Professional Computing Practice

COSC2130

INDIVIDUAL
ASSESSMENT 3

Lecturer: Dr. Jonathan Crellin

Name: Van Phuong Truc
Student ID: s3818484
Word Count: 1136
ASSIGNMENT 3 (online exam equivalent- Turnitin assessment)

COURSE CODE AND TITLE: COSC2130 Professional Computing Practice

Candidate’s Family Name: Van Candidate’s Given Name(s): Phuong Truc

Candidate’s Student No.: s3818484

Course Name: Professional Computing Practice

Course Code: COSC2130
Lecturer: Dr. Jonathan Crellin
Start Time: 2:30 pm - Tuesday, Jan. 11, 2022
End Time: 6 pm - Thursday, Jan 13, 2022

“Social media can be a useful and fun way to interact with others and to share content,
but use it carefully. Remember that there is nothing totally private on the internet and
once online it is hard to control.” ― Amanda-Jane Turner, Cybersecurity for everyone -
demystifying cybercrime

The rapid advancement of technology has set the stage for the evolution of society
and changed the way it operates. Social media is one of the greatest inventions providing
countless abilities that assist human communication. It has such a strong influence on
people that most of us become dependent on it, and some cannot imagine living without it.
With each passing day, social media is becoming a more significant role in daily human life;
that is why privacy on social media has never been more critical. Privacy is not always
guaranteed in the public online space; personal information is highly vulnerable to multiple
cyber risks. Social media will only be helpful when used carefully and precisely. I want to
show my supportive perspective in the essay below.

Social media users are increasing continuously, especially users of media titans like
Facebook, Instagram, or Twitter. According to Statista, there are currently 3.78 billion users
and there will be approximately 4.41 billion users by 2025 [1].
 Figure 1: Number of worldwide social network users 2017-2015 by Statista

It is undeniable that social media is a significant accomplishment since it revolutionizes the

world's information processing and communication strategies. Social media offers life-
changing advantages with its ability to connect innumerable users regardless of time and
place, the reason why it is a charm to many users. It also provides quick and easy access to
information and improved information discovery over years. Additionally, social media is
also a great tool for marketing and advertising to enhance business reputation.

Since the world is so integrated and interconnected with Social media, no one can
avoid putting information into the virtual environment, making everyone vulnerable to
privacy threats. The nature of social media is that users disclose their personal information,
making different types of assets prone to be attacked [2]. Any user can be the target of data
mining, phishing, and data breach, to name a few. We will discuss some common privacy
threats in the section below.

Data mining and inference attack

Data mining is sorting through information from public and private sources to identify
trends and patterns and look into people’s behaviors, allowing businesses to anticipate
targeted individuals or groups that can benefit them [3]. The ever-increasing amount of
personal user data is a gold mine for businesses to discover valuable analysis and improve
the quality of their services. However, this raised privacy concerns amongst users [4].

An interference attack is an example of using data mining techniques to collect

information from a database, and this is an attempt to gather sensitive data from available
authorized information. Indeed, the nature of information and online social networks
themselves makes users vulnerable to interference attacks by letting the attackers take
advantage of the disclosed information [5]. Through learning algorithms, the attackers can
collect the information supposedly private data such as friend lists, interests, preferences,
and even political views [5].

Data mining is in the thin line between effective marketing and intruding on users’
privacy; balancing two aspects is difficult even when financial incentive is not in place. Take
Facebook as a typical example, despite claiming that personal data will be stripped in the
mining process to keep the user anonymous, it was reported in 2018 that Facebook let
companies access users’ personal data, including contact information and private messages
[6]. In 2014 a data company named Cambridge Analytica gathered information to create an
extensive personality profile on every American voter and had Facebook ads tailor-made for
them. For each person that took the Analytica quiz, the company could gather data on an
average of 322 of their friends, and the company managed to collect information of up to 87
million users [7].

Identity theft
This is qualified as a cyber-exacerbated crime. The attacker attempts to obtain key pieces of
personal information to impersonate the attack victim to gain benefits or harm the victim.
Identity theft is becoming more prevalent as social media integrates daily and users divulge
more and more private information.

Phishing is the most common method to initiate identity theft, the fraudulent users
will attempt to steal sensitive data, such as personal information or bank account, of the
user by identity fraud or impersonating a legitimate entity such as a big company or bank
[8]. For example, users will willingly and mindlessly give out their bank account and
credentials when they receive an email verifying their identity to update the expired bank
account.

