SAFETY ONLINE | mohsen toorani
STAY SAFE ONLINE: There are many ways to have your personal information compromised and abused online. Luckily, there are ways to stay safe. Photo: Arjun Ahluwalia (art)
HOW TO STAY SAFE ONLINE More and more of our lives are moved online: our money, our personal information and our social life are entrusted to the algorithms and safety measures of companies and institutions. Should we trust them?
W
hat should we be worried about when we go online? "What we should be worried about is fraud and misuse of information, compromised privacy and exploitation of kids", says Mohsen Toorani, postdoctoral fellow at the Department of Informatics at the University of Bergen (UiB). Toorani finished his PhD on security protocols in 2015, and is an expert on crypto graphy and information security. “When you post pictures or share your personal information online, the information might be used to level an attack against you. Sharing location information can provide useful information for anyone that
42
the Uib Magazine.
wants to harm you. For example, posting a photo and location on Facebook or posting your travel plans while you are on a trip will inform burglars that your house is empty or that your family is home alone. That’s probably not a good idea then. Any other safety concerns? “Phishing websites can gather your personal information and misuse it. The number of phishing websites increased by 250 percent between October 2015 and March 2016, according to the Anti-Phishing Working Group data.” “Identity thieves gather personal information from social media websites. Despite benefits, there are risks associated with the
use of social media. There are many ways a hacker might use the avail-able information for bad purposes. Social networking websites are famous for information gathering (intelligence), phishing, fraud, and spamming.” Most people log in to their bank with pass codes and security tokens. How does this work? “User authentication is usually based on a combination of factors: Something a user knows, a password, something a user has, a security token, and something a user is, biometric data. Most often, the authentication is based on two out of these three factors. There is always a trade-off