This data, which could’ve been private on Facebook, can be displayed to other users, malicious or otherwise.
For businesses that already have operational security policies restricting the information employees can divulge on social media—Facebook, Linked In, and Twitter, to name a few—they should also consider expanding this to online dating sites or apps.
Profiles with specific job titles naturally attracted more attention.
And when combined with password reuse, an attacker can gain an initial foothold into a person’s life.That meant we also had to like profiles of potentially real people.This led to some interesting scenarios: sitting at home at night with our families while casually liking every single new profile in range (yes, we have very understanding partners).And as a user, you should report and un-match the profile if you feel like you are being targeted. The same discretion should be done with email and other social media accounts.They’re easy to access, outside a company’s control, and a cash cow for cybercriminals.Indeed, such attacks are feasible—but do they actually happen? Targeted attacks on the Israeli army early this year used provocative social network profiles as entry points.