We all share online, whether it be birthdays, holiday photos, even our pets’ names – without a second thought. But that “harmless” detail could hand cyber-criminals exactly what they need.
What is Social Engineering?
Social engineering targets people, not computers. Attackers exploit trust and urgency, posing as someone you know or crafting realistic scenarios that pressure you into clicking a link, revealing a password, or transferring money.
How Hackers Mine Social Media
| Tactic | How It Works | Example | Quick Fix |
| Password & Security Question Guessing | Personal details (pet, birthday, team) become password fodder. | Your dog “Milo” + birthday 07/09 → “Milo709”. | Never use real answers; use three random words. |
| Impersonation | Scammers mimic your tone and timing. | After your “Barcelona!” post, your mum gets a message: “Help my phones stolen – need £500”. | Confirm urgent requests by phone or video. Limit your social media visibility to trusted friends and family only. |
| Spear Phishing | Posts reveal what’s timely for you. | After you tweet about a conference, an “HR Update” email arrives. | Hover-check links; don’t open attachments, verify with the sender and or your IT expert first. |
Five Ways to Share Smarter
Pause Before You Post
Ask: could this help guess a password or craft a scam?
Lock Down Privacy Settings
Keep accounts private and prune followers you don’t recognise.
Use 3 Random Word Passwords
Let a password manager create and store them.
Enable Two-Factor Authentication (MFA)
An extra authentication step adds a huge amount of security to your account with very little effort.
Verify the Unexpected
Urgent message? Switch channels— -call, text, or video – to confirm.
Stay Ahead of Social Engineering Attacks with NEBRC.
At the North East Business Resilience Centre, we help businesses strengthen their defences against cyber threats – including social engineering attacks that start with a simple scroll through social media.
Our Security Awareness Training can help you and your team spot the signs early and avoid falling victim.Want to become more cyber aware?
Sign up to our free Core Membership for updates, expert advice, and access to tools that help keep your business safe online.