Social engineering is big business. What is it? Figuring out who you are — yes, you — and then using that information to make money off of it.
People list password challenge and identity verification information publicly (or at least freely) on their Instagram, Twitter and Facebook pages and feeds without giving it a second thought.
Maiden name? Check. Favorite pet? Check. High school? Check. Town you grew up in? Check. Favorite or first car? Check.
Throwback Thursday is a social engineer’s dream. They love this stuff. Combat it by always giving false password challenge and identity verification information to the sites and services that require it. Keep the answer file off-line — or at least in a format that’s not easily guessed. Remember, if it’s a handwritten list, you can still take a photo of it.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.
