Audience
Attendees
Number of facilitators
Level
Preparation
Activity
Description
This complements the exercise on digital identity and personal data. We will give a precise definition of hacking, develop awareness of dangers that can exist online and give some advice on how to protect ourselves.
Objectives
N/A
Worked skills
N/A
Prerequisites for the audience
N/A
Equipment
N/A
Content used
N/A
What is hacking?
Hacking is a practice used by certain programmers to steal and exchange personal data illegally. Hackers use all means available to steal passwords, bank account details, etc.
Leaving too many detectible traces multiplies the risks of becoming victims of cybercrime and identity theft. Indeed, in recent years, hackers have developed many ways to appropriate personal data left by users online:
- Viruses: often hidden in email attachments, they often either attack your hard drive or cause you to receive a multitude of illicit advertisements and false messaging.
- Phishing: for example, a mail from your bank encouraging you to connect to your account. These are actually false sites that appear identical to the real thing in order to trick you into handing over your account information.
- Pharming: hackers sometimes manage to take advantage of weaknesses in certain websites to redirect their traffic to a replica, thereby being able to appropriate large amounts of user data. This remains a rare occurrence.
How can we protect ourselves from hacking?
We recommend you have a look at personal data and digital identity which explains how to protect our personal data and how not protect ourselves from cybercrime.
Cyberattacks are becoming more common, not only against individuals but also against big corporations, platforms and organisations. There are many available tools to combat this. Companies want reassurance, but hackers regularly manage to affect their operations, managing to access databases containing thousands if not millions of data: names, addresses, bank account details, etc. These massive information breaches lead to many consequences, including phishing campaigns, identity theft or account takeovers. While some companies who fall victim to data breaches will warn the individual victims, others many tend to keep quiet, in which case the information comes out independently at a later point (as in the case of the Facebook-Cambridge Analytica data breach scandal) or never comes out at all.
Here are some examples of tools that can help to prevent such attacks.
The website Have i been pwned or the tool Firefox monitor serve a similar useful function in that they make public all sites that have been hacked and whose information has been leaked. Users can therefore reassure themselves that their email addresses have not been part of the list of potentially compromised data.
Going to Have i been pwned, enter your email address and click ‘pwned?’
Or write your password.
→ Here the result is bad. If you haven’t done this already, it should now be urgent to verify your accounts and change your password. The website will specify the affected site, the date of the breach and the kind of data that has been compromised.
→ In the below case, there’s no problem: your accounts are secure.
Going further
The website staysafeonline contains a lot of resources on cybercrime activity as well as advice on how to stay alert and protect ourselves.