How Criminals Are Exploiting Social Media
You’ve all heard the warnings about what you post on Social Media Sites, and how it can affect your personal safety, but have you stopped to consider how it might affect your business?
In Trustwave’s 2013 Global Security Report they addressed this very concerning issue.
For those who watch Burn Notice and see spy Michael Weston manipulate scenarios to his advantage this kind of social engineering seems like the sort of game that only works on TV shows or the movies. But the reality is real life criminals are using the same social engineering tactics with the aid of unsuspecting employee’s and contractor’s social media posts to commit crimes every day.
Having an open Facebook page where you post your place of work might not seem harmful, but when combined with co-worker information from LinkedIn, pictures on Flickr or Instagram, and “check-ins” on Facebook or Foursquare a savvy criminal has a very clear picture of your business, possibly without every setting foot inside.
From pictures posted, he knows what your company’s ID badges look like, what names to drop if trying to gain physical access to your premises, and what bars and restaurants to hang out at to eavesdrop and gain additional information or to steal laptops or cell phones.
Outside contractor’s or third party vendors can also inadvertently provide valuable information to criminals. In a case outlined by Trustwave a business’s architecture firm, found via Google search, had redesigned their headquarters and posted a case study including photographs, and blueprints online. Clearly the architectural firm had only intended to add to their portfolio of work, but had unintentionally provided the criminals with a full layout of the building, security details, and information on the types of servers as some of the pictures included were of the newly redesigned and fully equipped server room.
Social engineering attacks utilizing Social Media are likely to grow in frequency and severity. Sure it’s fun to watch Michael Weston use these tactics for good, but the last thing you want is a criminal using these tactics to harm your company.
We recommend every business create and uphold a very clear Social Media Policy along with their Electronics Acceptable Use Policy.
If you have any concerns about your company’s Social Media or Electronics Acceptable Use Policy, call or email Top Speed today and we’ll help you make sure you’re protected!
[whohit]ExploitingSocialMedia[/whohit]