Home » How Hackers Can Craft an Attack From Your Social Media Profile

How Hackers Can Craft an Attack From Your Social Media Profile

by Kurt Knutsson

Share this article with anyone who may find this helpful!

Subtle updates we make to social media are all clues for malicious actors to work against you – and your company.

Every ‘like’ you tap on Facebook, a link to your resume at a job site, every photo shared on Instagram; it’s all a treasure trove for cyber criminals.

Hackers are now using powerful AI software to scan posts made everywhere in social media. It can harvest the smallest ndetails about your life in minutes. I spoke with a renowned 25 year veteran of cyber security, David Melnick, who says he’s watching how online criminal rings are now getting more effective, more dangerous, and more able to find rich targets.

“With the advent of AI and machine learning they can now scan millions of profiles and anyone that happens to be particularly vulnerable where they find something, that can be when they begin a more targeted attack,” according to Melnick.

Jump down to: Best Anti-Virus Software and Apps to Protect Against Malware

The most effective is a spear phishing attack. It’s a fake out sent to you in the form of a legit-looking email with tones of familiarity designed to trick you into clicking a link.

For example, you post a photo from a meal out at restaurant celebrating the moment. A caption might read.. ‘Loved dinner at Dusty’s Diner with friends’.

Even without that sophisticated help, you can learn enough about someone through social media in less than 30 minutes in order to pose a serious threat. This is why it’s so important that you are protecting mobile devices and computers.

A hacker accessing your restaurant post targets you with an email like this:

‘Hey thanks so much for dining with us at Dusty’s. I’m the GM and just want to say thank you personally. We’d love to see you and your friends again soon, please enjoy this link to a 20% discount good for your next visit. Thanks again! It was great to have you with us!’

Instead of a discount, the link is a trick that leads you into inadvertently installing malware without you knowing it’s a hacker fake-out. Now that malware is invisibly sharing everything on your screen and everything you type to a criminal hacking ring.

Jump down to: Best Anti-Virus Software and Apps to Protect Against Malware

As more and more people return to work, they are eagerly taking spontaneous selfies with office colleagues. In those shared photos are often compromising details such as the company’s security id hanging around necks or clipped onto clothing shown in the photos.

Hackers are also able to enhance items in the photo’s background like work computer screens and post-it notes. These can be used to further confirm identity of others, impersonate an employee, and target the company or co-workers in this new intimate form of hacking.

Criminals are good at it. Since it’s working, criminals are investing in expensive tools to help with the scams.

“Just like companies today are using A.I. to make their systems better, the adversaries we fight here are making substantial investments in improving the quality of their techniques, the efficiencies, the speed.” David Melnick, with his 25 years of hands-on cyber security experience goes on to say, “And so a machine learning based system is one great example of how they are honing their craft.”

There are some actions you can take to help block these social media sourced attacks and also check to see if you have already been scammed into downloading an identifiable malware threat.

How to Outsmart Social Media Hackers

  1. Pick unique profile pictures for each social network so that it’s more difficult for hackers to use one photo to find you on all the others.
  2. Re-examine your privacy settings on all social networks. Maybe even remove ghost followers with an app from your social media accounts.
  3. Think like a hacker before you post.
  4. Avoid sharing your company email address in social media.
  5. Use Malware Detection security protection software and apps


How to Spot Malicious Emails

  • When you look closely at the sender’s email address, it’s not correct.

What Hackers Can Learn From Your Social Media Profile

  • Something about the tone is slightly off. At first glance it may seem right, but take a beat longer with a skeptical eye, and you see something not as expected.
  • Hover over a link or email address without clicking to see if it looks off. Such as added characters or numbers.
  • Links in the email may show a misspelled or strange web address. Such as “TrustedSiteName-02920423.com”
  • Most companies do not ever send email asking for credentials.
  • When you encounter a call-to-action link or button, let that raise a red flag. It means someone could be phishing for personal information to compromise your security.
  • If you should ever get an email like this, never click on any links. If you want to double check, again, don’t click on any links in the email but instead, open up a new browser and type in the company web address and log into your account. If the email you just received is true, the information should be reflected in your account. Odds are, the email you just received is malicious and you should mark it as “junk” or delete it.


