Since the early days of the Internet, it has provided multiple ways for people to communicate with one another.  It began with e-mails, then instant messages, then social media, then video chats which led to phone video chats. As the internet has evolved, it has also become the central place to do just about everything, including retail shopping and ordering food delivered right to your door.  The internet connects you to new people, digital assets, information, and so much more, which is why the internet today has become the most popular target for hackers and scammers to run their cons.

Hacking today goes far beyond the typical brute force password guessing and standard types of viruses, like key loggers or worms.  These means of gathering information are hardly needed now in the age of social media, where people all over the world freely post personal information to personal blogs, and social media sites, like Facebook, Instagram, LinkedIn, and loads of other social platforms.

Today, there is a plethora of information already available to online scammers who can get it with a simple friend request or by following you online.  This voluntarily offered user information can be used in various methods of hacking and is what we refer to as ‘social manipulation’.

How Does Social Manipulation Work

Social manipulation doesn’t require expensive computer equipment, hacking tools, or sometimes, even a computer at all.  All that’s needed is the right information, a persuasive story, and a naïve victim.  It has become a favorite amongst online scammers today.

It’s easy enough for a scammer to follow your online social profiles, like Twitter, or Instagram.  If your account is public, then they just hit the follow button and watch what you are posting online.  They can also create fake profiles for Facebook and social media platforms that do require you to accept them as a friend.  They may be that “long lost high school friend” looking to reconnect, or a friend of a friend.  Once they are friends with you online, they can scrape personal information you have on there, like e-mail addresses, phone numbers, pictures, and other information they could use.

After gathering enough data, the scammer moves on to using the information to manipulate people who may be your cell provider, your bank, or credit card holder.  A scammer may figure out from online postings who your phone provider is based on your posted tweets.  Once they do, they can contact whoever it is, claim to be you, and state that you have forgotten your account password.  In order to verify your identity, they can then provide the representative with the information they may have gathered from those social media sites and other online sources, guess your security questions (again, based on your private information that they have gathered about you on your online profiles as well as some internet browsing on you and your family). After succeeding, and they have gained access to your account, they may order a new sim card for a different phone and continue the scam on other levels.

Cell phones are a popular target for online hackers.  It gives them a better means of deceiving other sources, like financial providers and even friends and family, of thinking it’s you.  Online hackers use social manipulation because they know that humans are emotional creatures.  There is no software patch that can stop people from feeling frustrated or sympathetic to another person.  Luckily though, you can follow some simple ways to protect yourself from these types of scams.

Protecting Yourself from Social Engineering

You should ensure that all of the devices you connect your social media accounts with are running a good anti-virus program.  Also, limit the amount of information you share online – your followers and friends really don’t need to know that you are currently at the gym at this time every day or that you are visiting family in Chattanooga, Tennessee from this date to that date for your brother’s wedding.

Many online platforms have a way to help secure your social media accounts.  Facebook allows you to control what information people can see based on if they are friends or family, for instance.  You can also always choose to not accept incoming friend requests, allowing you to better control who can be friends with you online.  Always create strong, unique passwords and use a password manager, like RoboForm or LastPass, to manage your passwords for you securely.

Protecting your social media accounts is a good step, but it’s also important to lock down your mobile devices as well.  Avoid answering random text messages that include links in them.  Most cell providers also allow you to set up a PIN number or passphrase that must be used in order to make changes to your data or phone plan.

Avoiding social engineering scams in the workplace is just as important as in your daily personal life as well.  Utilizing a managed IT services provider can help make the difference when it comes to monitoring and securing your business’s computers and IT.  Always report any security incidences you come across and have a policy in place for data loss or possible phishing scams for you and your employees.  Use common sense and stay alert for potential scams.

By following these practices, you can stay one step ahead of hackers and online scammers by protecting your information.  If you want to learn more about how you can stay safe online, subscribe to our newsletter.