Fake Influencer Flags Hacking Tactics
A Swiss secure storage company has launched a creative cybersecurity awareness campaign to show how hackers gather personal data from social media.
The campaign by pCloud uses a fake influencer account on Instagram (@thealiceadams) to highlight how users unintentionally give away pieces of sensitive data through their bios and the content they post.
“Through what we share online, the pictures we post and the locations we tag, hackers and criminals can guess your password in seconds, putting your identity and your bank accounts at risk of being stolen,” said a pCloud spokesperson.
In one post from the mock account, the influencer reveals her date of birth by sharing an image of birthday balloons that spell out her age. Other seemingly harmless posts give away information commonly used in passwords and security questions, including her pet’s name, where she went to school and her favorite movie.
Additional posts emphasize the importance of checking photographs for sensitive data before sharing them. Captured in an image of the influencer at her desk is a post-it note upon which a password has been written. Another shot of the influencer dining at a restaurant features her credit card, revealing her bank details.
“You may be posting a picture of your birthday balloons, a heartwarming picture of your newborn baby or snapping that ‘picture perfect’ bar you spent the weekend at. But those seemingly harmless posts could actually be giving away security information that gives hackers access to all your accounts,” said pCloud.
Research performed by pCloud found that the most common themes for passwords that hackers are aware of include the last name followed by a number, date of birth, child or grandchild’s name and date of birth, pet name, place of birth and current place of residence.
Other popular password choices are Qwerty (the first letters on a keyboard), favorite films, foods and nicknames.
The company advised users to leave personal information out of their passwords and make their passwords long and nonsensical, making them more challenging for hackers to guess. It also recommended using different passwords for different accounts so that cracking one password won’t enable a hacker to access all accounts
More Stories
Pension Firms Report 4000% Surge in Breaches
Financial services targeted remorselessly over past year Read More
Sophisticated APT Clusters Target Southeast Asia
Unit 42 uncovered three separate threat actor clusters: Stately Taurus, Alloy Taurus and Gelsemium Read More
China-Linked EvilBamboo Targets Mobiles
This extensive operation is directed at Tibetan, Uyghur and Taiwanese individuals and organizations Read More
Voting Equipment Giants Team Up For Security
The move aims to combat the rampant spread of misinformation among American voters Read More
“The good and the bad that comes with the growth of AI” – watch this series of webinars with Abnormal, OpenAI, and others
Graham Cluley Security News is sponsored this week by the folks at Abnormal. Thanks to the great team there for...
iOS 17 update secretly changed your privacy settings; here’s how to set them back
Many iPhone users who upgraded their iPhones to the recently-released iOS 17 will be alarmed to hear that they may...