{"id":7826,"date":"2023-03-31T08:51:17","date_gmt":"2023-03-31T12:51:17","guid":{"rendered":"https:\/\/joindeleteme.com\/blog\/?p=7826"},"modified":"2025-05-02T06:05:00","modified_gmt":"2025-05-02T10:05:00","slug":"data-broker-opt-outs-for-executive-cybersecurity-protection","status":"publish","type":"b2b-post","link":"https:\/\/joindeleteme.com\/business\/blog\/data-broker-opt-outs-for-executive-cybersecurity-protection\/","title":{"rendered":"What Executive Cyber Security Programs Must Include In 2025"},"content":{"rendered":"\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#6-executive-cybersecurity-risks-fuelled-by-executives-personal-data\">6 Executive Cybersecurity Risks Fuelled By Executives\u2019 Personal Data\u00a0<\/a><\/li><li><a href=\"#scrubbing-executives-personal-data-from-common-information-exposure-sources\">Scrubbing Executives\u2019 Personal Data from Common Information Exposure Sources<\/a><\/li><li><a href=\"#status-quo-executive-cybersecurity-is-not-good-enough-in-2025\">Status Quo Executive Cybersecurity is Not Good Enough in 2025<\/a><\/li><li><a href=\"#executive-cyber-security-protection-with-data-broker-removal\">Executive Cyber Security Protection with Data Broker Removal<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<p>If we were to give one piece of advice to organizations looking to strengthen their executive cyber security in 2025, it is to focus on personalized threats.&nbsp;<\/p>\n\n\n\n<p>Lately, we\u2019ve seen giant leaps in threat actor capabilities, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Criminals <a href=\"https:\/\/www.ft.com\/content\/d60fb4fb-cb85-4df7-b246-ec3d08260e6f\" target=\"_blank\" rel=\"noreferrer noopener\">using AI to create hyper-personalized phishing scams<\/a> that target executives.\u00a0<\/li>\n\n\n\n<li>Executives being targeted by deepfake scams and\/or <a href=\"https:\/\/istari-global.com\/insights\/spotlight\/ceo-deepfake-wpp\/\" target=\"_blank\" rel=\"noreferrer noopener\">being impersonated in these scams<\/a>.\u00a0<\/li>\n\n\n\n<li>Ransomware attackers <a href=\"https:\/\/www.theregister.com\/2024\/05\/07\/ransomware_evolves_from_mere_extortion\/\" target=\"_blank\" rel=\"noreferrer noopener\">SIM swapping executives\u2019 kids <\/a>to pressure the organizations they work for into paying ransoms.\u00a0<\/li>\n<\/ul>\n\n\n\n<p>But all of these attacks have one (very low-tech) input in common: executives\u2019 professional and personal information.&nbsp;<\/p>\n\n\n\n<p>Taking executive information offline reduces criminals&#8217; ability to target executives (and other employees within your organization) with even the most sophisticated attacks.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"6-executive-cybersecurity-risks-fuelled-by-executives-personal-data\">6 Executive Cybersecurity Risks Fuelled By Executives\u2019 Personal Data&nbsp;<\/h2>\n\n\n\n<p>Criminals use executives\u2019 professional and personal data to carry out the following attacks.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Executive phishing<\/h3>\n\n\n\n<p>Executive phishing attacks are highly personalized to the target, i.e., the executive. This makes these kinds of phishing scams very difficult to spot.&nbsp;<\/p>\n\n\n\n<p>Like most social engineering attacks, executive phishing typically involves four steps:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Information gathering<\/li>\n\n\n\n<li>Relationship development<\/li>\n\n\n\n<li>Exploitation<\/li>\n\n\n\n<li>Execution.\u00a0<\/li>\n<\/ol>\n\n\n\n<p>The information-gathering step is probably one of the most important.&nbsp;<\/p>\n\n\n\n<p>Here, hackers determine who to attack, who their target is likely to share information with, and under what pretext.&nbsp;<\/p>\n\n\n\n<p>We know from <a href=\"https:\/\/www.varonis.com\/blog\/contileaks\" target=\"_blank\" rel=\"noreferrer noopener\">leaked criminal chat transcripts<\/a> that attackers use open-source intelligence tools like data brokers to find targets and individuals to \u201cname drop\u201d within their social engineering campaigns to make them look more legitimate and more likely to succeed.<\/p>\n\n\n\n<p>We also know <a href=\"https:\/\/www.ft.com\/content\/d60fb4fb-cb85-4df7-b246-ec3d08260e6f\" target=\"_blank\" rel=\"noreferrer noopener\">that AI<\/a> is making executive phishing faster and easier.\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"921\" height=\"934\" src=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/aiphishingscamstargetexecutives-2.png\" alt=\"Financial Times headline: &quot;AI-generated phishing scams target corporate executives&quot; \" class=\"wp-image-17270\" style=\"width:551px;height:auto\" srcset=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/aiphishingscamstargetexecutives-2.png 921w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/aiphishingscamstargetexecutives-2-296x300.png 296w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/aiphishingscamstargetexecutives-2-768x779.png 768w\" sizes=\"(max-width: 921px) 100vw, 921px\" \/><\/figure>\n\n\n\n<p><a href=\"https:\/\/arxiv.org\/abs\/2412.00586?ref=hackernoon.com\" target=\"_blank\" rel=\"noreferrer noopener\">Harvard researchers <\/a>found that AI models can gather accurate and useful data on people in 88% of cases.