Why someone would set up a fake social media profile? The answer correlates with news of cyber-attacks on businesses and other organizations being targeted with advanced persistent threats which has risen sharply over the past two years.
The Register reports “Social engineering via platforms such as Facebook can be one of the early stages of an advanced persistent threat (APT), the latest buzz word on the information security scene and a technique commonly linked to cyber spies operating from China.”
One highly publicized cyber-attack was on Supreme Allied Commander Europe (SACEUR) Admiral James Stavridis NATO’s most senior military official.
It is believed the social media account in his name was “attempt to trick colleagues, friends and family into giving away his personal secrets on the social network”
These cyber-attacks on social media are often used to gather intelligence to crack a password or to gain insight to knowledge based questions or challenge questions. For example:
- What’s your favorite food?
- Where did you honeymoon?
- Your first pets name?
- Name of your first car?
- The name of your elementary school?
- Your father’s middle name?
- Your mother’s maiden name?
All these questions are meant to bypass social media security and replace that used-to-be-secret-obscure word that only you and your parents would know the answer to.
Officers of a company or anyone in a pivotal position like HR or accounting, need to recognize IT security risks and realize while they may not be a NATO commander they do have access to company and client data that may be worth serious money to a thief, competitor or foreign government.
Below are a few social media security tips on how to prevent cyber-attacks
- Keep social media profiles all business
- Limit “lifestyle” information and set your privacy setting to high
- Don’t just friend anyone
- Be cognizant that someone’s always watching and might be using what you post to access your company data
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Personal Knowledge or “Qualifying Questions” as Authenticators
How many times have you forgotten a password? Fortunately the website you were on only needed your username or an email address and they would respond with a few questions for you to answer. Once you responded with what was in the system you then re-set your password and you’re in. Easy peazy. What’s your
- Top Targets for Emerging Threats in 2011
This McAfee Labs list comprises 2010’s most buzzed about platforms and services, all of which are expected to be major targets for cybercriminals in the coming year. Exploiting Social Media: URL-shortening services With more than 3,000 shortened URLs being generated per minute, McAfee Labs expects to see a growing number used for spam, scamming, and other malicious
- What is an Advanced Persistent Threat?
If you’ve ever seen a movie where the bad guys are using ongoing, invasive hacking to spy on their “enemy,” you have some familiarity with an advanced persistent threat (APT). This term usually refers to an attack carried out by a group that targets a specific entity using malware and other sophisticated techniques to exploit vulnerabilities in
- 6 Ways to prevent Social Engineering Attacks
Hacking isn’t just about weak passwords and single-factor authentication. A lot of it occurs because people can be so easily tricked into giving up personal information: the craft of social engineering. Example: “Download this video of Kim K fully naked!” How many men would be lured into clicking this gateway to a viral infection? We
- Social Media Security Risks for Small Business
For more than a decade, cyber criminals have launched countless attacks on banks’ online infrastructure, successfully one-upping security professionals and their clients by creating viruses that bypass existing security measures. In response, computer security companies have continuously updated their technologies to address new cyber threats. However, one major variable that technology cannot control is the human element.
Leave a Comment
You must be logged in to post a comment.