PSA: Please pay attention to your online safety as well!

[Guneyd]

Hi everyone,

I hope this is the right place to post this, and I apologize if this topic has already been addressed. However, I’ve become increasingly concerned about the safety of some members on this forum.

Many of you belong to older generations and might not be as familiar with online privacy and security as younger people who tend to use platforms like Instagram or TikTok. I’ve noticed that a lot of personal details are being shared here on a public forum, which can put you at risk of scammers and other malicious actors.

Specifically, I’ve seen members posting under their real names and sharing sensitive information, such as the names of their children, where they live, and details about their past or current jobs. Please be aware that this forum is accessible to anyone, not just registered members, meaning all of this information is visible to the public. This can be a gold mine for scammers who use social engineering techniques to trick people into revealing even more information or into making decisions they wouldn’t normally make.

For those unfamiliar, social engineering refers to manipulative techniques used by scammers to gain access to personal information or to deceive people into compromising their security. You can read more about it here: Social Engineering - Wikipedia.

To help protect yourselves, I recommend reviewing what you post and consider using a nickname or pseudonym instead of your real name. Be cautious about sharing specific personal details, especially information that could be used to answer security questions or that might be exploited by scammers.

Stay safe, and thank you for reading!

 

[JACOBS Noël]

Everything people put on the World Wide Web is accessible for abuse and fraud.
For sure being careful with personal information is unfortunately not an idle advice.

 

[Liica]

Hi everyone,

I hope this is the right place to post this, and I apologize if this topic has already been addressed. However, I’ve become increasingly concerned about the safety of some members on this forum.

Many of you belong to older generations and might not be as familiar with online privacy and security as younger people who tend to use platforms like Instagram or TikTok. I’ve noticed that a lot of personal details are being shared here on a public forum, which can put you at risk of scammers and other malicious actors.

Specifically, I’ve seen members posting under their real names and sharing sensitive information, such as the names of their children, where they live, and details about their past or current jobs. Please be aware that this forum is accessible to anyone, not just registered members, meaning all of this information is visible to the public. This can be a gold mine for scammers who use social engineering techniques to trick people into revealing even more information or into making decisions they wouldn’t normally make.

For those unfamiliar, social engineering refers to manipulative techniques used by scammers to gain access to personal information or to deceive people into compromising their security. You can read more about it here: Social Engineering - Wikipedia.

To help protect yourselves, I recommend reviewing what you post and consider using a nickname or pseudonym instead of your real name. Be cautious about sharing specific personal details, especially information that could be used to answer security questions or that might be exploited by scammers.

Stay safe, and thank you for reading!

You’re absolutely right.
I have noticed anyone can access and read this forum and it’s indeed concerning to see people shring the days they are going to walk, if they are alone or not…
Well, I would avoid that in every possible way, here or in any other social media.
Stay safe everyone.
Never post dates, places you are today and going tomorrow… etc…

 

[David Tallan]

You’re absolutely right.
I have noticed anyone can access and read this forum and it’s indeed concerning to see people shring the days they are going to walk, if they are alone or not…
Well, I would avoid that in every possible way, here or in any other social media.
Stay safe everyone.
Never post dates, places you are today and going tomorrow… etc…

It is a risk, for sure. But I find that the benefits I get from my sharing are worth it and I am willing to accept those risks. I'm retired now, but was professionally focused on the Internet and new media from the start of my career in 1994. I've got a number of friends in the cybersecurity field. I am relatively confident of my ability to accurately assess these risks and do the cost/benefit analysis. Of course, it is up to everyone to judge their own risk tolerance and whether the benefits outweigh the risks for them.

 

[Turga]

I have worked professionally with IT and Internet since early 1980’s. For a number of years I worked with a very big international company (which you all know) that had posters on the walls of the offices saying: “Beware of social engineers – they want what you know!” *) It was true then and perhaps even more these days.

Yes, regrettably, you have to be quite conscious about what you reveal on public domains.

