Social Media Gives Hackers Plenty of Ammo
By: Jim Stickley and Tina Davis
April 26, 2019
Phishing, smishing and vishing–oh my! All three of these hacking exploits take plenty of cues from social media websites. These websites give hackers insight and plenty of ammunition to execute highly successful attacks. Information on social media gives hackers the advantage of gleaning personal details about potential victims. This allows them to specifically target individuals based on what they’ve learned about them, including names of friends and contacts, groups or special interests. Armed with that information, emails (phishing), texts (smishing), and phone calls (vishing) are used to pry all kinds of sensitive data from their targets. They use infected attachments, bogus websites, promises of money, threats, and anything else that can motivate a recipient to give up sensitive data. Once that happens, hackers are off to the races–stealing money, credit cards, buying cars and houses–using any way they can get the goods.
We now know that hacks on Facebook alone have exposed the personal data of millions of its users. But it’s not only social media hacking that steals information. Social media sights contain huge amounts of insights about their users, much of it provided by the users themselves. How can chatting with friends, innocent posts, and fun pics possibly be used against you? Very easily. Hackers troll these sites and target account holders and their contacts with specific topics designed to get a response. That photo with a car in the background gives up a license plate number–leading hackers to steal your data from the DMV. Even a picture from inside of a home with a smart device visible can be a jackpot. Hackers isolate and blow up its detail to get the device model and serial numbers. They can trace that data and hack the device. Before you know it, a hacker is contacting you via phishing, smishing, or vishing–demanding a ransom to get your smart home back from his grip.
We all agree social media provides a ton of details. And since the devil is in those details, Proofpoint provides tips to keep individuals from becoming their own worst enemies on social media.
- Spot the bot. They are out, there and hackers aren’t afraid to use them. Bots aggressively spread misinformation, especially via Twitter and Facebook. Look for fake accounts using random names and numbers that frequently repost items, especially if they never provide any original content. Also, be aware of random content popping-up that has nothing to do with the discussion at hand. Bots are infamous on dating apps, but if you pay attention even just a little, you can spot your potential “love interest” as a bot.
- Question questionable advertisements. Bogus ads are designed with you in mind, and the smart thing to do is a little investigating of the sender. Facebook has an “Info and Ads” option that provides information about the sender, including the source of the ad. If it’s at all questionable, discard it–many of these ads are phishing attempts.
- Don’t fall for click-bait with links on Twitter Direct Message or Facebook Messenger unless you know they are from reputable sources. Deceptive links are often loaded with malware and links to phishing sites.
- Check your filter settings. Twitter and email accounts and others have filters to catch spam, bots, and questionable senders. Put the filters on effective settings that you are comfortable using.