BOSTON — The moments and stories we like to “share” and love to “like” could be putting us at risk for hackers. It's called social engineering - hackers pull information from your social media post and using it against you, your family or even the company you work for.
Boston 25 News took a look at the techniques being used and how to protect yourself.
Cybersecurity expert Bob Adams sat down with a Malden woman named Alison who told us she considers herself an average user of social media.
“I kind of don't really think about what I'm posting. I guess I try not to get too personal, but there's definitely family, friends, all of the above, that are posted,” she said.
She didn’t necessarily realize just how much of her life she left exposed and vulnerable.
Your posts are pieces of a puzzle
Within minutes, Adams was able to find out where she currently works, her past jobs, her current residences, and details on her family members. Adams said that information is being used in all kinds of online attacks, strategically targeting people through this "social engineering."
"Typically, it’s using what's easily available online to do a specific, targeted attack using social profiles, and there's a lot of them,” said Adams.
If you wish your children a happy birthday or your spouse a happy anniversary, an attacker now has those names and dates. Hackers can use that ultra-personal information to tailor a note or email that seems urgent and completely believable from a co-worker or boss. You click on a link in that email... and they've got you.
Blogs or videos on your social accounts can help hackers find your speech patterns. They can mimic what you sound like then call up a relative and ask for ransom when they see you're on vacation.
Fill out a viral quiz on Facebook? You've been hooked there too.
"One of the common things is; oh, post your first pet's name and the street you grew up on, that's your movie star name. What most people don't realize is that's actually your common security questions and answers that attackers now get," said Adams.
'Average' users are the gateway to larger attacks
Alison said she never thought she'd be the target of a hack, but Adams says, that's exactly who these attackers are looking for. Average users can be a gateway to their employers.
Hackers work their way into the heart of a bigger company and get a bigger payout from the scam that started with you. According to Adams, 70 percent of corporate hacks start that way.
How to protect yourself
Adams said one of the most common mistakes people make is not considering who can see their posts.
"Look through your social media and see what's being shared publicly, with friends only, who can actually share things about you. If you're not doing that, you're going to expose yourself,” he said.
His advice is to check those privacy settings and think before you click.
Cox Media Group
