Weekly Security Tip - Limit What You Share to Stop Social Engineering

Headline: Oversharing online gives social engineers the details they need to target your firm.

Why it matters:

Social engineers rarely attack blindly. They research employees through social media, company websites, and public profiles to learn job roles, reporting structures, and internal processes. That information allows them to create highly believable phishing emails, fake vendor requests, or impersonation scams.

For financial firms, this creates real risk. Attackers can use publicly available details to bypass controls, request sensitive information, or initiate fraudulent transactions. Limiting what is shared publicly reduces the information attackers can exploit and strengthens your overall security posture.

A few simple adjustments to online profiles and company content can significantly reduce exposure.

Quick Tips

What You Should Do:

• Encourage employees to limit online sharing about job responsibilities, internal systems, and workflows.

• Review company websites and public profiles to ensure only necessary business information is disclosed.

• Use privacy settings on social platforms to restrict who can view personal and organizational details.

Call to Action:

Have employees review one personal or professional profile this week and remove unnecessary details about their role or company processes. Reducing public exposure makes social engineering attacks far less effective.