opinion

Beware of Social Engineering Hacks

Beware of Social Engineering Hacks

In case you’ve never heard of social engineering hacks, they are cyberattacks that prey on individual people. The intent is to get victims to divulge private information or take actions, precisely planned by the attacker, that will lead to a security breach. Social engineering hacks can be as damaging to you personally as they are to your business or website. For example, if your hosting account is infiltrated, attackers can hijack your servers to profit from sending spam, mining crypto or victimizing others, while you pay the bill.

As insidious as that sounds, such “hacks” have less to do the technology side than you might think. In fact, most people simply call such attackers “scammers” because they frequently impersonate people or companies and incite fear or urgency to get what they want. Sound familiar? Maybe you’ve been bombarded with fake support calls supposedly from big companies like Microsoft and Amazon, or threatening calls claiming to be from the IRS, banks or credit card companies. These are all social engineering hacks.

These hacks only work when you let them. Remember, any strange experience you encounter throughout your day could be some scam or attack.

Phishing emails are one of the most common examples. Everyone has seen these; they appear in your inbox as “warning” emails or notices purporting to be from a legitimate company. You’re often prompted to enter your username and password by clicking a link, only to find out they don’t work. That is because the website on the other end of the link is fake; it isn’t possible to log in even if the password is correct. Instead, what has happened is that you’ve given your credentials to a hacker, who then will try to access your account with the exact details you’ve just provided. To make matters worse, the first thing most people do when their password doesn’t work is input other passwords they commonly use, thereby giving a hacker even more data to work with.

Whenever you hear someone say they’ve “been hacked,” it triggers visions of someone wearing a black hoodie sitting in front of a laptop in a dark room late at night, banging away at a keyboard and finding ways into your accounts. But most hacking doesn’t involve fancy keyboard wizardry. It is much easier for attackers to trick you into giving them what they want.

Social engineering hacks are predicated on trust and poor due diligence. If you’ve ever been annoyed by real banks or credit card companies frequently and rigorously verifying your account when you call, you’ve experienced good diligence. The reason these organizations ask you security questions before talking to you about your account is to thwart social engineering hacks.

The infamous John McAfee of McAfee Antivirus once stated that, as a hacker, he used social engineering more than anything else to compromise systems. He said that 75% of the average hacker’s toolkit was social engineering tactics, and the most successful hackers use them 90% of the time. In an interview with Business Insider about how he might hack the Pentagon, McAfee explained, “You want to find the weakest link.” After all, we are all fallible humans and can fall for tricks.

The good news is that your highly firewalled and fortified hosting environments are not the weakest link. Often, the weak link is sloppily written custom software — or the person holding the keys, as in the case of the LastPass hacking debacle. In the LastPass data breach, a DevOps engineer’s home computer was targeted directly, and attackers exploited a vulnerable piece of third-party software — Plex Media Server — that had not been patched. Plex had issued a patch for the bug years earlier, but it was never installed on the victim’s machine. Oops.

You may ask yourself, “If social engineering hacks are so effective, how can I protect myself?” The answer is simple: Trust is earned, not given.

These hacks only work when you let them. Remember, any strange experience you encounter throughout your day could be some scam or attack. It is impossible to learn and know every particular scam there is because they change all the time. Often, these hacks are the same basic scam, just repackaged a little differently.

The best way to spot social engineering attacks and scams is to know how real organizations like banks or credit card companies verify your identity, and what email addresses and website domains should appear in their emails. It isn’t hard to check the “from” email address to see if the domain of the sender’s email is wrong or if the link in the email body goes to some random website rather than to your bank. It may seem counterintuitive, but when Secret Service agents are trained to spot counterfeiting, they focus more on what real money looks like because every counterfeit is different. Ultimately, you can always directly call any company you deal with if you need assurance via email or phone. Most customer service agents are trained to tell you to do this if you’re unsure it is really them calling.

On top of that, the massive acceleration in artificial intelligence is making it even harder to truly know what is fake or real. There is already sophisticated software for making deepfake photos, videos and audio. AI has given hackers new tools to proliferate their attacks worldwide, and nobody is safe from it. Don’t let your guard down.

