Bkjia.com exclusive Article] more and more users have their own personal websites, describe their lives on blogs, and communicate with friends on various forums, self-timer videos are published on video sharing websites-these users can add their own information, communicate with friends, and display their own personal websites, known as Social Network SocialNetworking. However, when users use social network websites, they often do not realize that information published on the Internet may be used for fraud.
Let's assume that A and B work in the same enterprise E, and they are employees of the Development Department. F, the competitor of Enterprise E, wants to know the product development of enterprise E. However, F has never been able to win because it does not have the information channel of Enterprise E. One day, F found A's blog site on the Internet. A wrote on the blog that A will be on A business trip to another place in A certain period of time, and F will be on A business trip, I used the name of A to contact B and successfully obtained the product development progress of Enterprise E from B.
Let's look at another example. An online game is undergoing intense internal tests and intends to collect a group of testing players in the next two weeks, players all gathered in a game forum to discuss how to obtain a test account. At this time, an attacker noticed the enthusiasm of the players. Then he used the information collected on the Forum to carefully construct phishing emails and websites, and tempted a large number of players eager to get the test account to visit, in the end, he obtained a large amount of private information, such as the ID card number, which should be kept confidential.
The preceding two examples show that attackers collect information published by the target on social network websites, organize and initiate fraud attacks, and finally win the competition. Attackers also use various tools and software to automatically collect user information from social network websites. Obviously, the more private information that users leak on social network websites, the more opportunities left for attackers, the higher the possibility of successful fraud attacks. Users often publish personal information such as their names, birthdays, email addresses, and work to social network websites, at the same time, one or more of the information is used as the password prompts for various network accounts. The hidden risks are self-evident.
It should be noted that the author is not persuading users not to use their own blog or other social network websites, but also having their own blog :)), but when users are advised to post information on the website, do not put all your personal information, especially the identity and private information that can be directly linked with the user himself.
How can users reduce the risk of becoming a target of fraud attacks? The following are some suggestions:
1. Do not post information related to your own password prompts on the Internet, such as the complete birthday date and pet name.
2. Use friend settings to allow only friends in the friend list to read sensitive blog articles.
3. Do not publish holiday plans online or other information that may cause security events when users leave.
4. Do not post information on the Internet that may affect your current or future work. The current boss or new job manager will go to the Social Network website to view the information.
5. Be cautious with online friends. The photos or personal data they use may be false.