What “back-checks” and social media won’t tell you
By Risk Performance and Technology group
Original, as it appears on FacteurH – http://facteurh.com
Since the “Internet-of-Everything”, cybercrime has literally sprung up and exploded with identity theft.
Even if you and your company have not been the direct victims of a cyberattack, the websites and connected applications that you browse and on which you have created accounts may already have been. You understand that if you use the same or similar password for all of these applications and your personal or business user accounts, one of your online accounts as well as one of your passwords has already been compromised.
Many people clearly use a unique email address and password for their online accounts. The email address used is often the business email and the password is similar to the one used on their work computer. It’s important to grasp the seriousness of the situation, knowing that these practices are totally contrary to good security hygiene and your corporate security policy. I use the term “cyber sieve” to describe these practices.
What are the real impact and consequences of these practices?
I have already talked about the Darknet, the “dregs” of the Web, in a previous article; that is basically where weapons, drugs and child pornography as well as stolen goods are sold. It is not a myth, it is real and beyond what a person has ever seen, been around, or could imagine. When I search the Darknet by roaming incognito the dark lanes of resellers of stolen data, I find a lot (even all) of the businesses with their “cyber sieve” users, their business email address and passwords, and the manner in which they were spoofed or stolen. By using their business emails and passwords everywhere, these users directly and seriously jeopardize corporate security. In addition, cybercriminals will not fail to use this information for social engineering, phishing (even spear-phishing) or targeted cyberattacks.
Do you really want to be the weak link?
Do you want the candidate or executive that you are preparing to hire to be the future “cyber sieve” user?
Warn the future Ashley Madison victim working for you so that your business is not linked to online perversion.
I am aware that this can be violent and shocking for some, but it is the current cyber reality Poor personal online hygiene directly impacts a company. Many employers are already conducting social media searches and back-checks. It’s just the beginning. It’s just scratching the surface of online reality. You don’t want a future employee with extreme morals and convictions posting and publishing on social media? Then you don’t want a “cyber sieve” either.
I can already hear the real false-defenders of private life arguing for the right to privacy and against discriminatory hiring. NO! This so-called private information is no longer private, but actually published, the result of negligence, carelessness, ignorance and the lack of owner action to ensure security. These topics are widely covered in the media today. If you didn’t know about them before, you do now.
What to do? Request Darknet searches, cyber intelligence, etc. Don’t do it yourself because it’s dangerous. Ask a cyber investigative professional. Identify and make your current and future “cyber sieve” users aware of the issues.