Fake Influencer Flags Hacking Tactics
A Swiss secure storage company has launched a creative cybersecurity awareness campaign to show how hackers gather personal data from social media.
The campaign by pCloud uses a fake influencer account on Instagram (@thealiceadams) to highlight how users unintentionally give away pieces of sensitive data through their bios and the content they post.
“Through what we share online, the pictures we post and the locations we tag, hackers and criminals can guess your password in seconds, putting your identity and your bank accounts at risk of being stolen,” said a pCloud spokesperson.
In one post from the mock account, the influencer reveals her date of birth by sharing an image of birthday balloons that spell out her age. Other seemingly harmless posts give away information commonly used in passwords and security questions, including her pet’s name, where she went to school and her favorite movie.
Additional posts emphasize the importance of checking photographs for sensitive data before sharing them. Captured in an image of the influencer at her desk is a post-it note upon which a password has been written. Another shot of the influencer dining at a restaurant features her credit card, revealing her bank details.
“You may be posting a picture of your birthday balloons, a heartwarming picture of your newborn baby or snapping that ‘picture perfect’ bar you spent the weekend at. But those seemingly harmless posts could actually be giving away security information that gives hackers access to all your accounts,” said pCloud.
Research performed by pCloud found that the most common themes for passwords that hackers are aware of include the last name followed by a number, date of birth, child or grandchild’s name and date of birth, pet name, place of birth and current place of residence.
Other popular password choices are Qwerty (the first letters on a keyboard), favorite films, foods and nicknames.
The company advised users to leave personal information out of their passwords and make their passwords long and nonsensical, making them more challenging for hackers to guess. It also recommended using different passwords for different accounts so that cracking one password won’t enable a hacker to access all accounts
More Stories
Smashing Security podcast #372: The fake deepfake, and Estate insecurity
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage...
Cyber-Attack Disrupts Christie’s $840M Art Auctions
Despite this setback, the auction house said bids can still be placed by phone and in-person Read More
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware Read More
Why You Need a Personal VPN
It used to be the case that only businesses used virtual private networks (VPNs) to connect securely to the internet...
NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials
The National Cyber Security Centre launches an opt-in Personal Internet Protection service to safeguard individuals from cyber threats during the...
How To Spot A Fake Facebook Account
How do you manage your Facebook friends? Do you keep your list really tight and only include ‘active’ pals? Or...