Defending yourself online isn’t dissimilar to defending yourself offline. The tools do change. Instead of relying on tools such as physical fitness, weapons, and martial arts online defense relies on encryption, anonymity, and credential management. Even though online and offline self-defense utilize different tools both rely first and foremost on situational awareness. For example, in regards to offline defense it’s wise to avoid going down dark alleys that have reputations for being places of violence at night by yourself. Situation awareness should lead you to recognize that putting yourself in that situation greatly increases your risk of being the target of a violent crime. Likewise, when you’re online it’s wise not to submit personally identifiable information to websites that offer services that are either illegal or could be used to blackmail users.
37 million people failed the online situational awareness test and are now facing the very real prospect of being blackmailed:
Hackers claim to have personal details of more than 37 million cheating spouses on dating website Ashley Madison and have threatened to release nude photos and sexual fantasies of the site’s clients unless it is shut down, blog KrebsOnSecurity reported.
Ashley Madison’s Canadian parent, Avid Life Media, confirmed the breach on its systems and said it had since secured its site and was working with law enforcement agencies to try to trace those behind the attack.
Let’s consider the situation. The Ashley Madison website specifically specializes in helping married individuals have an affair. Since knowledge of affairs are often used as blackmail signing up for this website has pretty notable risks. The first risk is that the owners of the site will use the existence of your account to blackmail you. Another risk is exactly what happened, malicious hackers breaching the network and acquiring your personal information.
The latter risk is one faced whenever you sign up for any website. But the risks involved in your personal information from, say, Reddit being leaked is likely far less than those involved in a website that specifically advertises services to help married individuals commit adultery. That’s an important part of the situation to consider.
Another part of the situation that’s important to note is the site didn’t put any measures in place to protect your privacy in the event a breach occurred. Had the website been a hidden service that used Bitcoin as payment the ability to anonymize yourself, or at least offer plausible deniability by claiming somebody else created and maintained the account to sully your reputation, would exist. That’s exactly why Silk Road, which offered illegal services, opted for the hidden service using Bitcoin route. This website wasn’t a hidden service and, as far as I know, used credit cards, which are strongly tied to your real-life identity, for payments.
Be aware of the situation before you involve yourself in it. Failing to do so could put you in a bad situation that you could have otherwise avoided.