ITP Techblog

Brought to you by IT Professionals NZ
« Back to Security & Privacy

Social media meets social engineering

Paul Brislen, Editor. 22 July 2020, 7:23 am

The hack of numerous Twitter accounts has clearly rattled many but the vast majority of users remain bemused with many asking "so what?" If your social media account gets taken over does it really matter?

For many, social media is now their primary source of news and information. On a global scale, people use social media to stay in touch not only with friends and family but with workmates, with employers and with political leaders. The thrill of being on the inside and breaking news first extends beyond professional media to those eager beavers who share content widely without first verifying its truth or accuracy.

While that is largely ignored from a social point of view, when politicians or business leaders are spear-phished the ramifications are huge for those in their network.

Former Techblog editor Juha Saarinen has a full rundown of the risk such attacks may generate on a global scale, especially if the hackers act in a more subtle, less obvious way, but users of another social media platform are just as vulnerable and, during our strange new COVID-induced world, this gives attackers another vector to play with.

Last year LinkedIn deleted more than 21 million fake accounts in just six months as the professional connections platform moved to tackle the rising tide of would-be connections.

These accounts, set up to provide a way for ratbags to connect with you and, potentially, engage more directly in the hopes of securing some advantage, are generally easy to spot and if you do receive a request from someone you're sure you already connect with, it's worth checking with that person via another channel.

But those are only the obvious fake accounts. What about the more subtle requests?

While LinkedIn recommends users only accept connections from those people they actually know, many of us receive connection requests from people who have worked in the same organisation in the past, who went to the same school or university and who work in the same field.

It's not uncommon to accept such requests (at least in this user's experience) without doing much actual research on the basis that networking is part and parcel of business, but users may need to step up their game somewhat.

As social media-like platforms flourish and we connect with those within our organisations and beyond using new apps and services to work together more readily, it's worth taking the time to ensure we are doing so in a secure manner.


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio