How concert lists on Facebook can get you hacked
Cyber security experts are warning people not to partake in the “top ten concert” statuses that are appearing on Facebook.
In them, users list ten concerts that they have attended while including one that they have not been to — leaving friends to guess which one happens to be the lie.
Although the activity seems like harmless fun to many, cyber security experts are warning people not to take part.
Writing for Medium.com, Brian Solis, a digital analyst said that, “in its essence, it could simply be fun, a low investment way to get to know your network and stimulate conversations,” but that, “in some cases, memes can be deceptively dangerous.”
It is often the case for online accounts to ask for people’s first concerts as a security question, and filling out the “top ten” status could lead observers to finding out key information, including passwords.
Solis continued, saying that, “When live shows are added to other information from a user’s profile, hackers can then approximate age, interests, religion to gain access to everything from your password to your financial information and more.”
It is often the case that people are warned not to post holiday photographs on social media sites in case burglars learn of unoccupied houses, although it is hard to prove if houses are targeted as a result of holiday snaps.
But even some of the biggest companies in the world are susceptible to scammers and hackers, as it was revealed last month that both Facebook and Google were victims of a £77 million phishing scam originating from Lithuania.
Both internet giants, who are purportedly at the very forefront of cyber security, were tricked into wiring $100 million into bank accounts owned by a Mr. Evaldas Rimasauskas.
The accused allegedly posed as an Asian manufacturer and deceived the companies for at least three years until finally getting caught in 2015.
The US department of Justice said that, “fraudulent phishing emails were sent to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with [the Asian] company.”
Speaking to the BBC, James Maude at cyber-security firm Avecto, said, “sometimes staff [at large firms] think they are defended, that security isn’t part of their job,” but that “people are part of the best security that you can have — that’s why you have to train them.”
So how can employees and individuals protect themselves from phishing, fraud, and identity theft?
For security questions, it is far safer to provide an answer that is nearly random or definitely obscure. So, if you are asked what your first pet was named, the answer could be something along the lines of “Toast Muncher.”
At work it is important that people don’t generally use accounts with admin privileges for normal day-to-day activities such as web browsing.
When software is installed, ensure that it is from a trustworthy brand and check that it includes programmes that might be able to spy on you — this is especially important if the software happens to be free.
In regards to emails, click on hyperlinks with caution and extreme caution for shortened links. If an offer within an email looks too good to be true, with massive sales or mega low prices, it is likely to be a scam.
Overall common sense is one of the best tools that you can use in the fight against online scams.