Social engineering is big business. What is it? Figuring out who you are and then using that information to make money off of it.
People list password challenge and identity verification questions publicly (or at least freely) on their Instagram, Twitter and Facebook pages and feeds without giving it a second thought. Maiden name? Check. Favorite pet? Check. High school? Check. Town they grew up in? Check. Favorite or first car? Check.
Throwback Thursday is a social engineer’s dream. They love this stuff. Combat it by always giving false password and identity challenge and verification information to the sites and services that require it. Keep the answer file in a format that’s not easily guessed or, better yet, off-line. Remember, if it’s a handwritten list, you can still take a photo of it.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.
