Cyber awareness may seem fairly obvious, but it’s not always. For example, you would never post a photo of your driver’s license on Facebook, right? How about your company ID card? Then there’s that selfie you took at the office. Were you wearing your work badge? Not a good idea. Part of cybersecurity awareness is knowing what not to post.
In our snap-and-share reality, these office security gaffes occur every day. And business identity theft actors scour the web for any bit of information they can steal.
Real-world cases show us it’s easier than you think to get ID card data. Your company’s cybersecurity awareness training should include these threat scenarios in response.
Prime Minister Boarding Pass Incident
In 2020, former Australian Prime Minister Tony Abbott posted an image of his boarding pass on Instagram. A well-known professional hacker got wind of this. Then, without using any special software, they were able to acquire Abbott’s phone number and passport details.
The boarding pass displayed critical information that enabled access to sensitive data. The booking reference number, for example, could open Abbott’s account on Qantas Airways’ web portal.
Next, the hacker simply used the Google Chrome ‘Inspect Element’ tool. This allowed them to see the computer’s internal representation of the Qantas page. From there, Abbott’s passport data was revealed. They were using their cybersecurity skills to alert the government to the problem, but a malicious attacker could have used it for identity theft. Abbott has since taken down his post.
The former Prime Mini ..
Support the originator by clicking the read the rest link below.
