A recent Facebook post from a family member made me realize that I needed to write about an overused term. A term, that when used, causes chaos and concern. I don’t blame the family member for using it, I’ve seen it used hundreds of times over the past few years and I’ve seen IT and cybersecurity professionals respond without correcting, even, on occasion, offering bad advice.
So, what is the term? Hacked. We all know what it means when we hear that a website was hacked or a company was hacked. Depending on the context, synonyms could be defaced (although that seems less common these days) or breached. At the end of the day, however, the term “hacked” is completely valid and used correctly in those situations. So, when is it used incorrectly? When it is used to describe a fake social media profile.
Here’s the situation, one that we’ve all seen dozens of times. “Don’t open messages from me, I’ve been hacked!” or “Don’t open messages from <insert person here>, they’ve been hacked!” There are definitely times when people’s legitimate accounts are used to spam out malicious links and, in those cases, “I’ve been hacked!” feels appropriate. I believe, however, that context matters, and a duplicate social media profile should not be referred to as “hacked” and the actions associated with an account breach should not be taken.
So, what is a duplicate social media profile? If you have been living under a rock or are sane enough to avoid social media, you may not have encountered this phenomenon. It occurs when someone takes your publicly visible social media photo and creates a new account using your name. They then spam out messages or friend requests to everyone on your contact list. This is why restricting (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tyler Reguly. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/social-media-account-hasnt-been-hacked-its-been-cloned/