Social Engineering: Threats of Social Networking

There are two types of social engineering techniques. The first is computer-based – like phishing emails, scams, emails from friends that contain malware downloads, phishing links, and baiting. The second is human-based, which can include things like an impersonation of an employee with access and/or dumpster diving for information.

The newest threat to Internet security is the rise of social networking sites like Facebook, Twitter, and LinkedIn – where personal information is shared freely. These sites give social engineers easy access to important names, places, birth dates, and job information they can use to gain access to your personal and sensitive information.

Only you can prevent social engineering threats! Here are some tips to protect yourself:

  • Beware of attachments. Even if they are coming from a friend, only open them when you know the sender and are expecting to receive them.
  • If it seems too good to be true, it is probably a scam. There are many foreign offers that are scams, and that should immediately be deleted.
  • Set your spam filter to high. This keeps possible phishing emails out of your inbox, so you are less likely to open them.
  • Install anti-virus software and firewalls on your computers. Also, make sure your anti-virus is updated automatically or as soon as updates are available.
  • Keep all your social networks private. Only share with people you trust and know personally.
  • Limit the amount of information you share. It’s tempting to share everything, but it makes you more vulnerable to social engineering attacks.
  • Use strong and unique passwords. Do not use the same password for every site and use an unlikely combination of uppercase and lowercase letters, numbers, and symbols. An example would be BeEthoVeN_0731.

Have questions? We're here to help!

If you have questions about cybersecurity, or if you want to learn more about how to stay safe online, contact the Information Security Office (ISO) at: