When we think of internet hackers, we tend to conjure up images of surly programmers engaged in intense code-breaking – perhaps that scene where Trinity hacks into the Matrix.
But the brave new world of social networking has given way to an altogether different kind of hacking.
Sites like Facebook and LinkedIn are understandably hot on security. Whenever a hacker finds a technical loophole in the system, the tech guys sew it up instantly. But even the smartest Facebook boffins can’t protect against the weakest link in the site’s security: you.
So-called ‘social engineers’ are a special breed of hacker who lurk in the shadows of your favourite social networking sites and pray on everyday users like you. They rely not on technical savvy, but on mind games. These hackers have put down their programming manuals and turned to their psychology textbooks, in order to use the information on your personal profile to win your trust.
Here’s how a social engineer might go about hacking your Facebook profile, once he’s chosen you as his target:
1. The hacker, who we’ll call Mr H., begins by scouring your list of friends. He’ll pick one who shares a lot of mutual friends with you; let’s call her Nancy.
2. Mr H. will then steal Nancy’s photo and name (and whatever other information is visible to him) to create a fake account – a direct imitation of your friend’s.
3. In his Nancy disguise, Mr H will then send a friend request to all the folk who are mutual friends of both you and Nancy, with a charming little message saying: “Hey. My account was hacked so I’ve had to create a new one. Please re-add me! Nancy x”
4. Once Mr H (wearing his Nancy mask) has accumulated a convincing number of friends, he will go for the star prize, and send a friend request to YOU.
5. Now, it’s unlikely that Mr H has gone to all this trouble to snoop through your photos. If you accept “Nancy’s” friend request and grant Mr H access to your account, this is when he will fall back on the more traditional tools of hacking. Once he is in, My H will now apply hacking software to do something nasty like transmit an internet virus. Alternatively, he might trick you into re-signing into the networking site, and copy your login info.
It seems elaborate but, for the hacker, it usually pays off. So, how can you protect your social network profile?
1. Do not make your friend list public (Mr H. would never have found Nancy if your list of chums was hidden).
2. As tempting as it is to get your numbers up, don’t accept friend request from people who you don’t actually know
3. If your friend asks you to re-add them, check with them in person first
4. If you’re unexpectedly directed to a page that asks you to re-login, check out the URL
5. Think very carefully before sharing any personal data online
Social networks are a boon for your personal and business lives, but think about what information you are posting online – and who you’re sharing it with. Hackers are always looking for an invitation to access your details, so be wary of letting social engineers get into your head – and into your account.
But the brave new world of social networking has given way to an altogether different kind of hacking.
So-called ‘social engineers’ are a special breed of hacker who lurk in the shadows of your favourite social networking sites and pray on everyday users like you. They rely not on technical savvy, but on mind games. These hackers have put down their programming manuals and turned to their psychology textbooks, in order to use the information on your personal profile to win your trust.
Here’s how a social engineer might go about hacking your Facebook profile, once he’s chosen you as his target:
1. The hacker, who we’ll call Mr H., begins by scouring your list of friends. He’ll pick one who shares a lot of mutual friends with you; let’s call her Nancy.
2. Mr H. will then steal Nancy’s photo and name (and whatever other information is visible to him) to create a fake account – a direct imitation of your friend’s.
3. In his Nancy disguise, Mr H will then send a friend request to all the folk who are mutual friends of both you and Nancy, with a charming little message saying: “Hey. My account was hacked so I’ve had to create a new one. Please re-add me! Nancy x”
4. Once Mr H (wearing his Nancy mask) has accumulated a convincing number of friends, he will go for the star prize, and send a friend request to YOU.
5. Now, it’s unlikely that Mr H has gone to all this trouble to snoop through your photos. If you accept “Nancy’s” friend request and grant Mr H access to your account, this is when he will fall back on the more traditional tools of hacking. Once he is in, My H will now apply hacking software to do something nasty like transmit an internet virus. Alternatively, he might trick you into re-signing into the networking site, and copy your login info.
It seems elaborate but, for the hacker, it usually pays off. So, how can you protect your social network profile?
1. Do not make your friend list public (Mr H. would never have found Nancy if your list of chums was hidden).
2. As tempting as it is to get your numbers up, don’t accept friend request from people who you don’t actually know
3. If your friend asks you to re-add them, check with them in person first
4. If you’re unexpectedly directed to a page that asks you to re-login, check out the URL
5. Think very carefully before sharing any personal data online
Social networks are a boon for your personal and business lives, but think about what information you are posting online – and who you’re sharing it with. Hackers are always looking for an invitation to access your details, so be wary of letting social engineers get into your head – and into your account.
0 comments:
Post a Comment