Engenharia social nas redes sociais online: um estudo de caso sobre audexposição de informações pessoais e a necessidade de estratégias deudsegurança da informação

摘要

The development of social networking sites (SNS) has created a phenomenon known as "hyperudmobility esthetics of netizens" that increases of the exhibition of personal information on the Web, it isudnatural that raises the risks associated with such, especially relative to the application of socialudengineering techniques. Social engineering is a term that defines some practices used to get access toudinformation, through the breaking systems confidentiality, organizations or individuals, using surveys,udcheating or exploiting the trust of people. Faced this scenario, how measure the private information of audparticular individual are exposed on the Web? To answer this question, this study aimed to analyze theuddegree of exposure of information is accessible on the Web. To this end, this research was conducted asuda case study with quantitative and qualitative approach, focusing on survey personal and professionaludinformation, using consultations to sites and open access Websites. It was used the non-probabilisticudsampling and elaborates a metric scale for rating the degree of exposure. We observed that 70% of theudsamples have a high exposure indicator and 20% extremely high. No individuals surveyed had zerouddegree of exposure. From this study was possible to demonstrate the facility in searching and gatheringudinformation in the online environment. This information is sufficient to subsidize a social engineering attacks. The results obtained allow us to create hypotheses that can be worked on a research of audprobabilistic sample and highlight the need to adapt procedures for information security managementudand implementation of information security policies in the organizational environment.