Social engineering through social media.
The festive season is here again, and you may be tempted to lose your guard during the merrymaking. You may already be aware of the more sophisticated schemes cybercriminals use to access your private data such as hacking. But there is an even more sinister approach that does not get the coverage it deserves, given its potency. Social engineering involves the use of psychological manipulation techniques to obtain personal information from individuals and perpetuate scams.
In recent years, cyber criminals have found social media to be a fertile ground for social engineering. Typically, the criminals gather personal information on popular sites like Facebook and Instagram and use it to weave a compelling ruse. You may not realise it, but your timeline updates on Facebook and the snaps you post on Instagram can help criminals develop an accurate profile of you.
After developing your profile, the criminal then creates a fake profile with interests that resemble yours. The criminal may make posts and snaps that whet your interest and even entice you to “like” them. Once the criminal has caught your attention, he/she then requests to join your network. You may be compelled to overcome the social distrust for strangers by the similar interests and accept the request. After infiltrating your network, the criminal then proceeds to the next stage of the nefarious scheme.
Fraud and scams
The criminal may then seek to lure you into revealing personal information such as your credit card details or driving license. The criminal can use this information to execute frauds or to blackmail you. A more prevalent tactic involves requests for funding bogus crowdsourcing initiatives and charities. The criminal may forward you an email and request that you send money to the corresponding money transfer account.
In other cases, criminals use the information on your contact list to impersonate a close friend and provide a link requesting you to support a bogus charity. Most social media users are especially vulnerable to donation scams during the holiday season because they are rather benevolent. Do not fall for a fake friend this festive season just because you like their fancy Christmas posts!
Where to next?