Thursday, 21 November 2024

Social ratings could be another reason why should you not post everything online

The measure of a person’s potential based on past actions, social circle, and the like is called a social rating. A person’s social rating is similar in some ways to the credit rating that banks use when issuing loans, but it can include a far wider range of information. Aside from mistakes caused by imprecise algorithms or imperfect data, systems can also be intentionally hacked. As regards nationwide social ratings, our experts have identified three types of potential attacks.

1. Attacks on data-collecting devices

To accurately assess a person’s rating, the system needs a lot of information about them. It gets this data not only from social networks but also from various appliance-based cameras and sensors — the so-called Internet of Things. These devices are often vulnerable and are repeatedly attacked. 

2. Attacks on software implementation

To assign you a social rating, it is not enough for the system to harvest information about you, it also needs to process and interpret it. The mechanism that handles this may be vulnerable too — both to malware infection attempts and to nonstandard attacks.

3. Attacks on system logic

Lastly, an attacker can identify actions that, if repeated many times, change the rating beyond all recognition — either positively or negatively. For example, by exploiting gaps in the system logic, it might be possible to boost one’s own rating or, conversely, spoil that of a potential victim.

How to tackle it?

Social ratings may not be as fair and unbiased as we would like or suppose. All the same, such systems are already deployed in certain fields and are likely to be introduced more widely over time. Although there’s no way to shield yourself from their flaws completely, it’s worth trying to minimize the risk.

  • Think twice (or thrice) before posting ambiguous photos of yourself or other potentially compromising information on social networks. Some things are best kept private. At the very least, do not make them publicly available.
  • Protect your accounts so that cybercriminals can’t hack and use them against you. Create strong, unique passwords, enable two-factor authentication, and don’t enter login credentials on suspicious sites.
  • Guard your privacy. So that the bank doesn’t refuse you a loan because it knows, for example, that you’re looking for a job, protect yourself against online data harvesting. 

Direct Publication Source: https://www.kaspersky.com/blog/social-ratings-2020/35610/

Comments


You May Like These Too


Get Latest Updates