Unauthorized Access to Information

The CSRC, a resource of the US government, defines unauthorized access as "Any access that violates the stated security policy" or "A person [who] gains logical or physical access without permission to a network, system, application, data, or other resource." Information getting into the wrong hands is always a cause for chaos in peoples' lives.

The IC3 or Internet Crime Complaint Center (US government resource) lists out the methodology of hackers gaining unauthorized access to information: Bruteforcing names/ passwords, phishing emails, phishing domains/websites, social engineering, data breaches, and malware. There are so many ways for hackers to gain information, so knowing the methodology is incredibly important in preventing your information from getting stolen. Phishing emails and websites are fake resources that coerce people to input sensitive information (login data, passwords) by pretending to be trustworthy resources to gain access to real accounts. A real life example of this almost happened to me.

A friend of mine sent me a link via instagram to "vote for them for an art challenge," after clicking on this link the site prompted me to input my instagram login information before voting. I was immediately suspicious because I knew my friend wasn’t particularly interested in art, so I did not input my information. However, my other friend was less fortunate and imputed her information which led to her personal instagram account getting hacked. She was locked out and the hacker tried to sell a car with a downpayment of 1000 dollars on her account! Later I got a similar dm from the hacker on this friend's account with a similar phishing link. This is a negative outcome of data getting into the wrong hands, but it could be even worse. Stolen bank data and identity theft could lead to fraudulent charges to bank accounts and you could even be framed for crimes you did not commit.