Most cyber-attacks are based on the Social Engineering activities of bad actors.
We previously discussed Email Phishing and how to identify and protect yourself.
Today's discussion is about Social Media's role in revealing private, confidential personal and business information.
Social Media is a great way to share information with your family and friends. At the same time, we provide information regarding ourselves to millions of people on Facebook, LinkedIn, and other media platforms. This creates an opportunity for attackers to collect and utilize your personal information to gain trust and compromise your personal and business accounts.
Social Media Threat Scenarios
There are numerous ways attackers can utilize your personal information. Usually, it is dependent on the platform. We will describe just a few of them.
Facebook contains personal information such as your date of birth (birthday congratulations), high school and college attended, and mother’s maiden name. Many online accounts allow you to reset passwords based on security questions. Usually, those questions can be answered using information you have already shared with the world.
LinkedIn is known for business networking. It contains an extensive directory of people working in most US companies. People’s titles, job descriptions, and business email allow attackers to deploy phishing emails targeting specific individuals. Attackers view LinkedIn as a way to identify individuals in the company with access to financial and/or highly privileged information
Another example is Facebook ‘advertising’ that can come from one of your friends' accounts. Clicking on them gives spammers access to your account.
How to Prevent Social Media Threats
We are not able to list all possible protections from evolving threats. Most are common sense recommendations. Here are some of them:
Do not share passwords between social media accounts especially with your work network accounts.
Attackers communicate with you using urgency and fear. Messages that urge you to act quickly should be discarded or ignored.
Do not use public Wi-Fi to access your account. Man-in-the-middle attacks frequently use public Wi-Fi by snooping bad actors.
Use ad-blockers to prevent malicious ads from appearing on your screen.
Do not include everyone as a friend. Be selective only to add people you know and can verify that they are who they say they are.
留言