Social Engineering attacks are dangerous because attackers use unexpected psychological manipulation to trick victims into making security mistakes. Typically, these attacks use personal data and background information to gain trust and provide authority for their inquiries. They leverage this misguided trust to trick victims into providing access to accounts and infrastructure.
Therefore, it’s so important to keep your personal information private and put in place a preparedness plan whenever a vendor has a security leak. But what happens when you, or your customers are victims of a security breach at one or more Social Networking platforms? A great example surfaced recently when a trove of personal data on over 500 million Facebook users was published to a known hacker website.
A user in a low-level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free. The exposed data includes the personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and, in some cases, email addresses.
Although this data looks to be from 2019, most people rarely change credentials or information so this could impact you. You can check to see if you’ve been compromised by going to haveibeenpwned.
Here are some general guidelines you can use as part of your communication with staff and customers:
- Do not open email attachments from suspicious sources even if they pass malware scans.
- Use multifactor authentication such as 2FA and Youbikey. DomainSure supports both!
- Be skeptical of offers that are super attractive or seem too good to be true.
- Keep your antivirus and firewall software up to date. A given but sometimes overlooked point of ongoing security maintenance. If you do not use these yet you should immediately take steps to put them in place.