Law enforcement and public officials may be at an increased risk of being targeted by Threat Actors. A Threat Actor typically contacts an Internet Service Provider of the target, poses as an employee of the company, and requests details regarding the target’s account. Utilizing these details, the caller then contacts the target’s email provider, successfully provides answers to security questions established for the email account, and is granted a password reset for the account. Ultimately, the actor gains access to the victim’s email account and begins to harvest personal information.
Threat actors may also target law enforcement personnel and public officials through Doxing. Doxing is the act of compiling and posting an individual’s personal information without permission. The personal information gathered from social media sites could include home addresses, phone numbers, email addresses, passwords, and family members. The information is then posted on information-sharing websites with details suggesting why the individual should be targeted. And many legitimate online posts are linked directly to personal social media accounts. Law enforcement personnel and public officials should limit personal postings on media sites and carefully consider their comments. It reflects on themselves, their family, and their employer, and it could be used against them in court or during online attacks.
Be proactive and take additional steps to minimize the information that could be available to hacktivists.
• Update your hardware and software applications, as old versions might be exploited by criminals as a way to access a computer.
• Maintain up-to-date antivirus software, as attackers are continually writing new ones.
• Restrict your driver’s license and vehicle registration information with the Department of Motor Vehicles.
• Request real estate and personal property records be restricted from online searches with your specific county.