Social Engineering and Social Media

This content can be viewed in video format

Social engineering is a broad term that describes tricking people to give out their personal information and gain access to their accounts. Phishing is a popular and effective form of social engineering.  Social media is another way that criminals can obtain information by deception and false trust.

Criminals are always scanning and using social media to gather information about you. In order to stay safe, consider how you use social media. Consider your privacy settings, and the information that you provide to others publicly, privately, and through the use of applications and games.

When using social media consider the following:

Always check your privacy settings so you know what you’re sharing.  Are your posts public or private?  Can friends share them with people who are not your friends?

Can this information be used by others for not so friendly reasons?  A public facebook post saying “Happy Birthday John, 50 today!!” immediately makes John’s date of birth public information. This is a key piece of information for identity theft. Think about the photos that you post, and when and where you post them. It’s not difficult to figure out where you live from previous photos of your house, and that you may be halfway around the world on a month-long vacation, putting your house at risk of break-in?

Some social media apps have fun games and quizzes. However, some of the questions asked are very similar to those asked when you change your password. You could be giving someone lots of personal information and password hints.

Be careful who you ‘friend’ or ‘link’ to. Do you really know them?

Some social media platforms are very job-centric where you can upload your resume. This would provide a wealth of information for someone to launch a cyber-attack against you. Again, be careful what you share.

What you post on social media should always be considered public and permanent. Posting compromising material might lead to personal and professional reputational consequences and can be exploited by criminals.

Always use the Board secured wifi networks in your schools and other board buildings. Be careful with ‘free’ wifi networks. Criminals often set up ‘free wifi’ hotspots in hotels masquerading as the hotel wifi. When you connect they can read your data and steal your credentials and gain access to your accounts.

Some other common social engineering ‘scams’ include:

  • Calling or leaving a voicemail that you will be arrested and legal proceedings will be taken against you..
  • You may get a fake call from ‘Microsoft’ saying there is a problem with your computer and they will fix it free if you allow them to connect to you.
  • Emails saying they are from friends and they are stranded, and need money wired or transferred to them.
  • Scams asking you to be the recipient of a large amounts of money, but your bank details are required for funds transfer. 

Scams asking you to be the recipient of a large amounts of money, but your bank details are required for funds transfer. 

Be careful what you share and how you share it!

Scroll to Top