Threats to privacy in a digital age– Phishing attack users’ privacy

2022-04-08 LINGFENGWU Uncategorized Comments Off on Threats to privacy in a digital age– Phishing attack users’ privacy

Introduction

We live in a rapidly developing information technology era. The Internet occupies an increasingly important position in people’s lives. Technology has indeed facilitated people’s lives. We don’t need to carry too much cash when we go out; just a thin laptop or a small mobile phone can keep up with the latest news. People can understand the world through the Internet without leaving home. However, with the continuous increase of the value of big data, people’s personal privacy security issues have suffered an unprecedented threat. The New Yorker said in the 1990s “On the Internet, nobody knows you are a dog” (Knowyourmeme, n.d.). At the time, the Internet was foreign to most people. But such a declaration of internet freedom is now unconvincing. Personal information leakage, fraud, and other network security problems emerge in an endless stream, and they are all hidden in our lives. How can people protect their privacy from being leaked in the era of big data? This article will discuss and analyse the characteristics of online privacy and analyse the case of phishing software, which will lead people to think about network security.

 

What is the right to privacy?

Flew (2021) claimed that the concept of the right to privacy originated in an 1890 publication by American scholar Samuel Warren and Judge Louis Brandeis in the Harvard Law Review. The concept of “privacy” is that an individual should be “undisturbed” and not be observed or disturbed by others (Marwick & Boyd, 2018). The right to privacy refers to the right of solitude that citizens enjoy, the right to life safety and personal information to be protected in accordance with the law, and free from illegal intrusion, control, and interference by others. The right to online privacy refers to citizens’ rights in the online environment to the use or disclosure of personal space and personal information (Monti & Wacks, 2019).

 

Characteristics of Internet Privacy

  1. The vulnerability of online privacy.

Threats to online privacy come from many sources. The privacy of netizens is easily violated. Every time people fill out online questionnaires, publish articles and pictures in design media, send emails, etc., they release personal information into cyberspace (Thomson Reuters, n.d.). Websites often prompt users to share personal information to create an emotional connection with their audience (Marwick & Boyd, 2018). When people use and register on the website, they will be asked to fill in the questions such as name, gender, home address, age, contact information, etc. as conditions for online products and services, and these questions will be collected by website personnel (Flew, 2021). The processing of users’ personal information is realized through these terms of service and privacy policy agreements. Users have no right to choose but to provide their information to third parties. In the second part of the digital rights survey, Information and Privacy, 27% of respondents have had their personal information disclosed on a website or platform without their permission;12% had suffered intentional or malicious disclosure of personal information (Goggin et al., 2017). The disclosure of personal data can easily cause irreparable mental and property damage to users.

 

  1. The importance of online privacy for property protection.

Online privacy was limited to the leakage and misappropriation of personal information in the past. But now, with the use of debit cards, credit cards, Alipay and WeChat payments bound to personal mobile phones, the leakage of personal information is also accompanied by the risk of property damage. People’s privacy is gradually becoming transparent and open, which drives some criminals to be lured by money to have the idea of stealing other people’s property.

 

Hackers and phishing software attacks on the enterprise’s database will cause huge data leakage and cause the enterprise to face a crisis of trust of users and loss of property. Weisbaum (2018) reported that the Ponemon Institute conducted an analysis of a large data breach and they interviewed the chief information security officer of a large U.S. bank. The bank’s IT service desk was hit by a spear-phishing attack by hackers, with nearly 40,000 customer information leaked and an estimated repair cost of more than $7 million. Spear phishing refers to using email names that look similar to those of a bank, targeted to specific individuals within a defined organization, and luring out confidential customer information. Repairs for the incident took up to 59 days. From 2020 to 2021, data breaches will increase by as much as 68%, revealing that online privacy breaches are becoming more common (Fowler, 2022).

How is cell phone privacy leaked? — Phishing software “ Mobile Manager Pro” scam

(The image from screenshot)

Phishing is one of the most common fraudulent activities on the Internet. Phishing aims to deceive users and steal important personal information and data intelligence. Victims may be exposed to risks such as information identity leakage, property damage, and theft of trade secrets. Alkhalil, Hewage, Nawaf, & Khan (2021) stated that phishers induce and deceive users into leaking personal information by sending users fake network agency links or emails. Phishers often use automated patterns to imitate or illegally exploit other organizations to trick users into gaining trust and then begin stealing and leaking users’ personal information.

