The Postal Service wants employees and contractors to remember that the information posted on Facebook, Twitter and similar websites could be exploited in social engineering attacks.
Social engineering describes methods used to build trust and ultimately manipulate individuals into divulging personal information.
The more information cybercriminals gather about an individual, the easier it is to carry out smishing, phishing and other schemes.
Social media makes gathering information easy because most users upload images and details about friends, family, pets, vacations, work and more.
“About 60 percent of the information I need to craft a really good spear phish is found on Instagram alone. I can usually find everything I need within the first 30 minutes or so,” Rachel Tobac, chief executive officer of SocialProof Security, a hacker-led vulnerability-assessment and training firm, told the Wall Street Journal recently.
When using social media, keep the following in mind:
• Privacy settings: Regularly review privacy settings for all your social media accounts, especially when changes to terms of service and privacy policies occur.
• Unintentional disclosure: Think about what you post. Personal information could help cybercriminals decipher your online security questions.
• Data is forever: Social media platforms store and make searchable images and information indefinitely.
The CyberSafe at USPS Blue and LiteBlue pages have additional information.