Countless Facebook users have been sharing photos of their high school graduations in solidarity with this year’s senior class, which is completing its final year at home because of the coronavirus crisis.
But a report from the Better Business Bureau, a nonprofit consumer advocacy and market research organization, says that crooks can social engineer sensitive information from the posts to hack into users various online accounts — including their banking information.
Hackers can search for posts using the included hashtag, #ClassOf2020, to determine a user’s high school and graduating year — as well as other public information listed on a user’s profile, including their hometown, names of family members and pets, and favorite movies or books.
This information can then be used to answer online security questions or guess passwords to breach a target’s online accounts.
“BBB cautions everyone to be aware of what they are sharing. Even if you think it’s just going to your friends, it could also be going somewhere else,” the BBB writes.
“Resist the temptation to play along. While it’s fun to see other’s posts, if you are uncomfortable participating, it is best to not do it.”
The organization recommends anyone who has shared a #ClassOf2020 post to review account security settings on all social media platforms to see what is being shared and to whom, and to change answers to security questions if needed.
The coronavirus pandemic has already caused a reason to be alert for scammers. Earlier Wednesday, federal officials revealed scammers are attempting to bilk people out of their stimulus checks.
“Scammers have no shame, and nothing — not even a global health crisis — is off limits,” Karen Hobbs, assistant director at the Federal Trade Commission’s Division of Consumer and Business Education, said in a recent blog post.
Additional reporting by Noah Manskar