How Sharing Personal Information Helps Scam Artists

iStock-1061357610 (1)The FBI's Charlotte office released an alert describing how scammers can use personal information on social media to break into online accounts, BleepingComputer reports. As people are confined to their homes, many have been drawn to social media where they’re encouraged to share information about themselves, like their pets’ names, the types of cars they’ve owned, and their mothers’ maiden names.

Many of these games are innocent, but they’re also goldmines for criminals seeking answers to account security questions. Even if you haven’t used personal information for security questions, sharing excessive information about yourself can allow attackers to craft targeted social engineering attacks against you.

“The FBI Charlotte office is warning social media users to pay close attention to the information they share online,” the alert states. “A number of trending social media topics seem like fun games, but can reveal answers to very common password retrieval security questions. The FBI encourages you to be vigilant and carefully consider the possible negative impact of sharing too much personal information online.”

People like to share things about themselves online for the same reasons they like to talk about themselves in real life. On the Internet, however, this information is potentially available to anyone in the world. Even if your profile information is only visible to people you’ve added as friends, there are many ways it could still end up on the open internet.

In addition, the FBI advises users to implement multi-factor authentication on all of their accounts that offer it.

“Multi-factor authentication is required by some providers, but is optional for others,” the agency said. “If given the choice, take advantage of multi-factor authentication whenever possible, but especially when accessing your most sensitive personal data—to include your primary email account, and your financial and health records.”

New-school security awareness training can help your employees be prudent about what they share online and how they protect their information.

BleepingComputer has the story:

Find out if your organization's MFA solution
can be hacked by the bad guys now!

Did you know that all MFA mechanisms can be hacked, and in some cases it's as simple as sending a phishing email? That's why it's important to know the exact security risks your MFA solution has and how your users' accounts may be compromised.

masareport-thumbHere's how MASA works:

  • You will receive a custom link to take your assessment
  • Answer a series of technology questions relevant to your MFA solution
  • Get an instant high-level snapshot of potential risks with your MFA
  • Receive your in-depth report packed with actionable insight and detailed analysis on specific MFA attacks and tips for your top defenses 

Assess My MFA Solution Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews