Hackers want to get to know you better — and it is not because they want to be your friend. Besides seeking basic information about you (e.g., name, email address, birthdate), they want to get details about your life, such as where you live and work, your hobbies, your pets’ names, and the names and birthdates of your family members.
Sometimes, cybercriminals get personal information by hacking into organizations’ sites. Other times, they do not have to work that hard. They simply check public databases (e.g., online phone directories) or social networking sites.
Cybercriminals often use personal information to hack into online accounts that use an email address and password as the login credentials. For example, if hackers know your email address, they might try to guess your password based on your personal information (e.g., child’s or pet’s name). Or, they might try to determine the answers to your security questions so that they can reset your password. For example, if you answered the question "What was your high school mascot?", hackers could check Facebook or LinkedIn to see if you mentioned your high school. If you did, they could then do an Internet search to find out the school mascot.
In addition, cybercriminals sell personal information in underground cyber markets. The demand for it is extremely high, according to security experts. Buyers might use the personal information for spear phishing attacks or identity theft.
As an individual, there is little you can do to stop a cybercriminal from hacking into organizations’ databases or getting information from public databases. However, you can take measures to minimize how much personal information you reveal to the world, without becoming a social recluse: