Hey Friends,

This week I have been teaching one of my favourite topics 'Social Engineering'. If you are not familiar with the topic, social engineering is the act of abusing human psychology to take advantage of a persons natural tendencies and emotional reactions in order to trick then into making security mistakes or giving away sensitive information.

As part of the series we also explored open source intelligence (OSINT) which is a method often used by hackers to collect information from public sources in order to build a detailed profile about a victim.

While it can be quite concerning to learn how easily hackers can find information about us, the good news is, we can use the same techniques to hunt down our digital footprints and secure or remove old accounts we have forgotten about.

A good place to start is to search for old social media accounts we have left dormant, with potentially sensitive information, and weak or reused passwords. There are several websites we can use to do this (here, here), the best of which is NameChk which will return a list of all platforms where our specified username has been registered. It is worth noting that some returned results will be false positives, either other peoples accounts (using the same username) or links to accounts that have already been terminated and no longer exist. These can all be ignored.

Once you have a list of old accounts which you no longer use, I suggest the following strategy:

• Login and change the password to a new, strong, unique password stored in your password manager (see article)
• Download any data you wish to keep e.g. photographs
• Delete all data from the account, and where possible change the personal information to some kind of alias or pseudonym. This is a grey area, but is generally fine, as long as within the intrinsic nature of the alias there is no false or misleading information, mentioned or implied, meant to defraud someone.
• Upload some garbage data e.g. random photographs or posts (this step is optional)
• Finally, leave this account running for a few weeks to allow google to update its servers, and then request to fully delete the account.

While this strategy might sound a lot of work, especially if you have a lot of old accounts, it is the best way to remove old footprints and take back control of your online presence.

If you have any questions, please drop me an email!

Take Care

Chris

PS: If you think someone you know might benefit from joining this conversation, please forward them this email. Or has someone already forwarded this email to you? If so, Subscribe here

Things I've found interesting this week

\\ One Link: Need a new guard dog ? I think I will stick with my puppy !

\\ Two Link: Carrying on from the last link, time for a bit of nostalgia

\\ Three Link: AI starting to get a little creepy. I actually saw a link to an article on LinkedIn about a Social Media Influencer who turned out to be an AI generated fake. It had over 1 million followers - really people ? (sorry can't find the link)

Favourite Quote

A dog has four feet, but it doesn’t try to walk down four roads!

The message here is the standard strategy we often use when we get busy is to take on more… to do two, three, or four things at once, whereas the better strategy might be to slow down, and take one job at a time.

Previous emails

If you have missed my previous emails, catch up here