Most people would agree their lives are beyond busy. From working a 40-hour week, to raising children, to daily household chores, sometimes it feels like we don’t have a moment to breathe.
Yet, most of us manage to spend almost two hours a day on various social media platforms. It’s where we catch up with friends and family, read a news story, or even watch a video on how to make a Halloween costume. Interestingly enough, in a lifetime, one might spend a total of five years and 4 months on social media!
But, how much is too much about the quantity and quality of information we’re sharing? When we’re posting pics of our dogs or checking in to a restaurant, we feel like we are amongst friends, but that’s not always the case.
Types of Social Engineering Attacks
Social engineering is the process of hackers gathering information from your interactions to tap into your emotions and cultivate malicious attacks. While you were liking your bank’s Facebook profile, a hacker may have picked up on that and pieced it together with other information about you to come up with possible answers to your security questions like your dog’s name, anniversary, etc.
5 Examples of Common Social Engineering Attacks
- Baiting – You’ve been planning your vacation for months, and suddenly you notice an ad that promises free plane tickets if you click it to take a survey. Potentially, that ad leads to a malicious site that encourages you to download a malware-infected application.
- Scareware – You’re browsing an app when all of a sudden you see a message pop up that your phone may be infected with a harmful virus and offers to install a tool or direct you to another site where your device may actually become infected.
- Pretexting – You receive a call from someone indicating they are from the IRS, or the police, or your bank asking you questions to confirm your identity such as social security numbers, addresses, and other personal identifiable information.
- Phishing – You receive an email or text alerting you to take immediate action on your bank account by prompting you to change your password. The look and feel is nearly identical to what you’d expect to see from your financial institution, but it includes a link to a malicious website.
- Spear Phishing – You receive an email from one of your co-workers with a link to view pictures from a retirement party you recently attended. Everything about the email seems legit, but it potentially is a hacker impersonating this person you trust. The link redirects to a malicious page.
Preventing a Social Engineering Attack
There are a number of things you can do to reduce your risk of being a victim of a social engineering attack.
- Set your account to private – Control what you want to be seen and whom you want to see it
- Don’t overshare – Providing too many details in your posts only gives hackers more ammunition
- Be careful with online quizzes – Do you really need to know who your 80s movie boyfriend is? These quizzes gather information on your personality, likes/dislikes, etc.
- Don’t provide information if you don’t have to – You don’t need to fill out your full profile on Facebook to engage with others
- Use complex passwords – Stay away from your cat’s name and avoid using “Password”. Try a combination of symbols, numbers, and letters for a less-suspecting password
- Avoid suspicious friend requests – Don’t accept friend requests from people you don’t know. Scammers can use this information to gain access to your identity