As I said during my keynote at XBIZ LA in January, it is vital to hold ourselves to a higher standard because we are the adult industry. There is a responsibility to be more vigilant because of the sensitivity of our business niche. Imagine the damaging information to be exploited from a performer’s computer if compromised. Imagine the life-ruining account details and data that could be gleaned from a porn paysite or creator platform’s user database. These attack vectors are severe and frightening, and it is critical to avoid half measures.

Brad Mitchell is the founder of MojoHost, which has served the industry for nearly two decades and has been named XBIZ Web Host of the Year several times. He regularly shares insights as a panelist at trade shows. Contact brad@mojohost.com to learn more about the suite of services his company offers.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

WIA Profile: Lexi Morin

Lexi Morin’s journey into the adult industry began with a Craigslist ad and a leap of faith. In 2011, fresh-faced and ambitious, she was scrolling through job ads on Craigslist when she stumbled upon a listing for an assistant makeup artist.

Women In Adult ·
profile

Still Rocking: The Hun Celebrates 30 Years in the Game

In the ever-changing landscape of adult entertainment, The Hun’s Yellow Pages stands out for its endurance. As one of the internet’s original fixtures, literally nearly as old as the web itself, The Hun has functioned as a living archive for online adult content, quietly maintaining its relevance with an interface that feels more nostalgic than flashy.

Jackie Backman ·
opinion

Digital Desires: AI's Emerging Role in Adult Entertainment

The adult industry has always been ahead of the curve when it comes to embracing new technology. From the early days of dial-up internet and grainy video clips to today’s polished social media platforms and streaming services, our industry has never been afraid to innovate. But now, artificial intelligence (AI) is shaking things up in ways that are exciting but also daunting.

Steve Lightspeed ·
opinion

More Than Money: Why Donating Time Matters for Nonprofits

The adult industry faces constant legal battles, societal stigma and workplace challenges. Fortunately, a number of nonprofit organizations work tirelessly to protect the rights and well-being of adult performers, producers and industry workers. When folks in the industry think about supporting these groups, donating money is naturally the first solution that comes to mind.

Corey D. Silverstein ·
opinion

Consent Guardrails: How to Protect Your Content Platform

The adult industry takes a strong and definite stance against the creation or publication of nonconsensual materials. Adult industry creators, producers, processors, banks and hosts all share a vested interest in ensuring that the recording and publication of sexually explicit content is supported by informed consent.

Lawrence G. Walters ·
opinion

Payment Systems: Facilitator vs. Gateway Explained

Understanding and selecting the right payment platform can be confusing for anyone. Recently, Segpay launched its payment gateway. Since then, we’ve received numerous questions about the difference between a payment facilitator and a payment gateway. Most merchants want to know which type of platform best meets their business needs.

Cathy Beardsley ·
opinion

Reinventing Intimacy: A Look at AI's Implications for Adult Platforms

The adult industry has long revolved around delivering pleasure and entertainment, but now it’s moving into new territory: intimacy, connection and emotional fulfillment. And AI companions are at the forefront of that shift.

Daniel Keating ·
profile

WIA: Sara Edwards on Evolving Clip Culture and Creator Empowerment

Though she works behind the scenes, Sara Edwards has had a front-row seat to the evolution of adult content creation. Having been immersed in the sector since 1995, she has a unique perspective on the industry.

Jackie Backman ·
profile

Segpay Marks 20 Years of High-Risk Triumphs

Payment processors are behind-the-scenes players in the world of ecommerce, yet their role is critical. Ensuring secure, seamless transactions while navigating a rapidly changing regulatory landscape requires both technological expertise and business acumen.

Jackie Backman ·
opinion

The SCREEN Test: How to Prepare for Federal Age Verification

For those who are counting, there are now 20 enacted state laws in the United States requiring age verification for viewing online adult content, plus numerous proposed laws in the works. This ongoing barrage has been exhausting for many in the adult industry — and it may be about to escalate in the form of a potential new AV law, this time at the federal level.

Corey D. Silverstein ·
Show More