There is a trend going around Facebook in support of this year’s seniors who missed out on prom and graduation due to the pandemic. Many users are posting their senior pictures along with the year they graduated, and the school they graduated from. The problem with this trend is it gives hackers information that is commonly used as security questions for banking or other high security websites. Even if a user doesn’t use these specific questions, it gives hackers a head start on information for spear phishing campaigns.
Last year we saw a shift from generalized phishing campaigns to spear phishing campaigns. A general phishing campaign sends out thousands of emails with the hope a small percentage of recipients will click on the link or attachment and become a target of the hacker. A spear phishing campaign differs because they target individual users. Instead of sending out thousands of emails, they are sending single highly detailed emails to known people in attempt to infect their computer or steal personal information. The hackers learn as much as they can about an individual person before sending a phishing email referencing personal information. The problem with this new trend is Facebook users are giving hackers their name, city, and graduation date from which they can infer a birth date. Then users are tagging the post #Classof2020, so the posts are very easy for hackers to find.
The Better Business Bureau raised concerns about this new trend. Below are some tips from BBB on staying safe on social media.
Resist the temptation to play along. While it’s fun to see other’s posts, if you are uncomfortable participating, it is best to not do it.
Review your security settings. Check your security settings on all social media platforms to see what you are sharing and with whom you are sharing.
Change security questions/settings. If you are nervous about something you shared possibly opening you up to fraud, review and change your security settings for banking and other websites.
Source: Better Business Bureau News Release
Quanexus IT Support Services for Dayton and Cincinnati
Request your free network assessment today. There is no hassle, or obligation.
If you would like more information, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on by subscribing to our email list.