The recent twitter hack on 15th July, 2020, is a subtle reminder of the importance of keeping what ought to be kept private, private; especially on social networking platforms.
With the advancement in the use of technology, daily users of social networking sites, rarely pay attention to the content they share, most especially personal data such as their contacts, vacation spots, and educational background. While it might feel nice and empowering to share your achievements all over the internet, it can also backfire by serving as your portrait, thereby, making it easier for malicious actors to target you whilst impersonating a legitimate organisation, either to gain access to sensitive information or for extortion purposes. This habit also makes you an easy target for social engineering.
Social engineering heavily relies on exploiting trusts and human emotions, in order to gain access to valuable information. The July 15th Twitter hack displays how dangerous such attacks could be, as high value accounts belonging to celebrities, business tycoons, politicians, organisations and other high profile individuals— mostly with verified accounts— were used in a cryptocurrency scam, the attack was apparently due to the perpetrators gaining access to the internal command center of Twitter. This is believed to have been carried out through social engineering, as was later confirmed by Twitter in a thread.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
The attack was described as “the worst hack of a major social media platform yet” by Dmitri Alperovitch, co-founder of cyber-security company, Crowdstrike. While the extent of damage or the intent behind the attack is yet to be ascertained, with concerns on whether the attackers were able to read users Direct Messages, preliminary investigations of recent blockchain transactions, put to light that one of the accounts used for the scam, had realised over $117,000.
This attack, more than ever, emphasizes the need for selective information dissemination by users of social media. This will help reduce your risk of identity theft and reduce your likelihood of being a target of social engineering.
SUGGESTED READING: Cybersecurity Best Practice For Internet Users
Privacy Matters
There is a high probability that you are being watched either by your Internet Service Providers (ISPs), State-Sponsored government agencies or online predators.
Staying safe online is your responsibility and you have to take measures to protect your online presence. Your online hygiene matters because it affects other people. When an online predator gets a hold of your accounts, they can use you as a point of contact to others, just as the case of the CryptoHeist.
Below, we highlight some tips to help limit the information shared on social media, and further protect your privacy:
- Keep your social network activity private: Limit the number of people that can view your activities on social media if possible, limit the viewers to your friends
- Do not fill out your social media profile: As you share more information on social media, it makes it easier for your attackers to gather information about you, making you more susceptible to being a target of a cyber attack.
- Turn off geo location tagging: Geo location tagging divulges your location as you make posts. This can leave you open to being burgled while not at home, or being attacked on the road. Disabling this option would reduce your risk from stalkers.
- Use two-factor authentication: Two factor authentications give room for an additional security layer and helps in keeping others from accessing your accounts without further verification, even if they manage to get your password.
- Use password managers: The use of a password manager will help you to avoid reusing the same password on different sites, hence, protecting your other accounts in the case of a security breach .
As tech companies continue to suffer from insider threats due to the elevated access granted to their employees, these few tips, among others, would help to reduce your risk of exposure to unwarranted attention.
