Professional social media sites encourage users to share educational history, employment history, job titles and location - information that is very attractive for attackers.
LinkedIn is known for being the medium of employees inadvertently leaking information from their employer. In early 2015, engineers for chip manufacturer AMD inadvertently leaked details about next generation hardware.
Attackers have been known to create false profiles in order to 'befriend' users of social media sites by posing as a company or industry insider and then use their new 'friends' as an information source.
Users are advised to avoid becoming social media friends with anyone that is not a bonafide acquaintance but when that cannot be done to check profiles and credentials of new online friends.
Do as much checking and cross-checking of information as possible - if a profile claims that a user went to a certain university in a particular town, check that both the town and university exist, likewise businesses.
To avoid becoming a target, users are advised to avoid divulging more information than is necessary to the wider world - most social media outlets provide some form of privacy feature whereby users are able to hide the bulk of their personal details from the front page of their profile.
0 comments:
Post a Comment