows like a family member or friend so the victim is more likely to provide them with their information.
Social media
Since many people tend to overshare on social media, it’s easier for cybercriminals to find personal information about their targets. For example, by posting a photo on your birthday with the caption saying that it’s your birthday and you’re turning 23, a cybercriminal can figure out your exact birthdate. This is why it’s encouraged to private your social media accounts and only accept friend or follow requests from people you know.
Public data breaches
Public data breaches occur when a company you have an account or service with experiences a breach that exposes customer or employee Personally Identifiable Information (PII). Depending on what information a company was storing about you, the type of information exposed in the breach will vary. When these public data breaches occur, cybercriminals use them to their advantage to gather as much data as they can so they can publish it on the dark web, steal identities and launch targeted cyber attacks.
How to keep your personal information safe from cybercriminals
Now that you know how cybercriminals gather their target’s personal information, here’s how you can keep your data safe.
Use passkeys and strong passwords
The first step in keeping your data safe is securing your online accounts. There are two ways you can do this: use passkeys and create strong passwords. Passkeys are an authentication technology that allows you to log in to an account or app without having to enter a password. Only a few websites and apps support the use of passkeys as a sign-in method currently, but we highly recommend using them over passwords when given the option because they’re more secure. To find out which websites and apps support passkeys, visit our Passkeys Directory. For any accounts where you have to create passwords, make sure they’re strong and aren’t being reused across multiple accounts. The best way to ensure each of your passwords is strong is by using a password generator.
Enable MFA on accounts
Multi-Factor Authentication (MFA) is an important security measure that everyone should enable on their accounts. When MFA is enabled it requires that you provide an additional verification factor in addition to your username and password. Even if a cybercriminal were able to get a hold of your login credentials, MFA would prevent them from compromising your account since they wouldn’t be able to verify your identity.
Set your social media accounts to private
One of the best ways to keep the information you post on social media safe from prying eyes is by limiting who can view your social media accounts. Make sure each of your social media accounts is set to private by going into your account settings. It’s also important to only accept friends or follow requests from people you know and trust.
If you can’t set your social media account to private because you rely on it for work or have a large following, be cautious about what you share. For example, don’t overshare information that could potentially be used against you, such as your current location.
Be wary of phishing attempts
Phishing is a type of social engineering attack that aims to get victims to disclose their sensitive information by pretending to be someone they know or a company they have an account with. It’s important to learn how to spot phishing attempts so you don’t end up falling for one and exposing your personal information. Here are some indicators that an email or text message could be a phishing attempt.
- Your email service provider displays a warning message
- The email or text message contains urgent language
- You’re being urged to click on a link or attachment
- You’re being asked to provide personal information
- Threat of serious consequences if you don’t do what you’re told
Invest in dark web monitoring
Dark web monitoring is when a tool is used to monitor the dark web for your personal information. These tools are designed to notify you as soon as information like login credentials is found on the dark web so you can take immediate action by updating your passwords. Many password managers like Keeper® offer dark web monitoring as an add-on to your password manager plan.
Don’t let your personal information get into the wrong hands
Keeping your personal information safe requires that you take the proper security measures to protect your online accounts and data. It can be difficult to keep track of your data, such as your login credentials, credit card details and important documents, on your own.
A password manager like Keeper helps you create and manage your passwords, as well as your important documents, images and files. When paired with Keeper’s dark web monitoring solution, BreachWatch®, you can ensure that you’ll be notified immediately if your personal information ends up on the dark web so you can take the proper steps to protect yourself.
See how Keeper Password Manager helps you keep your personal information safe by starting a free 30-day trial today.