People love to post photos of their vacation. For an attacker, these are both added benefits. The message will be even more effective if it’s coming from a fake account impersonating someone you know, or, better yet, the real account of a connection after it’s been hijacked. Attackers drive users to phishing pages and malware exploits with this tactic. For example, if a hacker knows you’ve been to a Radiohead concert, the message, “did you see Radiohead’s newest song? Just dropped today!” will have a much higher chance of success. Armed with your personal information, an attacker is well-equipped to customize a message for you that looks legitimate. They sound strikingly like viral social media quiz questions, don’t they? Social engineering attacksĪny information you posts on social media can also be used by an hacker as they craft a social engineering attack.
Security questions are often things like the name of your first pet, the street where you grew up, your highschool mascot, your favorite author or you childhood hero. Hackers also use data gleaned through over-sharing to guess security questions and break into accounts that way. Passwords are often only marginally more complex than that a dog’s name or a street name paired with “123.” Attackers use automated tools to test combinations of keywords - things you might have happily disclosed in you social profile - to rapidly guess thousands of combinations of passwords. The most commonly used password in 2020 was “123456,” followed by “123456789.” Attackers can simply try the first 25 most common passwords and succeed a whopping 50% of the time. Hackers look for any information that they could use to guess passwords. After all, the networks encourage users to fill out every possible field on their profile, including some of the more sensitive ones.Īttackers can use this data in three main ways: Bruteforcing passwords
Most people know not to post pictures of their credit cards or disclose sensitive login of financial information, but a surprising number of people post their phone numbers, home address and more on social media. Posting publicly about vacations, family, personally identifiable information (PII), or your physical location can, in some cases, put you at risk.
Over-sharing not limited to viral quizzes or trends.
0 kommentar(er)
