March 28, 2023

Volume XIII, Number 87


March 27, 2023

Subscribe to Latest Legal News and Analysis

Social Media Enables Social Engineering Scams

The more one uses and shares on social media, the more information is publicly available for cyber attackers to use to exploit users’ personal and professional information.

It is hard for people to realize that every single thing shared on any social media platform is available for friends and foes alike to access and use. It is the detrimental use by criminals that is the concern and subject of this post.

A recent blog post by ISACA author Allen Ari Dziwa provides a great example of how seemingly innocuous posts on social media can turn into a CEO’s nightmare. In the example, the CEO receives an email from his “wife” about a recent golf trip. Since the CEO sees it is from his “wife,” a familiar source of emails, his guard is down, and he doesn’t check to see if it is a malicious phishing email. The result: he clicks on the link provided in the spoofed email and introduces malicious malware into his company’s network.

Social engineering is not a difficult thing to accomplish in just a few short minutes. It is scary to see how easy it is to spoof someone and by using familiarity, trick someone else into believing it is the person who is being spoofed.

Be wary of the information shared on social media and how it can be used by criminals to conduct social engineering scams.

Copyright © 2023 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XIII, Number 33

About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...