We asked our resident online safety expert to pour through loveMONEY reader comments to see how we might be leaving ourselves vulnerable.
We’re all aware that sharing personal information online, such as your birthday or your mother’s maiden name, could be a goldmine to a fraudster.
Often, these juicy details are used as passwords or authentication phrases for banks.
But, as we become more safety conscious, fraudsters are still using our digital presence against us.
I had a look at some of our readers’ comments on loveMONEY to find out just how much information some are potentially revealing from a single comment, and how they could be targeted as a result.
How they tailor phishing emails, calls, and texts to you
Our first comment comes from an article we posted discussing the TSB IT meltdown.
Fraudsters love it when banking errors or issues occur.
Lying in wait for the inevitable stream of articles discussing the fault to hit various social networks, certain comments from disgruntled customers can pique their interest enough to investigate that person further.
While this comment may not seem like a lot of information at first glance, it’s worth remembering that this is one comment that person has made on one platform.
Using scripts and automated bots, fraudsters can quickly scan through other comments made on this platform, and others, to piece together a larger picture of the person targeted.
Knowing that both the commenter, and their family, have been loyal to their bank for a decent amount of time, they can use this to their advantage to tailor phishing emails, texts, or even phone calls to seem more genuine.
They know which contact method you prefer, and why
While knowing exactly who you bank with, how long for, and what contact methods you prefer to use can be useful in its own right, digging a bit deeper into this comment reveals a treasure trove of information via their social media profile.
By commenting on articles using social media profiles, or on social networks directly, all someone needs to do is click the commenter’s name and scroll back through their profile to find out more information about a target.
Often, our social media profiles aren’t as secure as they should be and many older posts or comments are long forgotten about and publicly accessible.
Scammers have also been known to use fake profiles to add potential victims with the aim of trawling through their profile searching for contact details, or more identifiable information, to make their scams more believable.
Scammers prey on your misfortune
Your misfortune, as horrible as it may sound, can be a treasure trove of information to a scammer.
In this example, we know a lot about the person just from their visa applications being rejected and that could potentially open the door to an unscrupulous criminal preying on the situation.
Firstly, we know the month and year they’re getting married and if they have a somewhat public social media profile, we can determine the exact day easily.
This could be an answer to a security question in the future or even give fraudsters the perfect excuse to contact the couple posing as a business they’ve hired as part of their wedding.
Secondly, we know their honeymoon destination, including the cruise company they’ve chosen.
By monitoring that company’s social media pages and looking out for someone of the same name asking for help rescheduling their booking, for example, a fraudster has more information sources to draw upon.
Thirdly, we know what both parties do for a living and this can be used to search for other online profiles these people may have to find out even more information about them, giving the fraudsters more information to expertly craft their scams to seem extremely legitimate.
Adding together the large financial amount at stake, the high-stress situation of a wedding, visas being rejected, alongside other information gathered based off the initial comment produces a potentially dangerous mix that criminals can use to their advantage.
Note: comments in question have been deleted from the site as a precaution.
Top tips to stay safe
It can be tempting to voice your opinion on articles or comments online and, while it shouldn’t be discouraged, it’s worth remembering that seemingly insignificant information can be pieced together over a long time to build up a profile about you.
Here are our tips for keeping safe when commenting on articles online:
- Be aware that comments you post on public articles are visible to everyone.
- Using different nicknames that aren’t obviously connected to each other, or to you, can halt data mining fraudsters in their tracks.
- Changing personal details slightly in a comment can be enough to alert you if someone’s using that information fraudulently.
- Regularly check your social media profile’s security settings, including your past posts, or posts where you’ve shared contact information.
- While posting the social media page of a bank, or company you use, may offer a quick convenient way of connecting with them – it could be revealing important information about yourself.
- If you receive a call from a bank or a company and are suspicious, hang up and call them back on a number you trust.
Be the first to comment
Do you want to comment on this article? You need to be signed in for this feature