Personal information mainly includes the following categories:
1. Basic information, including personal basic information such as name, gender, age, ID number, phone number, email address, and home address. Sometimes, it may also include relatively private personal basic information such as marriage, faith, occupation, work unit, income, medical history, and childbirth.
2. Device information, mainly referring to the basic information of various computer terminal devices (including mobile and fixed terminals) used, such as location information, Wifi list information, Mac address, CPU information, memory information, SD card information, operating system version, etc.
3. Account information, mainly including online banking accounts, third-party payment accounts, social media accounts, and important email accounts.
4. Private information, mainly including address book information, call records, SMS records, IM application chat records, personal videos, photos, etc.
5. Social relationship information, mainly including friend relationships, family member information, work unit information, etc.
6. Online behavior information, mainly referring to online behavior records, various activities on the Internet, such as online time, online location, input records, chatting and making friends, website browsing behavior, online gaming behavior, account registration behavior, etc.
With the popularity of Internet applications and people's dependence on the Internet, Internet security issues have become increasingly prominent. Malware, various phishing and fraud techniques continue to grow at a rapid pace. At the same time, hacker attacks and large-scale personal information technology thefts frequently occur, accompanied by a significant increase in various cyber attacks. This has led to the constant increase in personal information theft and property losses for a large number of netizens.
Currently, the "black hole door" of information security has reached alarming levels. Website attacks and technological theft are developing towards a more massive, large-scale direction. User privacy and rights have been violated, and especially some important data have even flowed to other countries. Information security threats have risen to the level of national security, not only for individuals and enterprises.
According to data collected from a vulnerability response platform, known vulnerabilities on this platform alone have resulted in the leakage of 2.36 billion pieces of private information, including personal privacy information, account passwords, bank card information, and business confidential information. The main sources of data leakage are Internet websites, games, and government systems that have collected a large amount of identity information. According to public information, since 2011, the privacy information of 1.127 billion users has been leaked.
"This data means that almost every person who uses the Internet may have had their information stolen or even used without realizing it."
As the information age arrives, many enterprises need a large number of mobile phone numbers to carry out advertising business. Some IT personnel use technical means to steal large amounts of personal information from the Internet and databases, such as computer viruses and Trojans. They sell this information to enterprises or salespeople, who use it for advertising and business development, like a telephone directory. There is no need to pass it on or discard it. Hackers and insiders are actually the same kind of people, namely, some technical personnel, whose behavior is similar to that of spies, and the analogy is quite vivid. This has been the case since the 2000s, but because ordinary people usually have a relatively shallow understanding of the problem, or some people have ulterior motives, they make a big deal out of it or take things out of context, causing misunderstandings among the public and fabricating stories.
PC infections, website vulnerabilities, and mobile phone vulnerabilities are among the major ways personal information is leaked.
A computer infected with viruses, Trojan horses, and other malware can lead to personal information leaks.
While enjoying the convenience and fast functions provided by the Internet, netizens unwittingly infect themselves with viruses, Trojan horses, and other malware, causing the leakage of personal privacy and important information. For example, being fooled by fake websites.
Personal information can be leaked through several channels on mobile phones. These mainly include:
Mobile phone infected with Trojan horse viruses;
Using a hacker's phishing Wi-Fi, or home Wi-Fi being used without permission or router being monitored;
Mobile cloud service account being stolen (weak passwords, account collision or service provider vulnerabilities, etc.);
App vendors with privacy permissions are hacked;
Accessing phishing websites through fake base stations, SMS, etc., resulting in the leakage of important account passwords;
Using malicious charging devices, and other hacking attacks;
Hackers listening to SMS messages through GSM networks.
Attackers exploit website vulnerabilities to invade databases that store information.
From the perspective of website security practices since 2014, website attacks and vulnerability exploitation are developing towards bulk and scale. Website security directly relates to large amounts of personal information, trade secrets, property security, and other data. After technical personnel invade a website, they generally tamper with the website content, embed black words and black links. Secondly, they embed a backdoor program to control the website or website server; thirdly, they use other methods to obtain administrator privileges, and then control the website or carry out database extraction. Since 2011, a total of 1.12167 billion user information data has been leaked due to website breaches and account collisions.