*) There was a picture on those posters but I won’t say what it was- today it would be considered totally unacceptable.

 

[trecile]

I have noticed anyone can access and read this forum and it’s indeed concerning to see people shring the days they are going to walk, if they are alone or not

I think that it's highly unlikely that someone would read this forum, discover that I'll be walking alone and buy a ticket to fly to Spain to stalk me.

 

[henrythedog]

I think that it's highly unlikely that someone would read this forum, discover that I'll be walking alone and buy a ticket to fly to Spain to stalk me.

Many people, knowing where I’ll be, would sensibly go elsewhere. I consider commenting on my location to be a public service.

More seriously: I spent the last 14 years of what I retrospectively describe as my ‘career’ as a Director of several quoted public companies. Pretty much every aspect of my financial affairs and my address was in the public domain, by law. Being on here using the pseudonym of my dog is relatively private.

 

[C clearly]

I think that it's highly unlikely that someone would read this forum, discover that I'll be walking alone and buy a ticket to fly to Spain to stalk me.

Highly unlikely, yes, but weirder things happen in life. Each of us assesses the risks (hopefully based on reasonable knowledge) and we decide whether the rewards balance the risks.

One thing to be aware of is that if you are leaving your house empty, it might not be wise to publicize that to the world in real time. That is another fact to go into the risk assessment

 

[Lindsay53]

While online security is important, there is more than a hint of paranoia in some of these posts.

 

[trecile]

One thing to be aware of is that if you are leaving your house empty, it might not be wise to publicize that to the world in real time. That is another fact to go into the risk assessment

Right. When both my husband and I are not at home I don't post information about our trip on social media.

I also don't have an email address that includes my full name and birth year as many people seem to have.

 

[CWBuff]

Im in IT as well and every month we go through a bunch of various "security training". Its the same thing over and over again... so yes I am not clicking on any attachments, putting the USB stick that I just found on the street into my laptop, pay my "$1,000,000 IRS overdue bill" by buying some money certificate by clicking on the enclosed link and so on...
At the same - this banks data got breached, this government office got hacked etc and it all comes down to me "changing my pwd" every month... I dont think so

With the intrroduction of AI - more of private data has been violated, transfered, shared sold - you name it. No matter what we do nothing will make the Internet world safe. Yes dont do anything stupid but accept the fact that your data is and has been "out there" from the moment you signed in.

re:this Forum. Yes anyone can read the posts but in order to ever remotely view someone's profile - one MUST become a member. I'll leave the overall security in the capable hands of the Administrator.

and for the overall home security - I am lucky enough that I can rely on the services of the family friend who is only too happy to housesit\catsit at our place when we are away

So... dont do anything stupid and dont openly post your private info - I'd say thats the extend of it

 

[Luka]

Never post dates, places you are today and going tomorrow… etc…

This kind of information is shared here all the time. I agree that people should be careful with personal details, but I don't see much harm in telling which stage you have walked today or will walk tomorrow. Am I naive?

 

[CWBuff]

@Luka - no not at all. again there is only "so much" security you can implement. things do happen (although it would be good if they didnt)

 

[CWBuff]

also re: travelling and letting the world know - as many other members here I use FindPenguins App. I keep my trips open for "general access" - I've actually had strangers wishing to follow me (esp when I was walking the Camino) and interestingly carved couple of friendships out of that.... so yeah "the world knows" that I am not home (which is ok since as per above I have a house sitter and the 2 verry ferrrrocious cats )
what I do not do is start and end my trip from my house - thats telling that whole world exactly where I live!
If I drive - I'll use perhaps a mile or 2 away from home as a waypoint. if I use public transportation - then that place (Train station, airport)

I've seen plenty of folks who DO start at their front door! Well... stoopid iz az stoopid duz

 

[CWBuff]

For a number of years I worked with a very big international company (which you all know) that had posters on the walls of the offices saying: “Beware of social engineers – they want what you know!” *) It was true then and perhaps even more these days.

