Social media offers cybercriminals ample opportunities to social engineer or manipulate people to their nefarious advantage. Many do not consider how much personal information is available online and waiting to be used against you.
Social Media - Not Just for Socializing
Social media platforms are also a breeding ground for fake profile personas waiting to take advantage of you. For instance, LinkedIn has a professional influence unlike other social media sites, often making users less cautious when connecting with strangers. When people willingly make these connections under the assumption of making professional networking contacts, criminals can lure them into divulging personal details and direct them to malicious sites.
Social Engineering is a never-ending weapon for cyber criminals and social media hands them most of the information they need for successful attacks. Cybercriminals can use a quick company search on LinkedIn to find several contacts from a company, including information such as their job positions and email addresses. This quick search gives the attacker a new list of targets to familiarize themselves with for better spear-phishing attempts.
If an attacker wanted to target you personally, they could easily find your favorite hobbies or activities from one or more of your social media profiles. They could then craft a relevant spear-phishing email or text message spoofed to look as if it is coming from a company or person that you commonly interact with.
Always be aware of the information you share with the world, and be cautious of how that information can result in you, or your organization being more susceptible to a compromise.
Stop Look Think - Don't be fooled
The KnowBe4 Security Team