I'm the guy who posts photos on Instagram (filtered, of course) of my vacation. I'm also the type of person who tweets about buying too expensive furniture because I came across an elegant online ad about how it would change my life.
The thing is, I thought my social media posts just conveyed my desperate need for attention and likes. However, it turns out that they are also a gold mine for hackers.
Using two of my publications – Instagram accommodation on a hotel on the West Coast of the United States and a Twitter tweet – a hacker quickly managed to get my home address and mobile phone number.
How? Both the hotel and the furniture company passed my personal details to the hacker by phone.
I left one of them my hackers have been doing this recently. And here I am to tell you that it is disturbingly easy for them – even to someone like me who covers technology. This is a lesson for all of us: Be careful to think about what you share on social media and how this information can be used against you, and next time, contact your airline, hotel or bank and let them access your account, think about the questions they ask you. If they only ask for your birthday and email address to confirm that you are who you say you are, ask if they can add extra security to your account – maybe they could put a note in your account to require a special password or sends you a verification code. Unfortunately, many companies do not have this option, but it's worth asking.
Tobacco and The competition calls for large corporations that often claim to work in the company's IT department. Tobacco is not a coder but has been improvising since he was 10 years old. By tapping into these skills – and using some other form of fraud, as an application that can change her voice to make her sound like a man – she convinces the person on the other end of the line to pass on personal information.
This type of hacking is called social engineering.
But Tobak is one of the good hackers – the kind commonly known as the "white hat". (The bad ones are called "black hats".)
I asked Tobak to hack me.
Without my password and without hacking into my email account, she managed to get my home address, my phone number and steal my hard earned hotel points. In perhaps the most violent act of all, she even managed to change my seat in my five-hour flight outside Vegas, moving me from a spacious exit passage to a middle seat behind the toilets.