Security Tips – Social Media Social Engineering

Guest blog from KnowBe4

Social media offers cyber-criminals ample opportunities to social engineer or manipulate people to their nefarious advantage. Many do not consider how much personal information is available online and waiting to be used against you.

Social Media – Not Just for Socializing
Social media platforms are also a breeding ground for fake profile personas waiting to take advantage of you. For instance, LinkedIn has a professional influence unlike other social media sites, often making users less cautious when connecting with strangers. When people willingly make these connections under the assumption of making professional networking contacts, criminals can lure them into divulging personal details and direct them to malicious sites.

Social Engineering is a never-ending weapon for cyber criminals and social media hands them most of the information they need for successful attacks. Cybercriminals can use a quick company search on LinkedIn to find several contacts from a company, including information such as their job positions and email addresses. This quick search gives the attacker a new list of targets to familiarize themselves with for better spear-phishing attempts.

If an attacker wanted to target you personally, they could easily find your favourite hobbies or activities from one or more of your social media profiles. They could then craft a relevant spear-phishing email or text message spoofed to look as if it is coming from a company or person that you commonly interact with.

Always be aware of the information you share with the world and be cautious of how that information can result in you, or your organization being more susceptible to a compromise.

Stop Look Think – Don’t be fooled
(Courtesy of The KnowBe4 Security Team)

To find out more about the KnowBe4 suite of products to help your team build your human firewall or to arrange some simulated phishing campaigns for your team, contact us by email today. Or call us on 0818 987 900.