WSJ: How to Improve Cybersecurity? Just Eliminate the Human Element

Facebook is a huge trove of everything from our contacts to our whereabouts, and tons of information about us that we don’t even know we are revealing can be gleaned from it by clever algorithms, from our tastes to our politics, says Mr. Cerf. Friending strangern Facebook through fake accounts— and then leveraging mutual connections to gain access to the network of a mark—is a common tactic of the “social engineering” style of hacking.

Of course, social media is just the beginning. “Amazon wish lists are a treasure trove, so is your eBay bidding history,” says Ms. Konnikova. “All this stuff is there for the taking, and you do not have to be a sophisticated hacker to compile pretty intricate profiles of a person.”

Whenever someone has information about us, we are more likely to trust them. That insight has helped hackers sharpen phishing attacks, in which they spam corporate inboxes with emails that can be targeted to individuals in ways that make these emails look more credible. These more-personalized “spear phishing” attacks are more likely to succeed because they come from someone we know—or think we know.  MORE

Educate your team with Advisor Armor