In recent years hacker attacks have increased exponentially. Some of these episodes have resulted in the theft of personal data of millions of social network users and other sites that required registration. In other cases, however, it was targeted attacks, to take possession of personal data of specific people or to enter their computers and their mobile devices.
According to the well-known computer security company Kaspersky, the vast majority of targeted attacks start from a phishing mail . This means that hackers have managed to get hold of some user data and used them for a more complex and profitable attack on them. But how do hackers steal the data ? Kaspersky himself did an experiment: he tried to replicate all the possible ways in which a hacker can obtain information about us starting from an anonymous photo, a name and surname or an email address and telephone number.
How to find out a person’s name from a photo
When a hacker has only one photo available, his search starts uphill. There are sites like FindFace that can recover a person’s social identity if we provide him with several shots to process. Once it was a free tool and open to the public, now the company prefers to sell its technology only to governments and large companies. A hacker could also use Google, but with very few results because the search for images does not shine for accuracy and can only find the photos posted on websites and not those posted on social networks.
How to find a person with name and surname
Having the name and surname available, however, the hacker’s mission begins to be simpler. Unless the user has a very common name and surname, like Mario Rossi. With these two data it is often possible to find at least one more or less public social profile of the user, from which extrapolate other useful information to continue the attack.
How to find a person with email
With email and phone number an attacker can use services like Pipl, which collects information from different social networks and creates almost complete profiles with everything on the web about that person. If the username of the personal email box is then the same as that of the company, an attacker could use programs like Namechk or Knowem that automatically track an account created with hundreds of different services including: Facebook, Blogger, Ebay, WordPress, Pinterest and many others. Therefore, starting from a company email address, you can easily reach a personal profile.
What to do to avoid identity theft
To avoid the risk of hackers stealing data, Kaspersky reiterates some basic advice:
Do not register on social networks with e-mail addresses or phone numbers that are then made public
Do not use the same photo on personal and work profiles
Use different names to prevent one profile from leading to another and so on
Do not make life easier for cybercriminals by posting unnecessary information about you on social networks