People keep falling for this one, so it’s worth reminding them – there isn’t a way to see who’s viewed your profile on Facebook, and any application that offers to do this for you is a scam. In fact, Facebook has a statement on their website that confirms this.
But this can be useful to you if you’re trying to illustrate social engineering techniques to your staff.
Curiosity is one of the human character traits that social engineers will try to use to their advantage. And, since many of your staff are likely to be using Facebook from their work PC, at home, or using their cellphone (see my recent post for some statistics on this), this should be something that they can immediately relate to.
Further, as we mentioned in our list of Best Practices for Security Awareness Training, it’s a good idea to discuss the importance of security to life outside of work since that encourages your staff to make good security second nature.
So use this as an example in your training class, or work it into the monthly reminders that you send out by email.
Thanks to Graham Cluley at Sophos for reminding me (in his blog post) to remind you!