\u00a0<\/p>\n\n\n\n<p>AI can also help create convincing executive phishing messages. Those same Harvard researchers saw AI-generated phishing emails get a 54% click-through rate &#8211; the same as emails crafted by humans and much, much higher than arbitrary phishing emails (12% click-through rate).&nbsp;<\/p>\n\n\n\n<p><strong>Personal information needed for executive phishing: <\/strong>Varied, including contact details, education and employment history, company org chart, family member details, and more.<br><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">CEO fraud<\/h3>\n\n\n\n<p>In CEO fraud attacks, threat actors pretend to be senior executives or board members to other business leaders, VIPS, or employees.&nbsp;<\/p>\n\n\n\n<p>Cybercriminals\u2019 goal in CEO fraud is usually to get the recipient to make an unauthorized financial transfer. Sometimes, they\u2019ll attempt to con the recipient into disclosing sensitive data or downloading malicious files instead.&nbsp;<\/p>\n\n\n\n<p>CEO fraud happens like any other social engineering attack, with the likelihood of success depending heavily on the reconnaissance stage.<\/p>\n\n\n\n<p>However, unlike spear phishing attacks, where criminals can impersonate professional and personal contacts, CEO fraud emails tend to come from C-suite executives, like the CEO or CISO.<\/p>\n\n\n\n<p>That\u2019s why, in these attacks, threat actors need to understand the org chart of their target company. This is easier than you might think, thanks to B2B data brokers (more on them below) that provide this information to anyone looking for it.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"822\" src=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/orgchart-1024x822.png\" alt=\"Data broker professional profiles include org charts\" class=\"wp-image-17271\" srcset=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/orgchart-1024x822.png 1024w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/orgchart-300x241.png 300w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/orgchart-768x616.png 768w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/orgchart-1536x1233.png 1536w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/orgchart.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Information needed for CEO fraud: <\/strong>Varied, but success hinges on finding up-to-date business org charts.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Account takeover<\/h3>\n\n\n\n<p>Account takeover is an attack where threat actors take ownership of executive online accounts.&nbsp;<\/p>\n\n\n\n<p>Rather than relying solely on data breaches, cybercriminals also use personal information available on the internet to guess passwords, especially for high-value and high-profile targets like corporate executives.&nbsp;<\/p>\n\n\n\n<p>Targeting people like this is time-consuming but often pays off.<\/p>\n\n\n\n<p>The reason why is that many people <a href=\"https:\/\/www.security.org\/resources\/online-password-strategies\/\" target=\"_blank\" rel=\"noreferrer noopener\">use personal information<\/a>, like a family member\u2019s name or the city they were born in, for their credentials.\u00a0<\/p>\n\n\n\n<p>For example:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.ivanti.com\/lp\/security\/assets\/s1\/2023-cybersecurity-status-report\" target=\"_blank\" rel=\"noreferrer noopener\">Nearly 25% of executives<\/a> use their birthday in their password.\u00a0<\/li>\n\n\n\n<li><a href=\"https:\/\/socradar.io\/how-easy-is-it-to-guess-fortune-500-executives-passwords\/\" target=\"_blank\" rel=\"noreferrer noopener\">11% of breached executive passwords<\/a> contain company-related strings.\u00a0<\/li>\n\n\n\n<li>Another 11% contain the account holder\u2019s name or surname.\u00a0<\/li>\n<\/ul>\n\n\n\n<p><strong>Personal information needed for executive account takeover: <\/strong>As varied as possible, including family member names, addresses, etc.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SIM swap attacks<\/h3>\n\n\n\n<p>And more recently, SIM swapping executives&#8217; kids to pressure the executives into paying ransoms.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"241\" src=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/ransomwaresimswap-1024x241.png\" alt=\"The Register headline: &quot;Ransomware crooks now SIM swap executives' kids to pressure their parents&quot; \" class=\"wp-image-17272\" srcset=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/ransomwaresimswap-1024x241.png 1024w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/ransomwaresimswap-300x71.png 300w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/ransomwaresimswap-768x181.png 768w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/ransomwaresimswap-1536x362.png 1536w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/ransomwaresimswap.