Get Started Now! Get Your Credit Repair Do It Yourself!!

The Royal Wedding – The Social (Engineering) Event Of The Summer

New IdentityTheft Scam

Like any good Information Security professional, I enjoy scaring the daylights out of my friends and family about protecting their sensitive data.  It’s kind of a hobby.  The sheer panic I can incite with a “You know what a hacker would do with that information?  That’s right – ruin your life.” is exhilarating to experience.

Today, though, I’ve had more opportunities in a single day to torture educate my friends and family on sensitive data protection.  And all because Prince Harry intends to marry an American divorceé and actress named Meghan Markle.

Everyone, it seems, has Royal Wedding fever.  They’re sharing their plans for waking up at the crack of dawn to watch people they will never meet join together in Holy Matrimony.  They’re comparing what the royal brides of yesteryear wore. Even listening to Royal Wedding podcasts.  Yes, people are making podcasts about the royal wedding.  It’s the social event of the season, after all, and everyone wants a little piece of it.

But there is one nefarious Royal Wedding tidbit making the rounds, and it is the Social (Engineering) event of the season.  Shocking!  Someone is taking advantage of pop culture for criminal purposes!

Here is the simple little Facebook game that is opening people up to a very simple form of identity theft  – account takeovers using security questions.

I’ve been warning every one of my friends who posts this on Facebook that answering these questions opens them up to identity theft.  But I am not sure that they understand how, so I think it makes sense to provide some more detail.

Every time you set up a new account, you’re asked to provide some “security questions” to protect you from unauthorized access to your account.  The security questions; however, are almost always limited to a fixed list of questions that the programmers implemented.  Things like “What’s the name of your first pet?” “What street did you grow up on?” or “What was your grandfather’s first name?”  If you take a look at the meme above… well, well, well – we’ve hit all three.

As a hacker, all it takes for me to access your account right now is your email address.  And that’s easy to find.   Just because you played a little game on Facebook, you could stand to lose your life savings, have someone submit a tax return in your name, or order a bunch of stuffed monkeys from your favorite eCommerce site.

Do I have your attention, yet? Social Engineering is real, and it’s so simple for you to fall prey to people who mean you harm.  Protect your data.  Protect your personal information.  Protect your digital life.

And did I incite panic?  Because that was, after all, my goal.

About Katie Carney Tierney

Senior Director of Global Sales Engineering

Katie runs the Global Sales Engineering organization for WhiteHat Security, where she helps customers understand their Application Security needs and how WhiteHat can help them achieve AppSec nirvana. Before joining WhiteHat, Katie spent 8 years at BMC Software, in roles ranging from Sales Engineering, to Marketing, to Sales Leadership.  Katie started her career as a consultant with BSG Alliance and Forté Software providing software development and architecture services to companies including Carlson Companies, Phoenix Newspapers, BCBS Texas, West Teleservices, Service Corporation, Inc., Baker Oil Tools, and more. Katie holds a BBA in Business Analysis from Texas A&M University.



Source: on 2018-05-27 16:15:00

Read More At Source Site

Add a Comment

Your email address will not be published. Required fields are marked *

5 + 3 =