Sharing Personal Information Online
Perpetuity recently completed a piece of work for ALLOW, the London based information privacy company. In this small scale study, we spoke to an exoffender, with experience of exploiting personal information from online sources to commit fraud, in order to understand how personal information can be acquired from different sources, what types of information are desired and how they are used.
We found that fraudsters can use a range of sites to gather information about individuals, including 192. com, Facebook and LinkedIn. They can make use of information such as names, addresses, phone numbers, email addresses, work history, education history and photographs in order to defraud people. They can get hold of this information by creating fake profiles, paying for information from online databases, getting clues from information shared online and hacking in to emails. It was also notable that some of this information can be obtained because of common mistakes that people make, such as accepting friend requests from people they don’t know, oversharing information, not using privacy settings and giving out sensitive information by phone.
The findings suggest that by sharing personal information online, individuals can present opportunities for fraudsters to exploit and misuse that information, and that more awareness and understanding is needed among the public about the risks and what action they can take to protect their personal information.
You can listen to Martin Gill (Director, Perpetuity) and Justin Basini (CEO, Allow) discussing this research on BBC Radio Leicester here: