Social Identities
If a malicious entity were to get a hold of your Social Security number (SSN), your date of birth, and your home address, she could use this information to establish and execute financial transactions using your identity. Quite simply, this is the most popular definition of identity theft.
Given the exponential rise in popularity of social applications, the identities that are being established online are assumed to be trustworthy even though there is no real identity mechanism to support them. The new generation of attacks and attackers are aware of this opportunity. In this section, we will discuss the devious ways criminals can leverage online social identities.
Abusing Social Profiles
The amount of information people voluntarily expose on social applications is staggering. In the recent past, an external and unrelated entity would have to go through great lengths to find out minor details on a given person. Today, with the exponential rise in popularity of social applications, this information is readily available to anyone with a web browser, an Internet connection, and access to a social networking website such as Facebook.
Figure 8-3 shows some basic information on a typical Facebook user’s profile. At first glance, the data presented doesn’t seem too confidential, but it is extremely valuable to a malicious party who is determined to obtain information on the user.
Figure 8-3. Basic Information section of a typical Facebook user’s profile
You can tell a lot about ...
Get Hacking: The Next Generation now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.