Potential implications of sharing personal information online
Personal information is shared by millions of internet users daily and is usually managed safely and effectively by legitimate online entities. That said, personal information can be misused if it is disclosed in online environments that are not secure. Protecting personal information is each user’s responsibility.
Personal information may be used appropriately by a range of legitimate businesses, but if not adequately protected it may also be used by criminal organisations or misused by marketers. Disclosure of personal information also impacts on a user’s digital reputation.
Marketers use personal information to target advertising and promotions to specific age groups, interests or geographic areas. This may be appropriate if individuals are interested in being informed about goods and services, but is a potential annoyance if marketers send unsolicited marketing information or spam through email or SMS.
Criminal use of personal information is also a concern. Criminals can piece together specific pieces of personal information to construct the identity of a person. This identity can then be used to apply for credit cards, utility services (like mobile phone contracts) and to commit fraud.
All online activities are recorded as part of individuals’ ‘digital footprints’ and impact upon their digital or online reputation. More information about digital reputations is provided in the Digital reputations section of this Common cybersafety issue.
Spam
If email addresses or mobile telephone numbers are provided online they may be subject to spam.
Spam is an unsolicited electronic email, SMS, MMS or instant message communication otherwise known as electronic ‘junk mail’. Under the Spam Act 2003 it is illegal to send or cause to be sent unsolicited commercial electronic messages in Australia.
Spam now makes up the majority of email traffic. Billions of unwanted spam messages clog up the internet, disrupt email delivery, reduce productivity and irritate users.
The content of spam messages varies. Some messages promote products or services, while others attempt to trick users into providing bank account or credit card details. Many spam messages contain offensive or fraudulent material, and some spread computer viruses.
Back to top
Cookies
A cookie is a web browser tool which stores information related to web browsing activity and then reports this back to the website that created the cookie. Cookies are intended to allow websites to remember a user and save personal settings. Personal information such as banking details may be collected and shared via the cookie. It is good practice to delete cookies on a regular basis.
Back to top
Fraud and identity theft
Internet-based fraud or deception is organised and designed to use the anonymity of the internet to steal information and resources from consumers and corporations for financial gain. Simple fraud scams seek to obtain money or resources directly from targets, while others seek to gain personal information from targets that will be misused to obtain money, resources or information by deceptive means.
Identity theft is a specific type of fraud, which involves stealing money or gaining other benefits by pretending to be someone else. Identity theft can be devastating—both financially and emotionally. It can occur in many ways—from somebody using credit card details illegally to make purchases, to having a person’s entire identity assumed by another to open bank accounts, take out loans and conduct illegal business under that name.
Sophisticated information gathering tools such as malware and spyware enable perpetrators of fraud to gather personal information about targets without their knowledge. Malware, or ‘malicious software’, collects sensitive user information, such as banking details, and sends it back to people who use it to carry out fraud. This all happens without the target’s knowledge.
Spyware is the generic term for computer code that is installed on a computer—typically without the user's knowledge—in order to send information about that user back to a third party. Spyware is not always related to scams or spamming. The most harmless type of spyware simply assists websites to track the visiting patterns of a user. The Protecting computers: e-security Common cybersafety issue provides information about how to protect your computer or server against spyware or malware.
Back to top
Scams
Internet-based scams are often sent via email but can be sent by instant messaging, SMS (text messages) and MMS (image-based mobile phone messaging).
According to SCAMwatch, anyone can fall victim to a scam. Scams succeed because they look like the real thing and scammers manipulate people into responding. Scams can appear to come from authoritative sources, like a well-known bank or telecommunications provider. They may make people fearful that they will miss out on a special offer, or feel ashamed of themselves for denying assistance to an individual or group in need.
Scams come in many guises. Some of the more common scams include:
-
Lottery scam
The scammer claims the recipient has won something substantial, such as a large sum of money or a great prize, and asks them to pay a small fee to claim. Unexpected fees then continue to arise.
-
Phishing scam
Phishing emails are sent from falsified or spoofed email addresses. Many phishing emails claim to be from a well-known bank, financial institution or telecommunications or internet service provider. These emails can direct recipients to a website that looks like the real website of a retailer or financial institution or can ask for confirmation of usernames and passwords. Phishing emails are designed to allow the scammer access to the victim’s financial details such as credit card numbers, account names and passwords or other personal information.
-
Advance Fee (or ‘Nigerian 419’) scams
These scams offer to pay the recipient a considerable sum of money to assist in transferring millions of dollars out of a foreign country for various legitimate sounding reasons. Similar to lottery scams, unexpected fees arise that must be paid before the money can be transferred.
-
Mule scam
Criminals contact prospective victims with attractive job vacancy adverts claiming to provide high pay for limited work. The job often involves transferring sums of money between accounts. This is money laundering and the recipient themselves may ultimately face criminal charges.
More information about how to protect computers from compromise by viruses and other malicious online programs is available within the Protecting computers: e-security Common cybersafety issue.
Back to top