Out of the box Sharing personal information
I shared my NRIC, email and telephone in Facebook two weeks ago. 

I want to share my experience. 

The first obstacle was that my SingPass account was blocked by the website when a malicious actor tried to login 6 times. This was a bad action but it was not a big issue to me. I was able to unblock my account. I even changed my SingPass ID to be different from my NRIC. So, this issue was solved. 

The malicious actor also tried to login to my account in Google, Facebook and Twitter using my email address. He (or she) must have done it more than 100 times. These social media platforms did not block my accounts. Instead, they sent an email to ask me if I need to change my password. I ignored these emails. The malicious actor has since given up. 

I faced more trouble when the malicious actor used my email to register to many websites - dating website, gay websites, money lending websites and other services. 

I received many emails from these websites. I unsubscribed to them. 

I also received phone calls, SMS and WhatApp messages from marketing people eager to offer a loan to me or get me to attend a course. I told them - sorry, that was a faked message. It was troublesome to them and to me, but I could cope with it.

The proper approach is for these websites to require authentication of the email and mobile numbers, before they open a user account. Sadly, most of them do not have this feature. They are exposed to malicious acts. 

What happened to me could happen to anyone. I have seen property agents, insurance agents and other marketers people sharing their emails and mobile numbers on flyers. It is a necessary part of communication and doing business.

One day, the malicious actor will find fun in targeting other people. It can become more widespread. 

The malicious actor is like a vandal. He goes around to some people's house and paint their door and walls "for fun". When he is caught, he can go to jail for vandalism. If he is not caught, he enjoys his fun.

There is also a law against "Misuse of Computer". The malicious actor faces the same risk of being sent to jail for the deliberate malicious act. In the meantime, he can enjoy his fun. When he is caught, his future will be damaged, perhaps destroyed. 

So far, the Police does not want to act on offenses under the law on "Misuse of Computer". Perhaps they are waiting for a minister to tell them that this has become a serious problem. 

Maybe, when someone uses a minister's email and telephone number, we might see some action being taken.

Some people think that they can be safe when they do not share their email, mobile numbers and other personal information. I respect their personal choice.

In my case, I share these information to facilitate communication. It does come with some risk, but I can cope with it.

I think the malicious actor has got tired now of having his fun. I am now getting less of the fake registrations using my contact details. Or maybe, he does not want further exposure and the risk of being caught. 

We can wait for this problem to get worse before the Police starts to act. 

The conclusion - sharing of NRIC gives the least trouble and can be managed. Sharing of email and mobile numbers could lead to more trouble, but it probably can't be avoided. They are the means of modern communication.

Tan Kin Lian

Vote - should the Police take steps to catch the malicious actor and make people aware about the "Misuse of Computer" law?




 

Add Comment

---