A few days ago, Santosh Patil, a friend, received a call from a person who said he was calling from a courier company. He was told there was a parcel for him from a well-known jeweller, but he needed to rectify an error in the delivery address. Santosh was about to do that when he realised he had not bought any jewellery, nor was he expecting any courier from anyone, let alone the jewellery shop. So, he disconnected the call. Narrating the incident, he told me that the caller had his correct name, mobile number and address and asked how this was even possible.
Well, it is no secret. We encounter several service-providers daily, such as couriers and delivery persons. We readily share our mobile numbers with delivery persons or shoppers or use a unified payment interface (UPI) to pay for purchases. What many of us fail to understand is that we are leaving a data trail each time which may end up in the hands of fraudsters.
I am most uncomfortable with courier or delivery persons asking me for my mobile number while signing on the delivery receipt—but this has become a standard practice and they often refuse delivery if you do not provide your number. When my mobile number is already recorded while booking the courier, why does the delivery person need me to write down my mobile number? This only acts as a confirmation of my name, address and mobile number and the information can easily be sold to fraudsters.
Further, every online service-provider asks for your mobile number or email ID, even when logging in. From social media interactions to online banking and streaming services to e-commerce, the internet has become integral to our daily routines. Yet, this convenience comes with risks. As our digital footprint expands, so do the opportunities for cybercriminals to invade our privacy and exploit our data.
Remember, “data is the new oil"—a resource as valuable as it is dangerous when mishandled. Every time you log into an account, make an online purchase, or even click on a link, your personal information is at risk of being harvested. Cybercriminals, hackers and even legitimate corporations are eager to collect and exploit this data for financial gain, espionage, or simply to manipulate user behaviour.
Ever-expanding social media have now progressed to sophisticated social engineering scams. Responding to a simple message like "Hi Yogesh, how are you?" from an unknown number on WhatsApp, Telegram, or SMS provides fraudsters with a confirmation of your name and mobile number.
Amidst these scenarios, it becomes most important to protect our personal data and privacy from unwanted intruders. Before understanding how to do that, let us first understand how your data is exploited online.
Social Engineering: Social engineering attacks target the human element rather than exploiting software vulnerabilities, manipulating individuals into divulging confidential information. Attackers may impersonate someone you trust, tricking you into revealing sensitive data.
Phishing Attacks: Phishing remains one of the most common types of cyberattacks. Hackers pose as legitimate entities, often through email or social media, tricking users into sharing sensitive information like passwords, credit card numbers, bank account details and Aadhaar or PAN numbers.
Data Breaches: Large companies and organisations, including banks and social media platforms, hold vast amounts of personal data. When these systems are compromised, your information, from credit card numbers to Aadhaar details, can be exposed and sold on the dark web.
Ransomware: Ransomware is malicious software that locks you out of your system or encrypts your data, demanding a ransom for its release. However, remember, even if you pay, there is no guarantee your files will be recovered and paying ransom once encourages more attacks.
Spyware, Keyloggers and Sharing Apps: These malicious programs monitor your digital activity, capturing information such as passwords, browsing habits and private messages.
Data privacy is not just about keeping secrets but about maintaining control over your life. When cybercriminals gain access to your personal information, they can steal your identity, invade your privacy and exploit your finances.
Hackers or criminals can use your data to impersonate you, commit fraud, and open accounts in your name. This can wreck your credit score and take years to recover from. For example, media reports revealed how several fraudsters have exploited and manipulated the Aadhaar details of women to receive into their accounts the Rs1,500 per month money doled out by the Maharashtra government under the Ladki Bahin (dear sister) scheme.
In fact, almost every day, there is a report about criminals creating fake Aadhaars or manipulating existing Aadhaar details. The initial promise of weeding out counterfeit claimants of government subsidies and entitlements through Aadhaar is also completely broken.Invade your Privacy: Sensitive information-
Invade Your Privacy: Sensitive Information such as private messages, browsing habits and even location data can be sold to third parties, often leading to unsolicited ads, surveillance or threats.
Exploit Your Finances: Access to your financial details can lead to drained bank accounts, unauthorised purchases, or fraudulent loans.
In these circumstances, protecting your data will help preserve your autonomy and financial security and give you much-needed peace of mind. As I keep saying, there is no 100% guaranteed solution for issues in cyberspace.
Here are a few suggestions that will help you protect your data from falling into the hands of fraudsters and criminals.
