Anna S. is a freelance journalist. One day, she received a LinkedIn request from a political researcher named Camille.
Before accepting the request, Anna looked at Camille’s profile.
Camille had a network of over 400 people, a photo of a speaking engagement, and a detailed work history.
Camille’s profile had a link to a recent podcast she had done talking with politicians in the Middle East.
After sharing messages on LinkedIn, Camille wanted to send Anna details about a project.
She wanted to email Anna the details to see if there was any chance the two could collaborate.
But Camille wasn’t who she claimed to be.
It turns out, the person pretending to be Camille was an Iranian spy, and the account being used to contact Anna was linked to an Iranian group.
While trying to convince Anna to work with her, Camille’s account sent her information about a U.S.-funded project.
The amount of funding was so high that Anna realized the research project was likely fake.
Luckily, Anna noticed this red flag and didn’t share any personal information with the imposter, but the Iranians continued to pressure her.
“Camille” asked her to join a Zoom call to discuss working together and reviewing the material.
Anna noticed that the Iranians were clearly looking for ways to access her computer. She was continually asked to click on links to review information and join meetings.
Thankfully, Anna ended contact and her computer or private information wasn’t compromised.
But Anna’s experience is shockingly common.
From LinkedIn to Facebook, spies are always looking for new ways to gather personal information.
Here are a few ways that a spy could be targeting you on social media.
Too much information:
Many folks share too much information on social media.
If a foreign spy targeted you, they can learn a lot about you from your social media profile.
This could include work and education history, travel plans, hobbies, and personal habits.
Before a spy contacts a target, they will have plenty of details to initiate conversation simply from the information people freely give out on social media.
Be very judicious about what you’re sharing on social media.
Video chats:
Just because someone wants to have a Zoom meeting, or a phone conversation, it doesn’t mean they are legitimate.
In one case, hackers set up a Zoom meeting with their target and held up photographs of the scientists they were impersonating.
Of course, this wasn’t the most high-tech strategy.
But, in a video chat, the image can be grainy, people might not pay attention, or someone could have their video turned off.
So, even if someone offers to video chat or call you, that doesn’t mean they can be trusted.
Be wary if you don’t know someone, and they send you invites to a Zoom chat or a phone call. It could be a phishing attack, or an attempt to gain information on you.
Spies want to get off the platform:
The reason social media is so popular is the ease of making connections.
This is even true for spies who are trying to convince someone to work on their behalf.
But once a connection is established a spy will want to take the conversation somewhere else.
For example, if you are communicating with someone on social media and they ask you to use WhatsApp it should be a red flag.
Taking the conversation to another platform means it’s easier to hide the communication.
In addition, it’s easy to send malicious links via email or other methods instead of social media.
Be on guard when someone wants to move from one platform to another.
Genuine messages:
If a spy wants something from you, they will act overwhelmingly genuine and sincere in their communications.
The goal is to make you feel comfortable sharing information.
They will ask how your weekend was. They will want to know how your family is doing.
In addition, foreign spies will be sure not to make simple grammar mistakes, or other and similar mistakes.
If you see a lot of spelling errors you are probably talking to a foreign hacker, not necessarily a foreign spy.
Social media companies are always looking for ways to prevent fakes. But stopping bot accounts and stopping foreign spies are two very different things.
Your best bet is to be very careful about what you share on social media and to be wary of answering requests from anyone you don’t know.
But if you’re not satisfied with just being careful…
I’ve laid out a simple plan to safeguard your private information online.
And this doesn’t just work for social media. It’s everything.