Identity theft info taken right off your social networking pages.

Social savvy scammers are scouring social sites (say that five times fast!) for identity theft info. They want - and are getting - information that will give them all the clues they need to commit identity theft via social engineering.

A social engineer that has a malicious intent can (and does) get enough details about your personal life (or even your work, business or professional life) to commit identity theft and similar crimes.

When a specific individual is targeted, it is called "spear-phishing". Which is a cousin to the widely publicized random activity of "phishing" which generally involves casting a wide net via the sending of mass emails in an attempt to get anyone to respond to official looking requests for personal or financial data.

With spear-phishing certain individuals (like you) are targeted and their information harvested in order for the scammer to make it seem that they know you or are connected to someone you know - trying to appear friendly and familiar - all in an effort to get you to divulge even more information about yourself or another target (another individual). Once the criminal has amassed enough info about you (most of which you freely gave out on your social networking site) they then use it to commit identity theft.

Basically it is scamming brought down to a more intimate one-on-one level. Social engineering is not new. What is new is the freely displayed personal details of everyone's lives on the internet via MySpace, Facebook and other social sites. A social scammers paradise.

What should you do? Should you take down your networking profile? With everyone's desire for attention and connection, that's not likely to happen - but at the very least you might consider limiting some of the details you display and to stay aware that this avenue leading to identity theft exists.

Leave Identity Theft Info and return to ITPME's main Blog page.