Data aggregation firms gather information on human beings and sell data to marketing companies, insurance companies, creditors, even employers.
Sources of information include public records, loyalty programs, credit and gift cards, social media, web searches, apps, facial recognition of who is in your photos, and more. Read those privacy policies.
As expected, there is information about your date of birth, schools you attended, previous addresses, phone numbers, employment history, email addresses, schools, degrees, certifications, nicknames, relatives, etc.
Tracking your spending identifies hobbies, favorite foods on the menu, flavors of ice cream, the brand of clothes, movies you watch, etc.
Travel information includes flight history, hotel stays, rental car history, and makes and automobile models you prefer.
Attackers access that information, combine it with stolen passwords, and they can craft the most convincing email messages imaginable.
Tip: When a website asks you to provide secret answers such as your favorite songs, sports, and movies, make up bogus answers to those secret answers. Make them different for each website, and keep an encrypted document on your computer with the answers you used. Your favorite sport might be playing golf on Mars.
Please forward this message to your friends, so they know that, even though an email message or text seems completely convincing, an attacker may be targeting them with the information they’ve accessed from data aggregator databases.