The Dangers Of Social Engineering: Learning From The Trend Of Uploading Nicknames On Instagram Leads To Fraud
Twitter screenshot

JAKARTA - The Add Yours Challenge "variations of your name calling" on Instagram became a netizen conversation after being suspected of being the cause of a fraud case. In the world of cyber crime there is what is called social engineering or social engineering. It is a method of hacking and committing crimes to victims. However, the development of social media is like a double-edged sword. On the one hand, it brings many benefits, but on the other hand it opens a wide gap for cybercrime.

For information, the Add Yours sticker is the newest feature that can be used on Instagram Stories. Through Add Yours, users can reply to messages via Insta Story posts. Lately, this feature is often used as a quiz or challenge by users.

One of the viral ones is the "variation of your name calling" challenge. In the past few days, this challenge has often crossed the timeline.

Even though it can be used as an "exclamation" event in cyberspace, some users feel that the "variation of your nickname" challenge can be a loophole for fraud. One of the victims is a friend of the owner of the @ditamoechtar_ account.

Dita Moechtar told that this morning she was called by a friend who was deceived because she asked for some money to be transferred. He said his colleague felt confident because the fraudster called him by nicknames.

Allegedly, the nickname was taken when the victim took part in the challenge on Instagram. "What made my friend believe, the fraudster called him "Pim." "Pim" is my friend's little nickname, which only close people know. Then he remembers he has joined the Add Yours challenge," said Dita through her Twitter account.

In the world of cyber crime, one method that is often used is social engineering. What happened to her friend Dita is similar to this. So what is social engineering?

Social engineering

Katharina Krombholz et al in their research entitled Advanced Social Engineering Attacks explain social engineering or social engineering is the art of making users compromise with information systems. Instead of hacking into the system, a social engineer makes humans or users the main target.

"Manipulating them to divulge classified information or even carry out criminal attacks through influence and persuasion. Technical protective measures are usually ineffective against these attacks. In addition, people generally believe that they are good at detecting such attacks," explains Krombholz.

In this era of all-digital communication, people are increasingly free to publish information data on social media. However, according to Krombholz very few of them think about security and privacy. They share highly sensitive documents and information on the internet.

"Some users consider their interacting friends to be trustworthy. However, the only identification is via email or their virtual profile," wrote Krombholz.

Unfortunately, in recent years, according to Krombholz, security vulnerabilities in social media have often been misused to leak sensitive information. Indeed such vulnerabilities can be fixed and cybersecurity can be strengthened. "However, even cybersecurity enhancement methods can be helpless when users are manipulated by social engineers."

"The most powerful tool that hackers can use to access important information is through social engineering. It is superior to most other hacking methods because it can penetrate even the most secure systems, because the users themselves are the most vulnerable part of the system," said Krombholz .

Even more terrifying, said Krombholz, social engineering is easy to automate so it can be done on a large scale. "Social engineering has become a real threat in the virtual world." So has the development of social media made it easier for social engineering to work?

Illustration (Unsplash/Thought Catalog)
Personal data is increasingly vulnerable

To answer this question, VOI contacted the Chairman of the Indonesian Cyber Research Institute (CISSReC), Pratama D Persadha. According to him, even as the Add Yours challenge has been carried out, criminals no longer need to do social engineering.

"Actually, even without social engineering, criminals can already do profiling in the Add Yours challenge case on Instagram. Because many challenges are carried out by various celebgrams and netizen accounts," said Pratama.

Pratama said that criminals no longer needed to take a special approach. They just choose and see the challenge that requires citizens to answer related to their personal data. "For example, what are the names of the father and mother, the date of birth and other personal data."

Because it can be accessed by the public, Pratama urges the public to not only be careful in uploading, but also to be vigilant in participating in the challenge. "Avoid challenges that ask us to mention personal data."

Even Primary on various occasions always conveys to the public, so as not to upload content between children to school. One of the threats could be criminals kidnapping and asking for a ransom.

"Of course, to commit a crime they must know the target data. If a criminal can collect all of that data, then there is a greater chance of success. Starting from knowing the name, face, to the location of the child's school, even the names of relatives, household members and family members. also a driver who usually picks up," explained Pratama.

So, Primary said this data is like a double-edged sword. On the one hand it is very useful, but on the other hand it can also be dangerous if it falls into the wrong hands. "Therefore, we must be wise in social media, don't overdo it, just to increase the impression of our social media posts," said Pratama.

*Read more information about VIRAL, read another interesting article from Ramdan Febrian Arifin.

Other BERNAS


The English, Chinese, Japanese, Arabic, French, and Spanish versions are automatically generated by the system. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)