This is to attack trust based on some one you know.
In physical world, this is harder as you will recognize the person by appearance unless via impersonation like those in “Mission Impossible”.
In cyber world, email and social network ID are easier for spoofing, not-to-mention compromised identity are on sales in the dark web.
- Part-1: protect your cyber identity. Even if you consider such cyber identity doesn’t harm yourself, it could cause collateral damage to those who know you
- Part-2: now, you are cautious about your cyber identity. Establish preparedness to manage the situation when you suspect your cyber identity is compromised for malicious intention
- Part-3: from a 3rd party perspective, when you receive “unusual” request(s) from cyber identity for those you know or appeared as legitimate, validate their request(s) via other trusted communication channels (like phone call, or official web link)