1. loose lips sink ships
2. seems that "social engineering" has been around long before the XXI Century. Actually I will venture to say that it has been around since Iron Age. it's been known by its former name - SPYING!

 

[C clearly]

While online security is important, there is more than a hint of paranoia in some of these posts.

Really? On this thread? I see reasonable caution/concern but not more than a hint of paranoia!

 

[RobertS26]

On an extended stay in Italy, I learned two phrases. The first is, “Trust no one but your mother—and keep an eye on her.”

The second phrase was, “Opportunity makes the thief.”

Both really resonate with me. Especially the one about my mom—there always has been something about her . . .

 

[Tincatinker]

The last person that tracked me down from a combination of information on this forum - old bloke; goes to Spain a lot; drinks in the Old Star in Shoreham, left a tenner behind the bar for my pleasure. The one before that ended up with a bloody nose. Not my doing: he got so relaxed he fell off the front step. I had to throw out the pillow from the pilgrims’ room.

Caution is always advised. Paranoia is just the Gods way of reminding you that they are out to get you

 

[TravellingMan22]

Most people seem reasonably cautious on here. I am suprised people are open about their full name (especially a more unusual name), where they live, and / or place of employment and then talk about when they are away. Not many seem to to do it but a few do. The risk is still very low of course, and those may be comfortable with that risk, but a risk nonetheless.

Been a few media articles re excessive posting on SM could invalidate your home insurance if robbed whilst on holiday. Seems theoretical at moment but who knows!

 

[Guneyd]

Many in this thread seem focused on the idea that posting your travel plans online could alert thieves to an empty home. While that's a valid concern, I think it's a bit outdated and less likely in the current landscape of scams.

What worries me more are more modern forms of social engineering. For example, a scammer could impersonate a family member, sending a message like:

"Hey Mom/Dad, this is [Child’s Name]. I'm doing the Camino but I lost my phone and credit card. I’m borrowing a friend’s phone to contact you. I really need to transfer rent for this month—can you loan me the money? I’ll pay you back next month! Thanks, love you!"

This type of scam could easily fool even the most cautious people. We’ve all heard stories of people falling for it, so we shouldn’t make it easier for scammers.

For example, instead of saying, "I told my son Jack Archibald III that I’d be doing the Camino Frances next month," it’s safer and just as clear to say, "I told my son I'd be doing the Camino Frances next month."

I hope this makes a bit more sense?

 

[Tincatinker]

I don’t even tell my probation officer where I’m going to be next. They’re professionals, they ought to be able to work it out for themselves.

I don’t tell the milkman, or the postman or my bank or anybody else who has no need to know. I might let my neighbours know so they can throw the odd sheep over the fence for the dogs and I’ll let John & Anna know so they can cut the barrel order.

The “hey Mum & Dad”; “Turkish prison” and “I need an operation” scams are so well known and publicised that it must, by now, take serious determination to be sucked in.

The majority of people who come to this forum are at least internet savvy, curious and enquiring. Even if, at some point between St Jean and Santiago they will trip over their own shoelaces they’re unlikely to fall for a Nigerian Section 419 scam. They might get their pockets picked before they’ve even got to Chamartin from Barajas, but only once.

The advice here, take care on the forum, strikes me as a variation on the handwritten “beware of pickpockets” signs we used to use in Soho. Mark reads sign, mark checks wallet… now we know which pocket the mark carries it’s wallet in

 

[C clearly]

“Trust no one but your mother—and keep an eye on her.”

As an insider in the mothers' club, I would say this is good advice!

 

[Guneyd]

"Hey Mom/Dad, this is [Child’s Name]. I'm doing the Camino but I lost my phone and credit card. I’m borrowing a friend’s phone to contact you. I really need to transfer rent for this month—can you loan me the money? I’ll pay you back next month! Thanks, love you!"

Oops, should've been "I know you're doing the Camino" instead of "I'm doing the Camino.

The “hey Mum & Dad”; “Turkish prison” and “I need an operation” scams are so well known and publicised that it must, by now, take serious determination to be sucked in.

