Why Do People Keep Falling For Facebook Hoaxes?


Falling for social media hoaxes indicates a deeper underlying need for online awareness, according to Ben Yelin from the University of Maryland Center for Health and Homeland Security.

Yelin joined the CyberWire’s Hacking Humans podcast to discuss why people continue to fall for Facebook posts which claim that you can prevent Facebook from using your information by simply copying and pasting the text into your own post.

“In the past, I've also seen people I went to law school with or people who really should know better,” he said. “To think that by copying and pasting something onto your Facebook profile, your Instagram profile, that you're granting yourself any sort of legal rights is just hilariously preposterous....You would think that the people who are posting this would have come into contact with this in the past and would realize that it was a scam.”

Yelin added that the fact that intelligent people can still fall for such a well-known hoax has much wider implications than simply irritating people on social media.

“To make a broader point, the fact that people can't see the warning signs that this is a fake post is kind of deeply concerning to me,” he explained. “Especially when you have things like ransomware attacks, they come from posts that look an awful lot like this, from disreputable email addresses, a lot of capitalization, changes on fonts, you know, scary-sounding warnings about an action that must be taken. And if people are falling for something so obvious like this, what's to stop, you know, somebody who works for a city government, for example, from clicking on an email and bringing down an entire city's digital infrastructure?”

Yelin concluded that everyone needs to get better at vetting the information they see online. This hoax in particular should be very easy to debunk if people would get into the habit of verifying a claim before acting on it.

“If you have any doubts as to whether some social media warning is true, first of all, it's almost certainly not true,” he said. “Second of all, paste it into a Google search. You can immediately see that this has been a long-running consistent Internet hoax that has been debunked by reputable news organizations. Think before you post, I think, is the advice summed down into three words. And just have a better BS detector. It's just incumbent on all of us to be able to identify BS like this.”

Everyone is susceptible to social engineering, and you can’t know how vulnerable your organization is unless you test your employees. New-school security awareness training can highlight your organization’s weak spots while improving your employees’ resistance to social engineering attacks.

The CyberWire has the story: https://thecyberwire.com/podcasts/cw-podcasts-hh-2019-09-05.html

Free Social Media Phishing Test

Would your users fall for a phishing email that looks like it originated from a credible social media site such as Facebook, LinkedIn or Twitter? Attackers use social media to target both your brand, your users, and even your customers by distributing malware or using social engineering to phish for credentials. These platforms have become a goldmine for the bad guys to carry out social media phishing attacks against your organization. Don't get hacked by social media phishing attacks!

SPT-monitorHere’s How the Social Media Phishing Test works:

  • Immediately start your test with your choice of three social media phishing templates
  • Choose the corresponding landing page your users see after they click
  • Show users which red flags they missed or send them to a fake login page
  • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

Go Phishing Now!

Don't like to click on redirected buttons? Copy & paste this link into your browser:

Subscribe To Our Blog

Weak Password Test Contest

Get the latest about social engineering

Subscribe to CyberheistNews