Posting photos on social media while you are away from home can leave you vulnerable to malicious acts.
Cybercriminals can use these photos and any other data you post online to get information about your personal and professional life and use it for a fraudulent purpose. This collection of data is a form of social engineering called pretexting, in which cybercriminals make up scenarios to manipulate victims into sharing information.
Social engineering encompasses a wide range of malicious activities that use manipulation to trick users into giving away private information and includes pretexting, phishing, vishing, or smishing.
Employees and contractors should be aware that social engineering attacks are not limited to personal devices. USPS-issued devices, such as laptops, cell phones, and tablets are susceptible to these kinds of attacks, which could damage the USPS® network and its operations.
Here are some tips to help avoid a social engineering attack:
n Limit shared information, especially about your family, job, or other personal details.
n Verify that senders are who they claim to be and don’t send information if you have any doubts.
n If you suspect you are being targeted on your USPS-issued device, report the threat to the Cybersecurity Operations Center by calling 866-877-7247 or sending an email to CyberSafe@usps.gov.
For more information, visit blue.usps.gov/cyber or liteblue.usps.gov/cyber.
— Corporate Information Security Office
Chief Information Security Officer, 3-9-23
