View All Posts

Your Social-Media Activities Can be a Treasure Trove for Hackers


The post you ‘liked’ on Facebook, your alma mater highlighted on LinkedIn … they are all clues that can make you and your company vulnerable to fraud and phishing scams, according to a recent article in the Wall Street Journal (WSJ).

About 60% of the information needed to craft a phishing scam against you is found on Instagram alone, say the experts. By scouring a person’s social media accounts for just 30-minutes, a hacker can find everything needed to scam you.

There are ways to protect yourself and your business. Here are some tips outlined in the article:

Think twice about what you post. Then think again

This is a classic piece of advice for protecting your online security, but it bears repeating. Stop posting private information on public platforms — things like travel plans, personal interests, details about family members or specific news about a work product. That kind of information can be used to gain your trust or deceive co-workers. For instance, a hacker might find out personal histories from your social media, then send a phishing email that says things like: “I’m sorry about your parents’ passing. I feel like I remember you wore sweaters your Mom made at school” gaining your trust, then hitting you with some sort of fraudulent email scam.

Protect your work email

One of the easiest ways for hackers to do mischief in a company network is to compromise your email account to send phishing messages. And one of the easiest ways to stop these crooks is to make sure they don’t get your address in the first place. That means using your work email for work only and never openly on your social-media profiles. In theory, this is easy: On sites like LinkedIn and Facebook, users can keep their emails invisible to anyone but themselves. But most people continue to make them public, thus leaving personal contact information open to data-mining firms or malicious actors. The consequences can be alarming.

Use different profile pictures on different platforms

AI and powerful software programs can quickly search social-media accounts looking for profile-picture matches, as well as other common characteristics across accounts. So if someone uses the same profile picture on different platforms, the AI can connect the accounts allowing hackers to build a trove of information about you to impersonate you more effectively to your co-workers.

Vet people before accepting requests

Not everyone who reaches out with a friend request or invite on social media is who they claim to be. The request may be coming from someone looking to worm into your professional network to pilfer trade secrets, disrupt your systems, steal your identity or just harm your public reputation or brand. It pays to do some vetting on that person before accepting. If you don’t feel comfortable, don’t accept. It’s OK to decline.

Source: “What Hackers Can Learn About You From Your Social-Media Profile” Wall Street Journal, June 8, 2021