 

We may experience the pop-up advertisement prompt “too much memory on the phone” when we click on the phone and guide us to click to clear the phone junk. But when we click on it, the phone will automatically start downloading the so-called “cleaning software”. With the increase in cleaning and killing software, it is not difficult to find that the running speed of mobile phones has become slower and slower. On the surface, this software appears to be cleaning the system’s memory garbage, but in fact they are stealing user information. According to a report by China Central Television on March 15, 2021, many software will pop up inductive news such as “receive red envelopes”, “watch videos to receive prizes”, and “insufficient mobile phone memory” on mobile phones to attract users to click to enter (Sun, 2021).

 

These mobile phone software will be named by some very safe and professional names, such as: “Mobile Manager Pro”, “Super Cleaner”, “Smart Cleaner”, “Memory Optimizer”, etc. to clean the phone memory The name, but in fact, does not have the cleaning function of the software. Once the user downloads the software, in just a few seconds, the information content on the mobile phone will be read more than 800 times, the user’s location will be read more than 50 times, and the user’s device identification number will be read more than 1,300 times (Sun, 2021). After successfully obtaining user information, these “mobile phone cleaning” software will continuously upload data through the background.

   

 

 

 

 

 

 

 

 

 

(The image from screenshot)

In the face of attractive advertisements issued by these fake applications, young consumers generally can distinguish, but it is difficult for middle-aged and older adults to identify them. They are often attracted and then fall into the trap of cell phone security. A great deal of data is not collected from individuals who actually know and consent. People don’t even know that their information data has been collected by another party (Marwick & Boyd, 2018).

 

Flew (2021) mentioned that business interests could use big data for personal profile analysis. Just like the above example, apps such as “Mobile Manager Pro” constantly steal personal background data, analyze and characterize users as “elderly”, and label them “easy to be misled” (Sun, 2021). Immediately afterwards, various scams and consumption-inducing advertisements will be pushed to the mobile phones of such users.

 

The algorithm performs an automatic statistical classification evaluation of the scattered data signals and then aggregates the allocated data into information elements (Flew, 2021). Algorithms constantly evolve and improve by learning to respond more fully to user and data input. It can be seen that under the operation of the algorithm, the elderly who frequently download phishing software will be automatically classified by the system as “the category of easily deceived people. Therefore, such users will be subject to more frequent advertisement pushes by phishing software.

 

How to protect your privacy from being leaked?

  1. The government improves the privacy system.

The government should improve the rules and regulations of network privacy and formulate clear guidelines for collecting, protecting, and disclosing personal information data so that network privacy can be referenced by law. In 2018, the U.S. Congress reformulated the Confidential Information Protection and Statistical Efficiency Act, one of the most comprehensive privacy laws in the world. The government has made four recommendations over the years: 1) Establish clear rules to help data managers apply. 2) To allow individuals to question the management and use of existing data, individuals can claim their data for accountability. 3) The collector should inform the user in advance of the purpose for which the data will be used before taking the data. 4) Data call permissions should be limited to access only from the security centre, and if there are violations, law enforcement will be enforced (Hart & Fountain, 2020).

 

  1. Strengthen website self-discipline.

Many websites already have policies to protect privacy, such as Facebook’s Standard Privacy Report (Common Sense, 2022a), Instagram’s Standard Privacy Report (Common Sense, 2022b), Twitter Privacy Policy (Twitter, 2022), etc. Each website manager should strengthen the importance of network privacy and formulate strict self-discipline and a system for personal privacy, to protect citizens’ personal information from infringement. At the same time, all websites should abide by the Self-Discipline Convention for Internet Search Engine Services (Creemers, 2012).

 

  1. Recommended measures to protect and enhance citizens’ cybersecurity personal awareness.
  • 1)Users should download the application software on a regular platform. Both iOS and Android systems have their software application stores. The first step for users to beware of being deceived is not to click on the download application interface of the non-official website. The cleaner that comes with the mobile phone system and the computer system can remove unwanted mobile phone junk files and information. Users do not need to download additional cleaning software.
  • 2)Turn on all encryption in the communication device. How to ensure the privacy of mobile phone content? There is an encryption system in both Android and iOS systems. When all encrypted app lock is turned on, all data on the phone, such as photos, chat history, and messages, are all encrypted. Users can click on the settings in their own devices to complete encryption to protect their private information.
  • 3)It is also a good way to protect privacy when turning on the phone’s aeroplane mode and turning off Wi-Fi, Bluetooth, and location services. The continuous signal can be tracked when the user’s mobile phone is turned on. Some unnecessary modes need to be turned off to ensure the near possible reduction of data leakage. An essential function in positioning, turning off positioning will not reveal your location and the route you drive every day. Turning off Bluetooth can prevent the possibility of remote control by others connecting to the phone.

