Threat Intelligence Blog

Posted December 16, 2013

In our previous blog post, we discussed how corporate security professionals can protect executives through monitoring websites, social media and other open source content. Most of the information online that’s associated with corporate executives is fairly innocuous. This includes sources like corporate biographies, media interviews, and associations with civic and trade organizations. However, even seemingly innocent information can be used against someone in the wrong hands.

Corporate biographies are one of the first places that criminals often go to get information about an executive’s personal and professional life. Online biographies are extremely accessible, and with a simple Google search of an executive’s name, anyone can find biographical details from their employer’s website, former employers, media and college websites, and civic organizations. What may be perceived as general information about an executive, however, can actually reveal many facts that can increase the risk to an executive’s safety.

Information about their current and past roles is standard, but including family member names, address or neighborhood information, hometown, and external leadership positions allows threat actors to zero in on the executive much more easily. Social media postings and accounts can also reveal a wealth of information. An example of how the disclosure of a family member’s name in a corporate biography can lead to an increased potential threat to an executive is via Facebook “Likes.” If an executive’s family member “Likes” a local business, for instance a gym, this can alert a potential threat actor to the specific location of a business that a family member frequents, making the family member an easier target for assaults, kidnappings, stalking, identity theft and social media or banking account takeovers.

Reducing obvious connections between an executive and family members in online biographies and omitting detailed information about them in media interviews is one step to circumventing potential threat actors. In addition, an Executive Threat Assessment allows security professionals to perform a comprehensive investigation and can assist in the removal of potentially harmful information and postings. Another important step is having executives and their family members responsibly manage their social media accounts and become more aware of the risks that they can pose.  Cyber Safety Training for not just the executive, but for their family as well, can also help mitigate some of these risks.

Additional Posts

Best Buy “Delivery Canceling” Email the Latest in the Annual Onslaught of Christmas Phishing Scams

Scammers launched an email campaign today that uses the Best Buy brand. A fairly obvious phishing ...

Trust the Doc, but Trust the App?

During our recent webcast, Six Types of Rogue Mobile Apps and How They’re Hurting Your Brand, we ...