This is another one about the perils of not being careful when using social networks. A security researcher set up a series of fake Facebook, LinkedIn and Twitter accounts, bearing information and a seductive mug shot of a young lady, posing as a Navy cyberthreat analyst.
The fictitous flirty little Sage, as the dupe was called, established links with around 300 - mostly men, not surprisingly, but also some women - in the U.S. military, intelligence and information security communities. Some of her new found "friends" even considered offering her a job, according to this story in Computerworld
Interestingly, the flesh honeypot wasn't able to attract any attention from either of the two top notch schools - MIT and St. Paul's, a New Hampshire prep school - listed on LinkedIn to demonstrate her high educational pedigree.
It seems the prep schools were a bit more choosy in who they friend. "One of the things I found was that MIT and St. Paul's [prep school] were very cliquey. If they don't remember seeing you, they are not going to click. You had less of a chance of penetrating those groups than the actual intel and security communities
," Thomas Ryan, the real person behind the phony social networker, was quoted as saying.
The lesson is simple and obvious: If you don't know them personally, don't friend them. No matter how cute, knowledgeable or well-educated they appear. Matahari has now moved to cyberspace.