Scams involving social engineering are far more common today than ever before. There may undoubtedly be a few items in your mailbox that look weird when you check your emails; these items are most likely phishing emails. It’s a good thing that so many people are aware of the dangers of clicking on these phishing emails today. However, their sheer number begs the question: Where does social engineering come from? Social media is the answer we didn’t want to hear.
Social Engineering and Social Media
Around the world, there are almost 5 billion active social media users, according to the most recent statistics. Each of these users represents a target for hackers. Given how many people are now online, it shouldn’t be surprising that hackers are using social media to trick people into falling for their scams. They specifically make phony accounts to use in one of the four techniques listed below.
Influencing the Public
Many people are easily swayed by what they see on social media. Social engineers take advantage of this to change public opinions. During elections, political parties create fake accounts to spread information that affects how voters choose to vote. Social media posts from these false accounts can spread quickly and influence voters for very little money.
Many posts on social media give you a chance to win a gift if you like or share a page. There are also fake offers from businesses that appear to be closing soon and need to get rid of their inventory. They may say you can win one of their products just by sharing their page. These are usually bogus advertisements.
The first of these social engineering hoaxes surfaced after Steve Jobs passed away. The widely shared post claimed that Apple was paying tribute to Jobs by giving out iPhones and iPads. Millions of users who mistakenly thought they were taking part in a giveaway clicked on the fraudulent link. But when a nasty virus infiltrated their laptops, they knew it had tricked them.
MIPs, or Minimally Invested Profiles
Mass-produced profiles with little effort put into them are usually fake accounts with interesting profile pictures to get people to add them as contacts, mostly on Facebook. Once a connection is made, the hacker will use this phony MIP to post dangerous links on your wall or deliver malware through chat.
FIPs, or Fully Invested Profiles
The goal of MIPs and fully invested profiles is to get people to click on bogus links. A FIP takes more work because it must look legitimate to the target victim. It might pretend to be a legitimate contact, and they might try to trick you while claiming to have made a new account because of being hacked, forgetting their password, etc.
If you are careful, you might spot these fake profiles quickly. Before accepting friend requests, check out each account. Your instincts should raise a red flag if the fake account is young and has suspiciously few friends or updates.
Take Extra Security Measures Against Social Engineering
Even though social media has already ingrained itself into our daily lives, you still shouldn’t use it carelessly. Never get caught off guard when using social media or any other online platform. This affect both your personal and corporate accounts. If you use social media for business, your employees need to know how to protect themselves from online attacks so they don’t become victims.
You can read our Free Ebook we’ve created to evaluate how well-equipped you are to handle social engineering attacks. Give us a call, we can help strengthen your defense and raise your security against social engineering and online dangers if we feel there is room for improvement.