Skip to main content

Many of us are sharing too much information on social media

password
(Image credit: Image source: Shutterstock/Ai825)

Many people are sharing too much personal data online, leaving them vulnerable to hacking and social engineering attacks.

This is the conclusion of a new report from security firm Tessian, which claims that even making accounts private has little effect, because the majority of friend requests are accepted.

Based on a poll of 4,000 professionals in the UK and US, the report shares insights on how the mind of a hacker operates and how people are serving up pivotal information on a platter.

Most people post on social media at least once a week (84 percent), with almost half (42 percent) posting daily. In many cases, they post material that can be used to guess a password or craft a social engineering attack: names and pictures of their children, birthday celebrations, job changes etc.

Most people (55 percent) have a public profile on Facebook, and just a third (32 percent) have privacy filters on their Instagram account, which makes the work of a malicious actor easy.

The report details how a criminal may make use of data posted online to craft a phishing scam. For example, if they were to identify a new employee at a company via LinkedIn, they could spoof a message from a senior executive.

According to Tessian, workers also share too much information in automatic Out of Office replies, such as length of absence, which could be used as part of a spoofing attack.