Trust is the foundation of a good relationship – you trust friends to be loyal, sincere, and honest. But when you blindly trust online friends, you could be opening yourself up to cyberattack.
When you hear about a big data breach on the news, you may think you don’t need to worry. You may think, “I don’t do business with that company, so the crooks can’t steal my identity.” Or “my email address and password weren’t involved, so it’s not my problem.” Yet it could be.
One of your friends or family members’ personally identifying information may be hacked. Then, cybercriminals could use that as a stepping stone to get to you.
Reused passwords are a problem
Think you’re safe when you interact with friends and family on Facebook or Instagram? Those aren’t the sites breached?Again, think twice. Many people reuse their username and password on more than one site.
Imagine the bad guys get hold of an individual’s credentials from a malware attack on a major retailer, or they buy that person’s credentials for a banking site on the Dark Web after a breach. The crooks might try the credentials on those sites to see if they can gain access, but they are also likely to try those same credentials on other sites, too. If they can get into the account of one of your friends or family, they caneasily impersonate them.
What to Watch Out for Among Friends/Family
Hackers prey on our impulse to trust others – they have greater odds of success impersonating a Facebook friend asking for help. If a Nigerian prince emails out of the blue and asks for money, most of us know by now to delete the message immediately. But if Aunt Peggy does the same thing via Facebook, you’re more likely to fall for it.
The same thing happens with malicious content. We all know not to click on attachments from people we don’t know and trust. After hacking a social media account, cybercriminals email all that person’s friends. They might say something appealing such as, “you’ve got to check out this latest hilarious video of my son!” We want to see our friend’s son being funny, so we click, and the trouble starts.
One more note: be wary of whom you accept into your “friends” circle online. Adding your niece’s best friend or your work colleague’s husband may seem like a good idea, but, that’s one more possible vulnerability.
Impersonation is not just on Social Media
Impersonations of people you trust aren’t only happening on social media. You might get emails that appear to be from companies you trust, vendors you know, or work colleagues. For instance, you might get an invoice from a company you use. It looks like usual, with the same services listed, but the banking details are different. If you don’t catch on, you’ll be paying the crooks instead of your window cleaners.
Or you might get an email from a “co-worker” asking you to remind them of a password or account number. It seems like a simple request from someone who can afford to be casual about security with you. But don’t fall for a “hey, what was that password again?” request.
Ultimately, don’t rely on that browser lock suggesting a site is secure or the fact that you already know so and so. You may not be actually dealing with that individual. Always confirm, using another method of communication, before sending sensitive info or money.
Remember, if you post something, bear in mind who can read it
We are so used to posting personal things on social media but the obvious needs to be repeated – be wary about how much information you post. Can it be used by someone who wants to know if you are away from home? Can anyone pick up enough information to enable them to impersonate you?
If you want help to secure online interactions and home computing networks, contact us on 01455 209505.