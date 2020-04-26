HUNTINGTON — For years, authorities have been warning of the dangers of oversharing on social media.
However, some recent trends during the COVID-19 pandemic have caused the FBI to issue a warning to citizens that oversharing could lead to fraud.
“In relation to current trends, we have lots of high school seniors missing out on traditional graduations so they are posting photos, which could make them vulnerable to fraudsters,” Acting FBI Pittsburgh Special Agent in Charge Eugene Kowel said during a telephone interview with The Herald-Dispatch.
Kowel says the “high school support” photo trend encourages users to share their high school photo to support the Class of 2020.
“Many people are including the name of their schools and mascots, and their graduation years. All three are answers to common password retrieval security questions,” he said.
Kowel says other examples include posting a picture of your first car; answering questions about your best friend; providing the name of your first pet; identifying your first concert, favorite restaurant or favorite teacher; and tagging your mother, which may reveal her maiden name.
“A number of trending social media topics seem like fun games, but can reveal answers to very common password retrieval security questions,” Kowel explained. “Fraudsters can leverage this personal information to reset account passwords and gain access to once-protected data and accounts.”
Kowel said with so many people quarantined due to the COVID-19 pandemic and under stay-at-home orders, many more people are spending much more time using social media.
“They are sharing more, and we are urging them to be vigilant and carefully consider the possible negative impact of sharing too much personal information online,” he said. “Young people may not think they are vulnerable to financial frauds because they don’t have credit or banking right now; however, information they share now can live forever in the dark web.”
Kowel suggested social media users check security settings to ensure they are set to the appropriate levels and enable two-factor or multi-factor authentication when available.
“Authentication is a process that requires you to prove who you are in more than one way while accessing an account,” he said.
Koewl says there are three categories of credentials: something you know; something you have; and something you are.
“Something you know is your password or a set PIN you use to access an account. The PIN does not typically change,” he explained. “Something you have is a security token or app that provides a randomly generated number that rotates frequently. The token provider confirms that you, and only you, know that number. Something you have can include verification texts, emails or calls that you must respond to before accessing an account.”
Kowel said “something you are” includes fingerprints, facial recognition or voice recognition.
“This category of credentialing sounds a bit unnerving, but think about how you unlocked your smartphone this morning,” he said. “You probably have used your fingerprints or face several times today just to check your email.”
Multi-factor authentication is required by some providers, but is optional for others, he added.
“If given the choice, take advantage of multi-factor authentication whenever possible, but especially when accessing your most sensitive personal data to include your primary email account, and your financial and health records,” Kowel said.
Kowel added that if you have been victimized by a cyber fraud, you can report it to the FBI’s Internet Crime Complaint Center at www.IC3.gov.