Scammers Turning To 'Social Engineering' To Steal Passwords & Identities
Follow KDKA-TV: Facebook | Twitter
PITTSBURGH (KDKA) - If you are asked to play one of those "get to know you better" games on Facebook -- watch out. Scammers might be trying to trick you into giving up answers to common online security questions. Even if you are not fooled into playing one of their games, they can still target you another way.
It's called "social engineering." Scammers look at your social media and try to figure out what you might use for online passwords. If they can, they will drain your bank account. However, their ultimate goal may be even worse.
All those pictures and videos we love to share draw more than just likes and follows.
"People just -- they put everything out there," said Seth Garcia, of Burgettstown.
Identity thieves see our love for sharing as an opportunity they can exploit.
"If you're trying to do social engineering, it really doesn't take an awful lot to do it," said Fraud Expert and Point Park University Professor Andrew Richards.
He warns thieves can piece together the different things you share and get a sense of who you are. Is it creepy? Yes. Though, the actual harm that can happen is much worse.
"Social engineering goes to the first step to getting identity theft," said Richards.
Thieves try to guess your passwords based on what they think you might use.
"I don't think I share anything that's too personal that anybody would be able to use at my disadvantage," said Garcia.
"So often, when we're updating our passwords, we're in a hurry to do it. So we use things that are convenient to us, we're going to remember, and don't have to write down," said Richards.
"The answers to my security questions, they don't even have to do with the question at all," said Garcia.
Richards recommends substituting nicknames, words or answers that only you know. Add special characters, numbers, and vary the capitalization. Never use the same password for all of your accounts and don't keep them for long.
"I change my passwords often -- especially on Facebook. Sometimes, I block pictures," said Loruchama Austin, of Squirrel Hill.
Questionnaires to "get to know" your Facebook friends better can be scammers trying to trick you into giving up answers to common security questions.
"It's a real pitfall, if you've got a lot of information, financial information, that can be available to a scammer, that if they access it, then you really should be staying away from it," said Richards.
You could be victimized twice. If thieves guess their way into your bank account, they will not only steal your money, they may do even worse and steal your identity.
"You definitely do not want to be a victim of that," said Richards.
According to Richards, in order to protect yourself, it's critical to review and compare your credit reports every year so you can account for every credit check.
"There's always a phone number that comes with who is making the inquiry. You call them right up. 'Why are you checking on me? I don't know who you are,'" said Richards.
According to Richards, a new cell phone in your name is often the first purchase an identity thief will make.
"Cell phones are one of the big tell-tales. It's a red flag that someone is trying to access your credit information," said Richards.
When you are done checking your own reports, check your children's reports too.
"I think it's important to have cybersecurity as a parent, you know? Know the sites and the apps that your kid is on," said David Yugar, of Clinton.
You are entitled by law to one free report from Experian, Equifax and TransUnion every year. In the meantime, remember it's not just your friends that want to see what you share.
More Information:
If you cannot remember all those complicated passwords, Richards recommends writing them down and keeping them in a secure place at home, like a safe.
Another thing you can do to protect yourself is put a security freeze on your credit. You can do that by contacting each of the credit reporting agencies.