Social engineering: Making it difficult for the attackers

Social engineering attacks aim to exploit you as a computer user to infect systems or steal data. In doing so, criminals usually follow a certain procedure: First, information is collected from freely available sources to get the most comprehensive picture of the target. Then, a plausible pretext is found to contact the targeted person and establish a relationship of trust. This is exploited by trying to use a sent link or file to infect the computer, obtain sensitive information or instruct a payment. You can make life much more difficult for the criminals by being careful about what personal information you share publicly.

Adjust privacy settings on XING

The following information is for criminals especially valuable: contacts (who knows whom – can you if necessary, refer to a “common acquaintance”), the department and position in the company, former employers, organisations or interests.

XING’s default data protection settings are very generous without any action on your part. For example, a member’s contacts are publicly visible to everyone. To adjust your data protection settings, click on the cogwheel in the navigation bar at the top right and then on the menu item “Settings”. The settings menu is available only in German in the current Beta version. Select the sub-item “Privatsphäre”.

The settings for the individual areas can be changed by clicking on the respective menu. IT-Seal recommends in particular that the contact list is only visible to your own contacts. You can reach the corresponding menu under “Your profile” -> “Contact list”.

If XING is used as a network in the broader sense and not every contact request is checked in detail, the setting “nobody” should be selected here.

Customize the privacy settings in LinkedIn:

nlike XING, LinkedIn’s privacy preferences are more restrictive. For example, the contact list can only be viewed by direct contacts. However, personalized data protection settings can also be selected here. To do this, click on the “Me” button in the navigation bar and select “Settings & Privacy”.
To do this, click on the “You” menu item in the navigation bar and select “Settings & Privacy”.

Then navigate to the “Privacy” section. Here you can set whether your email address is displayed to contacts, what information is shared on your public profile, or whether information about you can be displayed on your employer’s pages.

In general, we recommend that you share as little personal information as possible publicly and check that you really know the person before accepting contact requests.

Be aware of what information is publicly available about you and how it can be used by criminals.