Social media may seem like harmless fun, but sharing even the smallest details with the wrong audience can lead to a hack.
“Be careful what you share and with whom you share it,” said TNTMAX President Frederic Farcy. “We love to see friends’ vacation photos or read about their latest family news on social media, but sharing personal details about our families, our business, and our activities allows hackers access.”
Using information posted on social media, social engineer hackers can build a profile that they can use to trick you into giving them just a bit more personal information they can use to gain access to your accounts.
WHAT IS SOCIAL ENGINEERING?
Also known as “human hacking,” social engineering can be defined as the art of manipulating someone to divulge sensitive or confidential information, usually through digital communication, that can be used for fraudulent purposes, according to Norton.
Unlike traditional cyberattacks that rely on security vulnerabilities, social engineering techniques target human vulnerabilities.
HOW IT WORKS
The social engineer will first gather information about their victims from their social media account(s). This could be names of their children, birthdays, anniversaries, vacation destinations, vocation, restaurants they frequent, etc. They will then pose as a legitimate person and build trust with their victim and retrieve more information that can be used to hack into their account.
- Preparation: The social engineer gathers information about their victims, including where they can access them, such as on social media, email, text message, etc.
- Infiltration: The social engineer approaches their victims, usually impersonating a trustworthy source using the information gathered about the victim.
- Exploitation: The social engineer uses persuasion to request information from their victim, such as account logins, payment methods, etc.
- Disengagement: The social engineer stops communication with their victim and commits their attack.
PREVENTION
“Check your social media accounts’ privacy settings and make them as tight as possible,” said Farcy. “Be careful when posting about your vacation plans, your kids’ names and birthdays, even your pets’ names.”
Though this type of information may seem harmless to post, it can all be used by social engineers.
Additionally, it is important to set your profiles to “private” instead of “public” to limit access from just anyone. Be sure to pause and think before posting to your social media accounts.