Being stuck at home means we’re spending a lot more time on social media than we once did. Social media helps us stay connected with our family and friends but unfortunately has a downside during times like this. In times of dire need and fear, new opportunities are created for people to be taken advantage of using social engineering. We’re taking calls daily from the public about being compromised and they have no idea how it happened. The answer is often social engineering via social media platforms. In this post, we’ll discuss what to look out for and how to protect yourself.
What is social engineering?
Social engineering is when someone maliciously tries to deceive a person into divulging confidential or personal information. This information is then often used to commit fraud. Seemingly harmless social media trends or games could actually be social engineering attempts.
A few recent examples include sharing your senior photo, answering random surveys, or posting photos of your family members. You may think you’re participating in a fun Facebook activity to support family, friends, and schools or just finding some relief from quarantine boredom. What you’re actually participating in is a data mining exercise via social engineering. In fact, the Better Business Bureau recently warned against participation in some of these social media trends.
Why are social media trends a threat to data privacy?
While a fun way to virtually bring people together, many social media trends, such as sharing photos or answering questions about yourself are actually giving the general public insight into your personal information and answers to top account security questions.
What’s a car that you’ve owned?
It’s great to reminisce about the super awesome car you had as a teenager but remember that many banks and other organizations ask for you to verify a car make and model you’ve owned to identify yourself when filling out forms.
Share a picture of your mom.
We’re sure your mom is amazing. However, a lot of moms have their maiden names listed on their profile. Well, that just answered one of the most common security questions. Even if your mother’s maiden name isn’t listed on Facebook, you’re still identifying who she is and cybercriminals can research from there.
Share your senior photo in support of the class of 2020.
Supporting each other during this confusing time is absolutely important, but this post answers the typical security questions of what your mascot was or what high school you attended. It also provides a pretty accurate estimate of your age. All of this information combined can be used against you.
7 Ways to Outsmart COVID-19 Social Engineering
- Don’t stop having fun out of fear but think twice before posting personal information
- Keep posting pictures but don’t post a picture with a date, school, class, maiden name, etc.
- Avoid posting pictures that reveal security camera locations or alarm panel locations
- Don’t provide answers to security questions you have been asked or used before
- Refrain from posting PII (Personally Identifiable Information) such as:
- Date of birth (even though we all enjoy the birthday love we receive from our social media friends)
- Email addresses
- Phone numbers
- Don’t post vacation countdowns
- When in doubt, if something makes you uncomfortable or second guess yourself, just don’t post it. It’s better to be safe than sorry.