IMC AG Announces New Expert Interview | CHECK.point eLearning
Data Protection

IMC AG Announces New Expert Interview

Saarbrücken (GER), January 2012 - IMC AG has announced an interview on data protection in the series titled "Ten Questions About". The author of imc's data-protection blog, Christina Meiers, offers her point of view on this timely subject. Below, she kindly answers three of the ten questions.




What direction are current methods of fraud taking?

Christina Meiers: The methods of fraud are constantly changing. One particular dynamic is notable in the field of social engineering. This includes systematic spying on the selected individuals in order to access the desired data by exploiting the human virtues of curiosity, anxiety, or authoritativeness.


A classic example of such an approach is a call by an alleged service technician in a company who requires internal passwords in order to be able to maintain the system. An alarmingly great number of employees carelessly reveal these and thus pave the way for the hacker to obtain sensitive data. Whilst over the last few years social- engineering activities were frequently transacted via email or telephone, today these have, for the most part, shifted towards social networks as the likelihood of obtaining personal data there is very high.

What has caused the number and extent of the data-protection attacks to have risen so sharply in recent years?

Christina Meiers: The motives of hackers and identity thieves have changed considerably over the last few years. Initially, the Internet was considered the place to make one's mark due to technical know-how. Today, however, monetary benefits are the goal of most attacks; these range from the selling of mailing lists to classic fraud.


Loss of reputation, personal consequences, and direct financial losses are some of the damage that victims suffer. In view of the fact that Internet traffic is constantly increasing (according to the most recent ARD/ZDF Online study 2011, 73.3% of the German population are online), an attractive business model is emerging for hackers.

At the same time, so-called hacktivists are on the increase. They hack into computer systems in order to point out data-protection defects to authorities and companies. Then they publish their strategy or the data captured during the attack. These groups do not normally pursue monetary goals.

Social media are omnipresent today for many companies in terms of their marketing strategy. Which trends and threats stand out for employees and employers in this regard?

Christina Meiers: Not only are companies increasingly using social networks; private users, in particular, have also extended their use considerably over the last few years. This is particularly true for young people for whom Facebook and co. have long since been an integral part of their daily lives. The greatest risk is that too much information is being revealed both privately and in the workplace.


Thus, in the main, social engineering is being fuelled. If an employee thoughtlessly publishes information on projects, clients, etc., then the hacker can simply collect all this information, and by falsely using the employee's identity can interact with clients or members of the public and cause serious damage.