Blogging can Affect Your Security

However, simply writing on various personal issues can impact on users' security and can expose them to extra security risks related not only to privacy, but also to identity theft and account balance.

Many bloggers have abundantly written on topics such as favorite music or movie artists, love, hobbies and other various topics that apparently can hardly pose any risk. It's extremely easy to write on such topics, or to share different experiences with readers, but at the same time, bloggers might expose enough data for malicious persons to carry out a successful phishing or vishing (the phone equivalent of phishing) attack.

In order to better explain these risks, let's take into account the following scenario:  a blogger buys himself / herself a new, more efficient & intelligent mobile phone. It can open PDF documents, it has Wi-Fi connectivity (or at least, it can connect via GPRS to a blog, in order for its owner to fuel it with new material while travelling). Suddenly, the above-mentioned blogger feels the urge to brag about it on the blog in a more personal manner.

"I have just purchased a new mobile phone in order to do some on-the-fly posting with the newest things that come across my life. I got my new [brand-goes-here] yesterday from [mobile company]'s shop. You would not believe how excited I am. I'm the coolest of you all".

Next on, imagine that the post above ends up read by the wrong person, who then calls the blogger back impersonating one of the [mobile company]'s employees. Bloggers who have registered their own domain names usually have their phone number listed in the registrar's database.

"Hi there, sir! I am [name] of [mobile company], and I'd like to ask you a couple of questions about your [brand-name] handset you purchased yesterday from [shop]. But first, I'd like you to confirm your identity. Please state your SSN, birth date and address".

This is only one of the scenarios that can lead to massive identity theft.  As a rule, the more you say about yourself, the easier for the attacker to guess other details. Talking about favorite food, actors and day-to-day activities may be a good starting point for attackers to guess the e-mail password, or to fill in the necessary info to recover the allegedly lost password from one's mail account.

Installing and activating a good anti-malware security suite is one of the first steps to follow in order to protect one's online identity. Some security products come with antiphishing protection that alerts the user if the site they are about to visit is illegitimate or might pose a security threat. Bloggers are advised to keep their posts free of excessively personal information, because everything they say can and will be used by attackers to trap them.