In the last several weeks, social media sites like Facebook have seen surges in user traffic during the pandemic since it is one of the primary ways to keep in touch with family and friends. This week, a database with more than 260 million Facebook user profiles was found listed for sale on the dark web for just over $600. Most of the profiles in the database are from users in the U.S. There were no passwords found, however user personal information such as unique Facebook ID, name, gender, date of birth and phone number were found. With this data, a scammer could perform spear-phishing or SMS (mobile text) attacks that could result in unsuspecting victims handing over their credentials or worse. Scammers might send email and text messages disguised as Facebook or use some of the purchased information on the user to make the message appear more personal and official. Small businesses are also at risk. Hackers are trolling social media networks such as Facebook, Twitter, and LinkedIn for photos, videos, and other clues that can help them better target your company in an attack. One former hacker has stated, "Social media posts are a goldmine for details that aid in our attacks. What you find in the background of photos is particularly revealing–from security badges to laptop screens, or even Post-its with passwords." Laptop screens reveal the types of security tools and software being used, which a hacker can use to tailor an attack by creating custom malware disguised as a fake software update.
Comments