According To Cybersecurity Experts, A Harmless Instagram Trend Could Potentially Lead To A Data Hack.
- Users of Instagram respond to a series of intimate inquiries in a bid to “get to know me.”
- A cyber security expert cautioned that it might facilitate account hacking.
- Although viewers disregarded her cautions, experts concur that even harmless data sharing can be hazardous.
During the final days of 2023, individuals appeared to be actively urging their followers to deepen their understanding of their personal lives. Alternatively, as stated by a cyber-security specialist, facilitating the availability of their information to potential hackers.
The phenomenon can be attributed to a prevalent questionnaire consisting of 11 inquiries that individuals are responding to on Instagram, willingly divulging personal details such as their height and date of birth, as well as expressing their strong opinions on matters such as favorite food and phobias.
The trend seems to have been popular in late December, although comparable templates have been circulating on various platforms since the inception of social media.
The extent of the latest iteration’s prevalence is uncertain, as the majority of users seem to be sharing their responses on Instagram stories, which have a lifespan of 24 hours. However, in the past several weeks, numerous individuals have also uploaded their responses on TikTok, with the caption “Get to know me.”
However, a certain designer is cautioning everyone to refrain from engaging in it, implying that there may be unanticipated repercussions associated with partaking in the current fad.
Eliana Shiloh, a cyber and strategic risk analyst at Deloitte in Chicago according to her LinkedIn page, shared a TikTok video about the trend on December 23.
“I must admit, I nearly succumbed to this. I began completing it, but then I suddenly paused,” she said.
She proceeded to clarify that she believed the prompts were similar to certain security questions she had linked to her own accounts. She then proposed that hackers may potentially exploit this trend to their advantage.
“If you participated in that trend, promptly remove that content. Eliminate it. Erase all evidence of it from the internet,” she stated, expressing her belief that we are gradually approaching the point where social security numbers will be shared online.
The video garnered 1.6 million views, but, a significant number of the reactions appeared to disregard her worries. Commentators criticized her for making a far-fetched connection and pointed out that there is a significant difference between sharing a favorite color and revealing one’s social security number. A substantial number of viewers also challenged her assertion, contending that the questions in the template did not align with conventional security inquiries.
Indeed, it is improbable that the majority of individuals possess security inquiries. Lisa Plaggemier, the executive director at the National Cybersecurity Alliance, stated to Business Insider that the method of using personal questions to recover account access in cases where a user has forgotten their password has become nearly outdated. According to her, the majority of firms have transitioned to more robust methods of multi-factor authentication, such as push notifications or codes that are sent via text message or email to customers.
However, this does not imply that the tendency is without some potential danger.
“By posting such information, you are essentially providing all the necessary resources for a malicious individual to manipulate you through social engineering,” Plaggemier said on the posts. “Your actions are significantly facilitating their research.”
She elucidated that a prevalent method employed by hackers involves assuming the identity of their targets or individuals in close proximity to them. Disclosing a substantial amount of information in a single location could heighten a user’s susceptibility to an attack.
Shiloh seemed to imply something akin to that in a further video later on the same day.
“If I am required to elucidate the perils of disclosing a roster of your personal details on the internet, then…” she commenced. “Undoubtedly, it is highly unlikely that anyone’s security question would be ‘What is your birthday?” However, by utilizing your date of birth, someone can gather substantial information about you and use it to get unauthorized access to certain accounts of yours.
According to Plaggemier, maintaining closed and secret social media accounts is one of the most effective measures to prevent hacking. However, she acknowledged that individuals often become victims of impersonation scams and inadvertently add fraudulent accounts to their contacts, indicating that this approach is not completely infallible.
Sharing personal information on the internet is consistently hazardous.
The consensus among experts is that disclosing personal information on the internet is not recommended. The National Cybersecurity Alliance, the Department of Justice (DOJ), and many cyber-security platforms all caution against this practice, elucidating that even seemingly harmless information can be exploited to compromise accounts through hacking.
Tessian, an email security firm, conducted interviews with hacking specialists in 2020, who verified that cyber-attacks are facilitated by the disclosure of personal information on social media platforms.
This is not the first instance where an apparently innocuous trend has come under scrutiny due to worries around personal data.
According to PennToday, in 2020, amidst the pandemic, some college grads shared their graduation images on social media with the hashtag #ClassOf020 as a symbol of unity.
According to Joseph Turow, a professor of communication at the college, there is a potential risk associated with this.
“Cybercriminals seeking unauthorized access to your personal accounts can exploit any information you disclose in a widely spread challenge,” he stated. Under these circumstances, it may disclose your alma mater, graduation year, and even broader social networks, which can be exploited for purposes such as breaching social media accounts, guessing security questions on financial platforms and sending tailored ‘spear phishing’ messages with the intention of deceiving you into revealing confidential information.
The cost associated with participating in a social media trend is substantial, even if one does not perceive it as a probable occurrence for oneself.
Meta, the parent company of Instagram, did not promptly reply to Business Insider’s inquiry for a statement. Eliana Shiloh did not promptly reply to a request for comment.
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
READ MORE NEWS HERE