Phishing emails filled with typos from Nigerian princes who promised millions of dollars tricked plenty of people in the past, but now these scams are a punchline. Scammers have had to step up their game to trick people, and they certainly have. Phishing emails are getting more sophisticated and targeting people with personal information the scammers find on social media.
Hackers can also use the information you’ve shared on social media for social engineering. Social engineering is when a scammer tricks you into believing something for fraudulent purposes. An example might be a call from a support technician telling you that your computer has a virus, and then they trick you into giving them access to the information on your machine or money to falsely fix the problem.
With oversharing on social media, scammers can take their tricks to the next level. With information from Facebook or LinkedIn they likely have enough information to convince you that they are friends of your friends, or someone you work with. They’ll see if they can get you to provide even more information. When the Twitter accounts of celebrities like Elon Musk, Jeff Bezos, and Barack Obama were hacked, it turned out that the hacker may have used LinkedIn to target individuals who worked for Twitter. The 17-year-old hacker simply called employees saying he was from the company’s tech support area and needed to check their computers remotely = and of course needed their password to do so. He knew the names of supervisors and co-workers and was able to convince several employees into telling him their passwords. With this information, he was able to hack into these famous Twitter accounts.
In addition to social engineering, phone calls and targeted phishing emails with personal information are also up at least 15% over the past year.
So, what can you do to protect yourself and your information? You can start by just Googling your own name and seeing what comes up. Or create a second social media account and check your profile to see what a stranger can see. If the amount of information you see makes you uncomfortable, you can change your privacy settings.
Next, don’t use personal information and passwords hackers know you probably use, such as a name or a date that’s important to you. A lot of Facebook quizzes or list memes are designed to get you to overshare information about yourself. It’s not a coincidence that they try and get you to answer questions that are the same types of security questions you get when you need to reset
a password.
Be skeptical of any phone call or email from anyone that you don’t know directly, even if they have some pieces of information about you. If you’re not sure, you can use a service such as Social Catfish, which will research the individual who has contacted you. Don’t give them any information. Try a different channel to contact the friend co-worker or trusted source directly to check the information the potential scammer might be giving you.
Scam emails and phone calls are not as obvious as they used to be either but know what information about yourself might be available on social media and look for hints that they might be trying to use your personal information against you. Share this information with friends and relatives to help them avoid becoming a victim as well – since it could end up impacting you as a connection on social media.
How to Remove Personally Identifiable Information from the Web
One of the best things you can do to protect your identity on the web is to remove any personal data that’s out there. After securing your social media profiles, there are several services you can subscribe to that will automatically remove personal information related to you from public websites (such as people search engines) and private databases. These services will regularly send requests to data brokers on your behalf, because records tend to reappear once removed. These services will also ask data brokers to add your profile to their suppression lists to make sure your name is never listed again.