A digital forensics expert has warned that consumers can do more to prevent cyber criminals from targeting them on Black Friday and Cyber Monday, ahead of a new theatre production by Royal Birmingham Conservatoire challenging the idea that 'if you have nothing to hide, you have nothing to fear'.

Richard Hale, Senior Lecturer in Digital Forensics at Birmingham City University, highlighted web cookies as a common weakness exploited by criminals – and security analysts alike.

Hale, who is a former Senior Digital Forensic Investigator and Laboratory Manager with significant experience of working with law enforcement and government agencies, said: 

He says: “With Black Friday only hours away, we become bombarded with offers seemingly directly related to items we’ve been thinking about getting.

“Thanks to the ease of online shopping, we are spending more online than we do in the high street, but unlike the high street, the internet knows what you want. Thanks to a small piece of data called a ‘cookie’, we leave digital footprints all over the web.

“This type of data collection has one sole purpose for online retailers: to help sell you more products - although they would argue it is to enhance your user experience.

“When you first open a website, a cookie or multiple cookies are generated, containing a variety of information. This can include the country you are in (even the city), the type of operating system you are using.

“If a user returns to that website at a later date, the web browser returns that previously captured data to the web server in the form of a cookie. Simply put, this is how when you visit certain sites, it remembers preferences, or even the ‘last item you searched for’.

“Cookies can also be used in a criminal context, exactly as genuine websites do. Scam websites or clone websites want as much of your personal information as they can capture, including, of course, credit card details and personal details.”

“Anyone with enough details of who you are and where you live are already one step closer to identity fraud. Combine that with your credit card details and they have hit the jackpot.

“Using social engineering, criminals who obtain your personal details may be able to impersonate you and convince someone else in order to persuade that person into handing over their personal details or even money. Digital footprints can also be used by government or law enforcement in very much the same way.

“Every action we make on a computer of mobile phone has the potential to allow us to be tracked and a pattern of our movements recorded. Even the most basic of mobile phones can be tracked through the cell network, and of course the smarter the device, the more information can be recovered and therefore used.

“Simple digital hygiene, such as frequently clearing cookies or using a private browser, eg incognito mode as found in the Chrome browser, help to minimise your digital footprints. Also checking the website is displaying the secure symbol (https) before the websites address is good practice.

“I think it’s fair to say that even if we have nothing to hide, would we really be happy with everyone knowing everything about our internet movements? We may be innocently using the internet, but criminals and others could exploit the fact we are not practicing good data hygiene.” 

The expert spoke ahead of a new theatre production, The Haystack, written by award-winning playwright Al Blyth and directed by actor-director Gari Jones. Produced by Royal Birmingham Conservatoire, five performances will take place at the Crescent Theatre in Birmingham in early December.

Featuring two RBC Acting students in the lead roles, the explosive espionage drama - described as a ‘pacy, brainy surveillance thriller’ by The Guardian following is premiere last year - explores the world's data and infinite powers of electronic intrusion, and how we can live freely when advances in technology outpace the law.

The Haystack is at The Crescent Theatre Birmingham, between 1 and 4 December 2021.