1. Use strong, unique passwords: Passwords are your first line of defence against cyber intrusions. Unfortunately, weak passwords are still a common cause of breaches. To protect yourself, create strong and robust passwords that are difficult to crack for hackers but easy to remember for you. Use a combination of letters (upper and lower case), numbers and special characters. Avoid obvious choices like 'password123' or birthdays.
2. Enable multi-factor authentication (MFA): Multi-factor authentication adds an extra layer of security by requiring two forms of identification: something you know (password) and something you have (a phone or authentication app). This drastically reduces the chances of unauthorised access.
3. Be wary of phishing scams: As one of the most common forms of cyberattack, phishing preys on human vulnerability. To avoid falling victim, be suspicious of unsolicited emails or messages asking for sensitive information, even if they appear to come from trusted sources. Always verify the sender's identity and the legitimacy of their request. Hover over links before clicking to see where they lead. If something feels off, don't engage.
Many security tools offer phishing detection features that can block malicious sites or emails.
4. Encrypt Your Data: Encryption scrambles your data, making it unreadable to unauthorised users. Even if hackers access your files, encryption ensures they cannot make sense of the information.
If you are storing sensitive documents on your device, make sure they are encrypted using software like VeraCrypt or BitLocker.
5. Limit Data Sharing on Social Media: Social media is a goldmine for cybercriminals seeking personal information. While sharing updates and photos with friends is tempting, be mindful of what you reveal. Ensure that your social media profiles are private and be selective about who can view your posts and personal information. Also, avoid sharing sensitive information. Never share details like your home address, phone number, or travel plans on social media.
6. Use a virtual private network (VPN): When you connect to public Wi-Fi networks, you are vulnerable to attacks. A VPN encrypts your internet connection, protecting your online activity from prying eyes, even on unsecured networks. However, make sure to use a good and reputed VPN service-provider. Instead of a free one, opt for a paid VPN service that comes with strong privacy policies and does not become a bottleneck for data speeds.
7. Monitor Your Accounts for Suspicious Activity: Keeping an eye on your financial accounts, email and social media can help you detect suspicious activity early.
Many service-providers, like Gmail for example, offer alerts for unusual activity, such as logins from unrecognised devices or large transactions. Use these alert services. Also, monitor your credit report, which can help you spot identity theft before it spirals out of control.
8. Always Back up Your Data: In case of a ransomware attack or other data loss, having a secure backup ensures you do not lose valuable information.
You can store your data in multiple locations, such as on external hard drives and secure cloud services. Make sure your backups are encrypted.
Your data is constantly under siege from cybercriminals, corporations and even governments. However, by taking proactive steps—such as using strong passwords, encrypting data, and practising vigilance online—you can significantly reduce the risk of falling victim to a cyberattack. The digital world may be fraught with dangers, but you can reclaim control over your data and protect your privacy with the right tools and habits.
Remember, your digital security is not a one-time effort but an ongoing process of education and vigilance.
Stay Informed, Stay Alert, and Stay Safe!
We all the time hear of dangers of Aadhar.
But a thought - Aadhar can help identify unclaimed / unidentified bodies - it is a wonderful tool we have now. It can be used for social good. Please consider writing an article on it - will initiate social discussion, and possibly force Government to bring an amendment for this usage without bureaucractic procedures.
Over the years, one has observed that reports touting the 'benefits' of Aadhaar appear in the media, curiously coinciding with court hearing dates. The most popular of these are the lost-and-found stories.
The Aadhaar-successes are no different. The biometrics in the Aadhaar apparently help the authorities re-unite lost family members. But is this really happening? And is Aadhaar the magic tool that will put an end to Bollywood’s favourite story line of siblings lost and separated on trains, or fairs or parted from their parents, because a quick scan in an Aadhaar database will find anybody anywhere? The truth is vastly different.
UIDAI repeatedly told the Courts that it can only provide a 'Yes' or 'No' answer to any query on Aadhaar. It also stated that all biometrics and demographic information of Aadhaar holders is never shared with anyone. UIDAI even went up to the Supreme Court to oppose efforts by the Central Bureau of Investigation (CBI) to seek access to its biometric database for investigation in a criminal case. Under these circumstances, how anyone can claim that a ‘lost’ person was united with his/her family by using Aadhaar?
https://www.moneylife.in/article/aadhaar-the-big-fat-lie-of-uidais-missing-person-found-propaganda/54544.html