Selva Orejón and Danilo Gelman participated in C1b3rWall Academy 2021 with a lecture under the title “From OSINT to K.O.”. The objective of this lecture was to learn about the new physical threats and attacks derived from the poor management of our information on the Internet.
Selva is a legal expert specialized in digital identity and reputation. Her company, onBRANDING, has been specializing in online reputation crisis management for celebrities, companies and anonymous citizens for the past 14 years. Meanwhile, Danilo has a degree in journalism and is a security consultant specialized in physical protection and terrorism for private companies and Jewish communities. He has more than 20 years of experience in providing security services to the Jewish community in Latin America.
On many occasions, the information available about us on the Internet has been published without our consent and is within the reach of our potential attackers. With this information, attackers can obtain the profile of a potential victim, their relationships, their routine, their geolocation… thus revealing high-risk daily, nighttime, holiday, etc., locations.
Regarding the victim’s exposure to a risk situation, a scale of four levels is usually defined according to the subject’s exposure on the Internet: critical, high, medium or low. Information on the family environment is very critical; sometimes it is easier to reach a target through his or her environment than through the targeted person.
How to protect yourself: final prevention tips
- Configure privacy settings on social networks.
- Accept requests or only follow people you really know.
- Do not publish personal data (location, address, school…) and do not share it with strangers.
- Beware of sharing geolocation.
- Value the privacy of the information and images you publish, both your own and those of third parties.
- Regularly monitor the information available about yourself.
- Be aware of the harassment reporting tools offered by social networks.
- Protect the camera of your cell phone, computer or tablet.
- Do not open links or files of unknown origin: risk of phishing.
There is no such thing as zero risk; therefore, each company, enterprise or establishment must be aware of the associated risks. To this end, cybersecurity training is essential, the more knowledge we have, the better care we take of our systems and data protection.