The RSA phishing attack in March is an example. The attacker sent a phishing email
to a targeted group of RSA employees, and it was sufficient that one of the employees
opened the email. The Trojan concealed within the email had exfiltrated the credential of
that account, which the intruder later used to get access to the system without being
detected. RSA reported that it suffered from a data breach after the intrusion [9].

Privacy threats in location-based services

Social media take many advantages from mobile devices and location-based services.
Most social network users access the services via their smartphone, which often
automatically collects users' location data [10]. Many people have been targeted by stalkers
or thieves due to their location automatically shared on social network apps.

Recently, a Youtuber named Justin Schmidt scared prank people whom he met on
Omegle, an online video-chatting website that pairs random users, as he has the exact
location of any random people he met there. The Youtuber did this for entertainment
purposes only, but imagine that users' geo-location falling into a criminal's hand would
jeopardize their privacy or even their safety in real life.

There are some countermeasures and practices for users to maintain the privacy and
integrity of the data in the online profile. First, users should be more cautious when using
online social networks; unnecessarily divulging personal data makes them vulnerable to
privacy threats. Modifying privacy settings when joining social media is highly recommended
to limit the number of people who can access the shared information, avoiding making
users’ profiles visible to unknown strangers on the internet. Users should also be cautious
about location-based services to prevent their location and movements from being traced,
not making them an easy target for criminals [11].

Social media has integrated into daily human life, thus leading to the increase in the
disclosure of users' data, and it is complicated and is hard to control. Despite different
proactive security technologies used nowadays, cyber attackers can always find ways to
accomplish their malicious attempts, and the users' privacy is always at risk. However, users
play a critical role in keeping their own information and data safe by having a clear
perception and awareness of the potential privacy threats. By adhering to security
guidelines and wisely using social media, users can minimize the vulnerability and take the
most advantage out of these online social networks.

Reference
[1] “Number of social media users 2025,” Statista.
https://www.statista.com/statistics/278414/number-of-worldwide-social-network-users/
(access Jan. 11, 2022).

[2] M. Fire, R. Goldschmidt, and Y. Elovici, “Online social networks: Threats and solutions,”
IEEE Communications Surveys & Tutorials, vol. 16, no. 4, pp. 2019–2036, 2014. [Online].
Available: https://ieeexplore.ieee.org/document/6809839?arnumber=6809839

[3] T. Turner, “Data Mining: Consumer Risks & How to Protect Your Information,”
ConsumerNotice.org. https://www.consumernotice.org/data-protection/mining/ (access
Jan. 11, 2022).

[4] R. Goldberg, “Most Americans continue to have privacy and security concerns, NTIA
survey finds,” National Telecommunications and Information Administration.
https://www.ntia.doc.gov/blog/2018/most-americans-continue-have-privacy-and-security-
concerns-ntia-survey-finds (access Jan. 11, 2022).

[5] R. Heatherly, M. Kantarcioglu, and B. Thuraisingham, “Preventing private information

inference attacks on social networks,” IEEE Transactions on Knowledge and Data
Engineering, vol. 25, no. 8, pp. 1849–1862, 2013. [Online]. Available:
https://ieeexplore.ieee.org/document/6226400
[6] G. J. X, “As Facebook raised a privacy wall, it carved an opening for tech giants,” The New
York Times. https://www.nytimes.com/2018/12/18/technology/facebook-privacy.html
(access Jan. 11, 2022).

[7] C. Kang and S. Frenkel, “Facebook says Cambridge Analytica harvested data of up to 87
million users,” The New York Times.
https://www.nytimes.com/2018/04/04/technology/mark-zuckerberg-testify-congress.html
(access Jan. 11, 2022).

[8] “Social Media Phishing SMP: What you need to know,” Cofense.
https://cofense.com/knowledge-center/social-media-phishing-what-you-need-to-know/
(access Jan. 11, 2022).

[9] W. Ashford, “RSA discloses phishing-attack data breach details,” ComputerWeekly.com.

https://www.computerweekly.com/news/1280095593/RSA-discloses-phishing-attack-data-
breach-details (access Jan. 11, 2022).

[10] R. Espiritu, “The future of location-based services and the implications of User Privacy,”
Viterbi Conversations in Ethics. https://vce.usc.edu/volume-3-issue-1/the-future-of-
location-based-services-and-the-implications-of-user-privacy/ (access Jan. 11, 2022).

[11] R. Kaur, T. Klobučar, and D. Gabrijelčič, “Privacy in online social networks,” Research
Anthology on Privatizing and Securing Data, pp. 2078–2109, 2021. [Online]. Available:
https://www.researchgate.net/publication/344304197_Privacy_in_Online_Social_Networks
_Threat_Analysis_and_Countermeasures