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Cybersecurity researchers noted cases where criminals <a href=\"https:\/\/www.theregister.com\/2024\/05\/07\/ransomware_evolves_from_mere_extortion\/\" target=\"_blank\" rel=\"noreferrer noopener\">SIM-swapped the phones of executives\u2019 children<\/a>, then called the executives from the kids\u2019 phone numbers to intimidate them.\u00a0<\/p>\n\n\n\n<p>As Charles Carmakal, CTO of the cybersecurity company and subsidiary of Google, said during a Google Security Threat Intelligence Panel at the 2024 RSA Conference:&nbsp;<\/p>\n\n\n\n<p><em>&#8220;Think about the psychological dilemma that the executive goes through \u2013 seeing a phone call from the children, picking up the phone and hearing that it&#8217;s somebody else&#8217;s voice? Sometimes, it&#8217;s caller ID spoofing. Other times, we see demonstrated SIM swapping family members.&#8221;&nbsp;<\/em><\/p>\n\n\n\n<p><strong>Personal information needed for SIM swap attacks: <\/strong>Varied, but includes executives and their children\u2019s phone numbers.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Deepfake scams<\/h3>\n\n\n\n<p>If it sounds like your boss and looks like your boss, then it must be them, right? With deepfake scams on the rise, that\u2019s no longer the case.&nbsp;<\/p>\n\n\n\n<p>Deepfake scams are when criminals collect audio and visual samples (e.g., executive voice recordings or footage of their faces) of people known to their targets and feed this data into AI models.&nbsp;<\/p>\n\n\n\n<p>They end up with phony audio or video that mimics a person&#8217;s likeness or speech patterns known to their victim.<\/p>\n\n\n\n<p>LastPass recently <a href=\"https:\/\/blog.lastpass.com\/posts\/attempted-audio-deepfake-call-targets-lastpass-employee\" target=\"_blank\" rel=\"noreferrer noopener\">experienced a deepfake scam<\/a> that tried to impersonate the company\u2019s CEO.\u00a0<\/p>\n\n\n\n<p>The attackers used WhatsApp calls, texts, and voice messages (all generated by AI) to create a sense of urgency and push the targeted employee into action.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"440\" height=\"984\" src=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/deepfakeexecutivescam.png\" alt=\"WhatsApp deepfake executive scam example \" class=\"wp-image-17273\" style=\"width:377px;height:auto\" srcset=\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/deepfakeexecutivescam.png 440w, https:\/\/joindeleteme.com\/wp-content\/uploads\/2023\/03\/deepfakeexecutivescam-134x300.png 134w\" sizes=\"(max-width: 440px) 100vw, 440px\" \/><\/figure>\n\n\n\n<p>Luckily, the employee noticed the unusual communication channel and other signs of social engineering (e.g., the fake urgency) and alerted LastPass\u2019s internal security team.&nbsp;<\/p>\n\n\n\n<p>The <a href=\"https:\/\/www.theguardian.com\/technology\/article\/2024\/may\/10\/ceo-wpp-deepfake-scam\" target=\"_blank\" rel=\"noreferrer noopener\">number of companies<\/a> (and executives) who have been targeted <a href=\"https:\/\/autos.yahoo.com\/ferrari-ceo-impersonated-ai-deepfake-183000485.html\" target=\"_blank\" rel=\"noreferrer noopener\">with deepfake scams<\/a> is seriously concerning.\u00a0<\/p>\n\n\n\n<p><strong>Personal information needed for deepfake scams: <\/strong>Contact details, company org chart, and audio or video clips of the individual to be impersonated.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Fake ransom letters sent to executives\u2019 homes<\/h3>\n\n\n\n<p>Criminals never stop innovating.&nbsp;<\/p>\n\n\n\n<p>A <a href=\"https:\/\/cyberscoop.com\/physical-mail-extortion-letters-target-executives\/\" target=\"_blank\" rel=\"noreferrer noopener\">new scam<\/a> is targeting U.S. executives by sending ransom letters to their home and business addresses, falsely claiming to be from a particular ransomware group.\u00a0<\/p>\n\n\n\n<p>Because there\u2019s no evidence of data exfiltration or any standard ransom negotiation channel, these letters are believed to rely purely on fear rather than any actual compromise of company systems.<\/p>\n\n\n\n<p>Similarly, in the past, there have been reports of ransomware groups approaching employees, including executives, directly to <a href=\"https:\/\/www.hitachi-id.com\/hubfs\/Hitachi_ID_Resources\/Marketing_Content_Library\/Infographics\/Infographic__Employees_Have_Been_Approached_to_Assist_in_Ransomware_Attacks_2021_10_23.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">assist in planning ransomware attacks<\/a>.\u00a0<\/p>\n\n\n\n<p><strong>Personal information needed for ransomware-related attacks: <\/strong>Business and home addresses, company org chart.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"scrubbing-executives-personal-data-from-common-information-exposure-sources\">Scrubbing Executives\u2019 Personal Data from Common Information Exposure Sources<\/h2>\n\n\n\n<p>It\u2019s not hard for criminals to find executives\u2019 professional and personal information.&nbsp;<\/p>\n\n\n\n<p>From social media profiles such as LinkedIn to corporate websites and press releases, attackers have a ton of resources for gathering intelligence on their targets.&nbsp;<\/p>\n\n\n\n<p>One of their favorites has to be data brokers and people search sites.