 

Conclusion

Privacy leaks are indeed all around us in this era of rapidly developing big data. Privacy is one of the fundamental rights of citizens. The right to online privacy guarantees citizens the right to protect personal information in the online environment. However, some phishing software imitates well-known and trusted companies to steal people’s information and trick users secretly. Users should beware of messages from such phishing platforms. This paper gives three directions for improvement to ensure that people’s online privacy rights are not violated. The first is that the government should strengthen policy measures; the second is that the management of websites should be standardized; the third, the article recommends some measures for users to protect their network security. Privacy threats are indeed endless, but as long as the legal system of the country and the awareness of individual citizens are parallel, the healthy development of Internet business can go on smoothly.

 

 

Reference

Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: a recent comprehensive study and a new anatomy. Frontiers in Computer Science (Lausanne), 3. https://doi.org/10.3389/fcomp.2021.563060

Common Sense. (2022a). Standard privacy report for Facebook. Retrieved from

https://privacy.commonsense.org/privacy-report/Facebook

Common Sense. (2022b). Standard privacy report for Instagram. Retrieved from

https://privacy.commonsense.org/privacy-report/instagram

Creemers, R. (2012). Self-discipline convention for internet search engine services. Retrieved from

https://digichina.stanford.edu/work/self-discipline-convention-for-internet-search-engine-services/

Flew, T. (2021). Regulating platforms. Cambridge: Polity Press.

Fowler, B. (2022). Data breaches break record in 2021. Retrieved from

https://www.cnet.com/news/privacy/record-number-of-data-breaches-reported-in-2021-new-report-says/

Goggin, G., Vromen, A., Weatherall, K., Martin, F., Adele, W., Sunman, L., & Bailo, F. (2017). Digital Rights in Australia.

Hart, N., & Fountain, J. (2020). How government gets it right on privacy. Retrieved from

https://www.govexec.com/management/2020/01/how-government-gets-it-right-privacy/162658/

Knowyourmeme. (n.d.). On the internet, nobody knows you’re a dog. Retrieved from

https://knowyourmeme.com/memes/on-the-internet-nobody-knows-youre-a-dog

Marwick, A. E., & Boyd, D. (2018). Understanding privacy at the margins: introduction. International Journal of Communication (Online), 1157-1165.

Monti, A., & Wacks, R. (2019). Protecting personal information: the right to privacy reconsidered. London: Bloomsbury Publishing Plc.

Sun, C. (2021). Mobile phone cleaning software induces download, “secretly” collects more than 50 location information within 9 seconds. Retrieved from

https://www.codetd.com/en/article/12770955

Thomson Reuters. (n.d.). Internet privacy laws revealed – how your personal information is protected online. Retrieved from

https://legal.thomsonreuters.com/en/insights/articles/how-your-personal-information-is-protected-online

Twitter. (2022). Twitter privacy policy. Retrieved from

https://twitter.com/en/privacy

Weisbaum, H. (2018, July 31). The total cost of a data breach — including lost business — keeps growing. NBC News. Retrieved from

https://www.nbcnews.com/business/consumer/total-cost-data-breach-including-lost-business-keeps-growing-n895826

 

Image Reference

Webhostingpath [Image] (2022). Ways to protect yourself from the rising rate of cyber crimes amidst the pandemic. Retrieved from https://webhostingpath.com/ways-to-protect-yourself-from-the-rising-rate-of-cyber-crimes-amidst-the-pandemic/

 

 

Related Articles

Online safety laws strengthen defences against online harms
Uncategorized

Online Harms

2022-03-21 YINGYINGLIU Uncategorized Comments Off on Online Harms

The network’s security comes from whether the network system can operate properly through various technical and management measures. Online harm is a threat to information security since the resources of the computer information system are […]