What to Do If You Think You May Have Clicked on a Malicious Link

Use trusted anti-virus security software or apps to scan your device for a previous attack. Malware can be placed on your device unknowingly. Hackers spend day and night thinking of ways to trick you. If these criminals weren’t succeeding, I would not be sharing these important links below to some of the most powerful tools to use for detecting malware.


Best Anti-Virus Software and Apps to Protect Against Malware



Bitdefender Total Security
MacOS, Windows, iOS and Android device protection
Annual or monthly subscription currently at a discount at $23.99/year for up to 5 devices (slightly more for 10 devices) that include MacOS, iOS, Windows and Android. This seems to be the best solution for a family like mine with multiple devices from the list of their endless sometimes confusing Bitdefender offerings that shouldn’t steer you away.

Bitdefender is strong while being user friendly and easy to use. It’s great at protecting many evils beginning with anti-virus security that recognizes malware, ransomware, viruses and other threats like spam. What I really like is the real-time data protection to battle malware automatically with their antivirus solution that does not slowdown anything you are doing. AI improvements can identify suspicious threats on your network and block an attack fast.

Bitdefender’s Rescue Mode can clean-up threats to keep your devices safe. It has a lot of bells and whistles that I like especially the file shredder that takes deleting to a whole new level of destruction of sensitive personal info you want to erase for good. Bitdefender is popular with its users and available at multiple online stores but I find the best pricing is here directly from Bitdefender by cutting out the middleman.

Deal: 60% discount: $23.99/year



Norton™ Official Site Antivirus VPN Security Software

Norton’s Antivirus security products offer one of the most comprehensive protections. From a password manager, dark web personal data monitoring, identity theft, parental controls, VPN and malware detection, Norton has everything you would ever need. Of their nine products, I like the Norton 360 Deluxe and Norton 360 with Lifelock Select the most. On the downside, Norton does not offer file encryption, file shredding, or secure web browser but still surpasses the rest with its commitment to maintaining a strong level of protection.


Deal: up to 75% starting at $14.99 for the first year


Panda Security

Panda Security

Panda Security Antivirus from the company that has been around for 30 years is outstanding. I’ve toured their headquarters and threat center in Spain and understand their level of protection first hand. They are out front with their smart technology monitoring everything with an outstanding track record of detecting attacks before they cause extensive damage. Panda has a very good grasp of using AI for your security based on behavior intelligence and real-time threat analysis. I recommend the Panda Complete as a starting point. However if you are looking for a VPN which would provide secure, private and unlimited Internet browsing, I would recommend their Premium product.

Deal: 50% off starting at $23.99



McAfee Total Protection 2021 Antivirus Software

McAfee Internet Security total protection protects many different devices for a low cost. They did a really good job with their password manager and the malware protection already at the top of the game keeps getting better and better. For moms or dads, the lack of parental controls on the middle level products are a disappointment, but not enough to knock it out of the top 3 best security tools.

Deal: $105 off – $39.99 per year for 2 years

No matter what protection you decide to use, awareness is half the battle. Keep second and third guessing every suspicious sense you feel in your gut when engaged in technology, reading email and texts.


Share this with anyone who may find this helpful by clicking the share button at the top of this article.

More ways to take back your privacy:

Print Friendly, PDF & Email

Related Articles


Rollin Judd Jr January 12, 2022 - 10:18 am

Do you need (example) Bitdefender Total Security and a VPN to be secure?

Thanks, Ron

Kurt Knutsson January 12, 2022 - 10:39 am

Great question. The short answer is yes – the antivirus program keeps your devices safe from threats like malware, while the VPN protects your data via encryption and hides your online activities.


Leave a Comment

Subscribe to receive my latest Tech news, tips & tricks, and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.