Sharing CVs online exposes individuals to significant cybersecurity risks, including identity theft, phishing, data breaches, and misuse of personal information. CVs often contain sensitive data such as full name, contact details, address, education, employment history, and sometimes even a date of birth or national identification numbers, all of which are highly valuable to cybercriminals.

• Identity Theft: Cybercriminals
• use your details to impersonate you, gain access to other accounts, or commit fraud.
• Phishing and Social Engineering: Exposed information can be used in targeted phishing campaigns, fake job offers, scams, or to trick you or your contacts into providing additional information or financial details.
• Data Breaches: Poorly secured recruitment platforms or resume-sharing websites can suffer data leaks. Millions of CVs have been exposed in such incidents, giving criminals access to extensive personal details for illicit use.
• Unauthorized Data Storage and Use: Untrusted or free online tools may store, reuse, or sell your data without adequate protections or user consent, sometimes for AI model training or targeted advertising.
• Physical Security Risks: Including home addresses might expose individuals to physical security threats if criminals target them for theft.
• Professional Harm: Leaked or altered CVs may harm your reputation if inaccurate or outdated information is circulated publicly.

• Only share CVs with trusted, reputable, and secure job platforms—preferably those with relevant certifications (such as ISO 27001).
• Avoid including unnecessary sensitive information (such as full address, date of birth, or national ID numbers).
• Do not use the same password for job platforms and personal email accounts.
• Create a separate email account solely for job-related activities.
• Be wary of unsolicited messages or suspicious job offers, even if they appear legitimate.
• Check the privacy policy and security measures of any CV submission tool, especially AI-based services

These risks highlight the importance of vigilance and cybersecurity-aware behaviour in online job hunting.

• Unauthorized Access: Weak or reused passwords, poor authentication, or publicly shared links can allow intruders to enter virtual meetings, exposing sensitive discussions to outsiders.
• Eavesdropping and Data Interception: Inadequate encryption, outdated meeting software, or compromised devices may allow attackers to intercept audio, video, chat messages, or screen shares.
• Meeting Hijacking (“Zoombombing”): Attackers who obtain access links or meeting IDs can disrupt sessions with offensive content, social engineering attempts, or phishing links.
• Malware and Ransomware Delivery: Cybercriminals can use file-sharing features, shared-chat links, or malicious meeting invitations to deliver malware or ransomware to attendees’ devices.
• Recording and Data Leakage: Meetings may be recorded without participants’ consent, stored insecurely, or inadvertently shared, risking exposure of confidential business or personal information.
• Shadow IT and Unvetted Platforms: Use of unauthorized or poorly secured virtual meeting tools increases risk if those platforms lack strong cybersecurity controls, data privacy guarantees, or rigorous patching.
• AI-driven Threats: Attackers employ generative AI to craft targeted phishing messages or real-time voice/video deepfakes, increasing the success rate of social engineering during meetings.

• Use only reputable, regularly-updated virtual meeting platforms with end-to-end encryption and strong authentication.

• Never share meeting links or passcodes publicly and use waiting rooms to verify participants.

• Limit screen sharing and chat/file transfer to trusted participants.

• Educate users on identifying suspicious links and phishing attempts during or following meetings.

• Regularly review privacy and security settings on platforms and require explicit consent for meeting recordings.

These risks are especially critical for organizations handling sensitive or regulated data, and cybersecurity awareness training should extend to safe virtual meeting practices

Information Commissioners Office (ICO) – For Organisations: For organisations | ICO

Information Commissioner Office (ICO) – For Consumers: For the public | ICO

If you have been the subject of nuisance calls or messages – Report it! – ico.org.uk