I'm actually Turkish though? Hahaha.

The majority of people who come to this forum are at least internet savvy, curious and enquiring. Even if, at some point between St Jean and Santiago they will trip over their own shoelaces they’re unlikely to fall for a Nigerian Section 419 scam. They might get their pockets picked before they’ve even got to Chamartin from Barajas, but only once.

I think you're seriously overestimating your fellow users. I work for an Identity & Access Management company in IT, and even during our regular internal security tests, 10% to 30% still fall for (internal) phishing attempts. Just because the majority of users seem tech-savvy doesn't mean there aren't a handful who aren't. This PSA is also meant for them, as a reminder. If you feel you're not the target audience, good for you .

 

[Guneyd]

The “hey Mum & Dad”; “Turkish prison” and “I need an operation” scams are so well known and publicised that it must, by now, take serious determination to be sucked in.

I'm actually Turkish though? Hahaha.

Man.. what is wrong with me tonight, I keep reading different stuff.. I read "Turkish person" instead of "Turkish prison"... apologies.

 

[Luka]

What worries me more are more modern forms of social engineering. For example, a scammer could impersonate a family member, sending a message like:

"Hey Mom/Dad, this is [Child’s Name]. I'm doing the Camino but I lost my phone and credit card. I’m borrowing a friend’s phone to contact you. I really need to transfer rent for this month—can you loan me the money? I’ll pay you back next month! Thanks, love you!"

This type of scam could easily fool even the most cautious people. We’ve all heard stories of people falling for it, so we shouldn’t make it easier for scammers.

I had a very funny experience with my mom (80) lately. My phone fell into the water and died. So I sent an email to my mom to tell her that she couldn't reach me by phone until I had a new one. She didn't believe it was me and thought it was a scam. She decided to call a good friend of mine. That friend assured her that my phone really died. But she still didn't trust it.

I went to the store to buy a new phone. When I got back to the parking lot and got the phone working, it ringed almost straight away. It was a friend of my moms. She was at my moms house and told me my mom still didn't believe that whole story about my broken phone. So that friend passed me on to my mother and when she heard my voice she finally started to believe the whole story.

So don't try to fool my 80-year-old mom!

 

[Rick of Rick and Peg]

Hey Mom/Dad, this is [Child’s Name].

Really? What was the middle name we almost gave you?

 

[dougfitz]

The majority of people who come to this forum are at least internet savvy, curious and enquiring.

When I saw the OP, I was a little cynical about the value of the message, and shared similar concerns that some of the advice was a little over the top. And like some, during my working life I have been subjected to the routine rounds of IT and other security briefings with the organisation I worked for, so I appreciate that we do need to be reminded about these things regularly.

And maybe @Tincatinker is correct that most of us are sufficiently savvy to know what we should do or not do, and what risks we are prepared to take for ourselves. But clearly forum members span a wide range of IT understanding, from the naive upwards to very experienced professionals. One only has to recall the recent request by a forum member to complete a survey, where we were assured that they were not going to collect data from respondents. Call me naive if you will, but what is the point of a survey other than to collect data from respondents?

There are also regular calls for assistance for advice from members unfamiliar with specific apps, tools and processes, and forum members who are familiar with these will respond. Sometimes, these discussions can also reveal some of us have gaps in our understanding, and I like to think that we can all learn from each other no matter how knowledgeable or experienced we thought we were.

Which brings me back to the original post. I think it was a useful reminder about the importance of being careful about our online behaviour, no matter how experienced we might be. It might go hand in glove with other travel advice, such as is provided by our own national governments through their foreign affair/state/etc departments. For example, here is the Australian Smartraveller page on travel scams: https://www.smartraveller.gov.au/while-youre-away/crime/scammed. The benefit of using these services is that they are more likely to provide a complete range of advice than was evident in the OP.

But it seems to me that we are at risk of diluting that original, useful, reminder and diluting it with a whole lot of unnecessary noise. That is such a pity.