Facebook or any social media can be used as an social engineering tools against you

Send this article to all of your Facebook friends.

Social Engineering means your social information cracking method for making your online identity vulnerable. Now-a days it is becoming a major tools to break your online status. Sometimes hackers, spammers are stealing your information found on various social community portal like Facebook, MySpace etc.. They are being concern about your information.

According to Internet World Statistics (31 March’2011) there are approximately 922,329,554 internet users in South Asia. And 131,556,800 Facebook users are active in this digital world. But some recent research says that we are not concern about our privacy at all. Just think, when you are going to register yourself on Facebook or other site then have you ever read their terms and conditions about their site. I think the answer is ‘No’. It also happen to me. But which tools or which service you will use for long term period then shouldn’t you read their terms and condition first. Have you ever read their privacy policy because you are giving many more information about yourself that is even your photography, your status, what you are telling to your friends. The authority is taking the information from you. But shouldn’t you check it out that what you are giving them what the authority is doing with your information. Of course you should. But you don’t. That’s why recently many many news are publishing throughout the internet that ‘my Facebook account has been hacked’, ‘my email account has been hacked’, ‘my credit card information has leaked’. But who are stealing your information and who are cracking your online tools slowly one after another they are using and tracking your social information. Basically this is called social engineering. When I was reading the books ‘Hacking for dummies’ by Kevin Beaver then I have first learned about ‘Social Engineering’ from then I am being more conscious about that issue.

 

“Social engineering takes advantage of the weakest link in any organization’s
information security defenses: people. Social engineering is
“people hacking” and involves maliciously exploiting the trusting nature of
human beings to obtain information that can be used for personal gain.”

According to the ‘Hacking for Dummies’ by Kevin Beaver there has been given some example of social engineering. Those are:

– False support personnel claim that they need to install a patch or newversion of software on a user’s computer, talk the user into downloading the software, and obtain remote control of the system.

– False vendors claim to need to update the organization’s accounting package or phone system, ask for the administrator password, and obtain full access.

– Phishing e-mails sent by external attackers gather user IDs and passwords of unsuspecting recipients. The bad guys then use those passwords to gain access to bank accounts and more. A related attack exploits crosssite scripting on Web forms.

– False employees notify the security desk that they have lost their keys to the computer room, receive a set of keys from security, and obtain unauthorized access to physical and electronic information.

Sometimes, social engineers act as forceful and knowledgeable employees, such as managers or executives. At other times they might play the roles of extremely uninformed or naïve employees. They also might pose as outsiders, such as IT consultants or maintenance people. Social engineers often switch from one mode to the other, depending on the people they speak to.

Now most of the Bangladeshi are using Facebook very much regular user they are going to be. But I think 10% of them are not aware of this kinds of alert. Many of my friends regularly tell me that they are facing problem with their online activity. Somebody are trying to get access to their account.

In this case, I have found some suggestion that is-

– Be aware about what you are going to enter into.
– Read more and more about what you are going to use for long term.
– Always practice to think that in your social network there are real and also fake personnel (can be).
-Think about what you are giving or posting . Those can be used to make your life vulnerable or not.
– Don’t try to be fully social by only using Social sites
– Tell also your friend not to speak more about your closest information
– Don’t even talk about where are you linked in or what is your duty their.
and so many more..

Actually to protect yourself you have to practice to hide you behind your activities that’s the core point. Publish everything but keep it more hidden. How it is possible? right? Yes. it’s depending on your own strategy. Just read about what’s going on the web. Keep you updated with the latest security bugs about what you are using. And know more about where are you and which things are using regularly.

This article is for all users who are the ‘Internet Citizen’ that means who have minimum one usage of internet.

I will more pleased if you asked me for any more suggestion about to protect your information from Social Engineering techniques. Read my website regularly and read my articles.

Shaharia is a professional software engineer with more than 10 years of experience in the relevant fields. Digital ad certified, cloud platform architect, Big data enthusiasts, tech early adopters.

Site Footer