Cyber Security: Beware of Social Engineering to Protect Your Password

Not all security breaches are data leaks, hacked databases or callers claiming to need private information.

Sometimes it can even feel like fun. If you’ve ever taken a quiz online like “Which Harry Potter character are you?” or posted answers to questions about your teen years (your first car, first concert, etc.) as all your friends were doing at the time, you may have fallen prey to social engineering. It’s a particularly subtle type of con: Luring you, under the guise of fun, into readily giving away information that can be used to commit fraud.

Social engineering is the psychological manipulation of people into performing actions or divulging confidential information, and it is rampant online. Those quizzes get people to give up information that may give a hacker clues to what your passwords might be or answers to your security questions. These hints are also useful for hackers who create links that launch malware. Once they know your first concert, they know serving up a link like “Everyone’s raving about this unreleased Red Hot Chili Peppers song from 1982” may be the perfect set-up.

Some of the most successful ploys are featured on sites we generally trust and readily share on – which makes Facebook an especially ripe place to spread these tricks virally. (We’re all friends there, right?)

So think twice the next time you see a #firstsevenjobs quiz. It may be a trap for oversharing, giving hackers just the information they need to commit their next crime.