Since the leak of confidential information on CSDN, the largest IT technology community in China, in 2011, there have been continuous incidents of website hacking and data breaches. In 2014, there was an unprecedented peak in hacking attacks. Many well-known domestic websites, including Wumi (formerly Secret), Dianping.com, Sohu, Anzhi.com, Autohome.com, Sogou, and Evernote, were attacked, leading to the leak of a large amount of personal information of users.
From the information leaks of 12306 and Ctrip, to the recent disclosure of security vulnerabilities in Hikvision monitoring equipment by the Jiangsu Provincial Public Security Department... all indications show that network information security protection has become a pressing issue for China, which is vigorously developing its information and Internet economy.
Example 1: "Qiong Girl" Yu Xiaofan was cheated out of 8 million yuan. On December 18, 2013, Yu Xiaofan received a fraudulent phone call claiming to be from the "Shanghai Public Security Bureau", accusing her of being involved in a fraud case and requiring her to transfer her savings to a designated account for supervision. Yu Xiaofan immediately complied and transferred the money six times via the internet, totaling a staggering 8 million yuan.
Example 2: Tang Wei fell victim to telecommunications fraud and was cheated out of more than 210,000 yuan by a suspect. Tang Wei has since reported the case to the Songjiang police, and the police are currently investigating. The Songjiang Public Security Bureau did receive a phone call from Tang Wei claiming that she was "defrauded of more than 210,000 yuan by telecommunications fraud", and they have intervened in the investigation.
It is recommended to install security software on mobile phones and computers, scan for Trojan programs at least once a day, and especially before using important account passwords. Conduct virus scans and updates on security software regularly at least once a week.
Do not install software from unknown sources, and do not modify system files in smartphones. Set strong and highly confidential passwords, and it is best to use different passwords for different websites. When leaving a phone number on the internet, use "-" to separate the numbers to avoid being easily searchable by search engines. Personal documents containing personal information, such as ID cards and household registration books, must be kept safe.
1. Endless streams of spam messages: This is already very common. The latest news is that using the community messaging system, the base station can act as a sending center and send text messages to mobile users within the base station coverage area. This messaging system can send 15,000 messages every ten minutes.
2. Continuous harassment calls: Phone numbers that were originally only known to friends, classmates, or relatives are often called by strangers, selling insurance, decoration services, or baby products. If you don't seek them out, they will find you. You may still wonder how they know your phone number, but your information has been sold countless times.
3. Overwhelming junk emails: After personal information is leaked, your email can receive dozens of junk emails every day, mainly for sales, and they are also all sorts of random and uncreative advertisements. Therefore, many users' first task every day is to delete junk mail, enviously wishing for the heavy fines for junk mail in foreign countries, where one can be fined more than 100 dollars for a single spam email.
4. Fake identity card for overdraft and debt: Someone may buy your personal information and use it to apply for credit from banks online. They may obtain various types of credit cards from the bank, maliciously overdrafting and spending, and the bank may directly send the debt collection letter to the owner of the identity card. Isn't it despicable that someone spends your money under your name and leaves you with the debt to pay?
5. Incidents and accidents suddenly happen: Someone may use your personal information to obtain a fake identity and commit crimes. If there is any case or accident, the public security or traffic management department may find you based on your identity information. You may think, "What does this have to do with me?" However, these incident and accident-related troubles will come, and even if you are innocent, they will exhaust you.
6. Pretending to be someone else and requesting money transfers: Someone may impersonate someone else, provide your personal information, and then warn you that there have been frequent fraud cases. They ask you to transfer money and tell you a public security consultation hotline number. When you call that number, you will receive confirmation, and then you will believe and transfer the money. Although not many people fall for this, it is heard of from time to time.
7. Money disappears from accounts: Some people's biggest obstacle to online shopping is the fear of information leakage. Some illegal elements will obtain your identity card and then report your bank or credit card account as lost. Then they will reapply for a new card, set up a new password, and if you don't use the card for a long time, the money inside may have disappeared.
8. Personal reputation is unfoundedly damaged: After personal information is leaked, anything that happens is related to you. It is already said that "good news doesn't go beyond the door, and bad news spreads thousands of miles." All the bad things done in your name by others will be attributed to you. Even if you finally clear your name with great effort, your personal reputation has still been damaged, and at least it won't improve your reputation.
The harm caused by personal information leakage is significant. The above is not alarmist talk. Network companies, telecommunications operators, SPs, real estate, property management companies, medical institutions, etc., are the units that should pay special attention.