The FBI's Charlotte office released an alert describing how scammers can use personal information on social media to break into online accounts, BleepingComputer reports. As people are confined to their homes, many have been drawn to social media where they’re encouraged to share information about themselves, like their pets’ names, the types of cars they’ve owned, and their mothers’ maiden names.
Many of these games are innocent, but they’re also goldmines for criminals seeking answers to account security questions. Even if you haven’t used personal information for security questions, sharing excessive information about yourself can allow attackers to craft targeted social engineering attacks against you.
“The FBI Charlotte office is warning social media users to pay close attention to the information they share online,” the alert states. “A number of trending social media topics seem like fun games, but can reveal answers to very common password retrieval security questions. The FBI encourages you to be vigilant and carefully consider the possible negative impact of sharing too much personal information online.”
People like to share things about themselves online for the same reasons they like to talk about themselves in real life. On the Internet, however, this information is potentially available to anyone in the world. Even if your profile information is only visible to people you’ve added as friends, there are many ways it could still end up on the open internet.
In addition, the FBI advises users to implement multi-factor authentication on all of their accounts that offer it.
“Multi-factor authentication is required by some providers, but is optional for others,” the agency said. “If given the choice, take advantage of multi-factor authentication whenever possible, but especially when accessing your most sensitive personal data—to include your primary email account, and your financial and health records.”
New-school security awareness training can help your employees be prudent about what they share online and how they protect their information.
BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/fbi-says-that-sharing-personal-info-online-only-helps-scammers/