Facebook or any social media can be used as social engineering tools against you
Social Engineering means your social information cracking method for making your online identity vulnerable. Now-a days it is becoming a major tools to break your online status. Sometimes hackers, spammers are stealing your information found on various social community portal like Facebook, MySpace etc.. They are being concern about your information.
According to Internet World Statistics (31 March’2011) there are approximately  922,329,554 internet users in South Asia. And 131,556,800 Facebook users are active in this digital world. But some recent research says that we are not concern about our privacy at all. Just think, when you are going to register yourself on Facebook or other site then have you ever read their terms and conditions about their site. I think the answer is ‘No’. It also happen to me. But which tools or which service you will use for long term period then shouldn’t you read their terms and condition first. Have you ever read their privacy policy because you are giving many more information about yourself that is even your photography, your status, what you are telling to your friends. The authority is taking the information from you. But shouldn’t you check it out that what you are giving them what the authority is doing with your information. Of course you should. But you don’t. That’s why recently many many news are publishing throughout the internet that ‘my Facebook account has been hacked’, ‘my email account has been hacked’, ‘my credit card information has leaked’. But who are stealing your information and who are cracking your online tools slowly one after another they are using and tracking your social information. Basically this is called social engineering. When I was reading the books ‘Hacking for dummies’ by Kevin Beaver then I have first learned about ‘Social Engineering’ from then I am being more conscious about that issue.
“Social engineering takes advantage of the weakest link in any organization’s
information security defenses: people. Social engineering is
“people hacking†and involves maliciously exploiting the trusting nature of
human beings to obtain information that can be used for personal gain.â€
According to the ‘Hacking for Dummies’ by Kevin Beaver there has been given some example of social engineering. Those are:
- False support personnel claim that they need to install a patch or newversion of software on a user’s computer, talk the user into downloading the software, and obtain remote control of the system.
- False vendors claim to need to update the organization’s accounting package or phone system, ask for the administrator password, and obtain full access.
- Phishing e-mails sent by external attackers gather user IDs and passwords of unsuspecting recipients. The bad guys then use those passwords to gain access to bank accounts and more. A related attack exploits crosssite scripting on Web forms.
- False employees notify the security desk that they have lost their keys to the computer room, receive a set of keys from security, and obtain unauthorized access to physical and electronic information.
Sometimes, social engineers act as forceful and knowledgeable employees, such as managers or executives. At other times they might play the roles of extremely uninformed or naïve employees. They also might pose as outsiders, such as IT consultants or maintenance people. Social engineers often switch from one mode to the other, depending on the people they speak to.
Now most of the Bangladeshi are using Facebook very much regular user they are going to be. But I think 10% of them are not aware of this kinds of alert. Many of my friends regularly tell me that they are facing problem with their online activity. Somebody are trying to get access to their account.
In this case, I have found some suggestion that is-
- Be aware about what you are going to enter into.
- Read more and more about what you are going to use for long term.
- Always practice to think that in your social network there are real and also fake personnel (can be).
-Think about what you are giving or posting . Those can be used to make your life vulnerable
