Today, the new modality of the cyber attacks, is to manipulate the certificates that contain digital information, the personal data area has become the core of these attacks, since the evolution of WEB 2.0 and social networks towards the Generation 3.0 increase the content obtained by the hackers.

The WEB 3.0 provides content in such way, that it can be understood by computers that are capable of emulating and improving the obtaining of information, which until then was reserved.

This means that it's about giving "meaning" to the web pages with the necessary amount of personal information.

That is why future IT threats will not focused on including Trojans and spyware systems in software, they focus on manipulating the meaning of virtual content.

The WEB 3.0, which is based on concepts such as sharing, elaboration and meaning, represents a challenge for the hackers, sincd they have chosen to modify this virtual content, causing confusion for the user and therefore intrusion to the systems.

This threat no longer asks for the "homebanking" key, at is simply modifies the balance of their accounts, frightening the user and from there, steals the capital or their personal information.

The attackers obtain the information from user profiles in a lawful manner, such as: tracking searches performed, geo positioning of mobile phone, browsing histories, analysis of images uploaded to the Internet, among much more information that the user offers in a conscientious manner.

To avoid this new wave of custom attacks that are more subtle, we recommend:

• Keep your antivirus applications activated and updated.
• Don't carry out a commercial operations on computers for public use or in open networks.
• Check your attachments received by messages or suspicious users.
• Never download files of dubious origin
• Avoid the DM (Direct Message) of strangers in your social networks.

National legislation currently requires to the companies, public and banking institutions, to implement a security policy, protecting user information, avoiding theft or loss of information quality.

These systems generally deal with the security access to data and your resources, with tools like control and identification, which allow operators to have only the necessary permissions for the handling of personal data and information.

Develop a security policy

It is necessary that companies have an information security policy and it is very convenient at this time, as it will help them to:

• Elaborate procedures and rules for each service offered within the company.
• Define what people will have to contact in case of a information breach.
• Stipulate the actions to be followed in the case of possible intrusion.
• Grant limited access rights to the IT department.
• Instruct the IT department on problems related to the security of computer systems.

Deriving to the company's board, any problem and relevant information on security breaches and getting the necessary strategies to avoid them, will greatly increase the security of personal data.