&nbsp;<\/p>\n\n\n\n<p>Data brokers and people search sites are companies that collate people\u2019s personal information into a single place. Their customers are mostly marketers who want to better tailor their ads. However, there is little to prevent cybercriminals from accessing personal information on data brokers as well.&nbsp;<\/p>\n\n\n\n<p>Data broker profiles pose a threat to executive cybersecurity because they:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Are easy to find<\/strong> with a quick Google search and are among the first few results shown.\u00a0<\/li>\n\n\n\n<li><strong>Include a lot of personal information<\/strong>, like names, phone numbers, email addresses, employment history, and more. The data available on these profiles is only getting more detailed and is being pulled from sources as varied as public records, social media accounts, breached datasets from the dark web, and more.\u00a0<\/li>\n\n\n\n<li><strong>Are cheap<\/strong> or even completely free to access.\u00a0<\/li>\n<\/ul>\n\n\n\n<p>Removing executive information from data broker sources is an important part of executive protection. It is also a simple step organizations can take to minimize the risk that their executives will fall victim to a cyber attack.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"status-quo-executive-cybersecurity-is-not-good-enough-in-2025\">Status Quo Executive Cybersecurity is Not Good Enough in 2025<\/h2>\n\n\n\n<p>Executive security protection typically consists of two layers:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Executive security training.\u00a0<\/li>\n\n\n\n<li>Technical controls like antivirus solutions.\u00a0<\/li>\n<\/ul>\n\n\n\n<p>The first of these is very failure-prone. Busy executives don\u2019t always have the time to attend security awareness training sessions.&nbsp;<\/p>\n\n\n\n<p>And even when they do, research shows that security training is quickly forgotten unless it happens continuously. According to the nonprofit USENIX, six months after a phishing training session, individuals show <a href=\"https:\/\/www.usenix.org\/system\/files\/soups2020-reinheimer_0.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">no marked improvement<\/a> in being able to distinguish between a legitimate and a phishing email.\u00a0<\/p>\n\n\n\n<p>The second layer &#8211; technical controls &#8211; is meant to catch and remediate cyber risks like malware. They can\u2019t be relied on, either. Often, the threat isn&#8217;t a malicious attachment or executable; it&#8217;s the contents of an email or voice note and the actions that happen as a result.&nbsp;<\/p>\n\n\n\n<p>Phishing emails that don\u2019t contain malicious links or files can <a href=\"https:\/\/blog.knowbe4.com\/nearly-half-of-spear-phishing-emails-bypass-security-filters\" target=\"_blank\" rel=\"noreferrer noopener\">circumvent email security filters<\/a>; \u201cmulti-factor authentication fatigue attacks,\u201d where cybercriminals flood a target\u2019s app with push notifications, can trick executives into authenticating fraudulent login attempts; threats use obfuscation techniques to bypass antivirus and endpoint protection services and tools.\u00a0<\/p>\n\n\n\n<p>Digital risk protection for executives requires another layer of defense &#8211; information removal.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"executive-cyber-security-protection-with-data-broker-removal\">Executive Cyber Security Protection with Data Broker Removal<\/h2>\n\n\n\n<p>Data brokers are an important reconnaissance tool for threat actors and one of the reasons why personalized attacks have become so frequent.&nbsp;<\/p>\n\n\n\n<p>Monitoring for and removing executive personal information from data exposure sources won\u2019t completely isolate business leaders from cyber threats. However, doing so will make it harder for cybercriminals to conduct open-source intelligence and will reduce the number of opportunities for exploitation.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn how opting out of data brokers and people search sites can reduce executives&#8217; cyber risk.<\/p>\n","protected":false},"author":16,"featured_media":7832,"menu_order":0,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"b2b-category":[45],"class_list":["post-7826","b2b-post","type-b2b-post","status-publish","format-standard","has-post-thumbnail","hentry","b2b-category-resources"],"acf":[],"_links":{"self":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-post\/7826","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-post"}],"about":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/types\/b2b-post"}],"author":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/users\/16"}],"version-history":[{"count":0,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-post\/7826\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/media\/7832"}],"wp:attachment":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/media?parent=7826"}],"wp:term":[{"taxonomy":"b2b-category","embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-category?post=7826"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}