Cybersecurity and Fraud Protection

6 Ways to Help Protect Yourself (and Your Business) on Social Media

Social engineering attacks are on the rise and cybercriminals often look for clues on social media accounts. Learn how you can help protect yourself, your employees and personal information by following these six best practices using social media.


Social engineering attacks are on the rise and cybercriminals often look for clues on social media accounts. Learn how you can help protect yourself, your employees and personal information by following these six best practices using social media.

You and your employees are a primary access point for cybercriminals and fraudsters on personal or professional social media. Many of the best practices and guidelines you use to protect sensitive information in the office should also apply to individuals working remotely. It only takes one person clicking a malicious email link or sharing personal information on social media to give criminals an opportunity.

Social engineering attacks often begin with social media accounts. Fraudsters may secretly investigate your organization’s employee profiles, obtaining details about their work in order to piece together a believable phone conversation using this information—a practice called vishing. They may take it a step further and connect with your employees directly through emails they’ve uncovered.

These practices help criminals build trust with your workers and, over time, learn insider information about your company. Cybercriminals may also target your business directly—building fake employee or business profiles online, or sharing malicious links and misinformation with other users.

While the effects of a cyberattack can be long-lasting to your business operations and reputation, there are simple steps you and your employees can take to safeguard both personal and business-related information and help reduce your company’s chance of being targeted.

 

Use privacy and security settings

Social media pages and posts are typically set to public visibility by default. Just spending a few minutes to secure your accounts can minimize your exposure and increase your security significantly.

 

Be strategic about connections

Only connect with people you really know and validate that it is really them. Use privacy settings to manage the amount of personal information you want to share.

 

Report fake profiles

Be wary of unsolicited friend requests from people you don’t know. Hackers or bots use seemingly normal profiles to make connections, learn more about you or influence your decisions. Report suspicious profiles to the social media site. At work, consider investing in a process for employees to report fake profiles impersonating your brand or employees.

 

Avoid third-party apps and quizzes

As we spend more time working remotely, you may find social media quizzes can be a fun distraction, but at what cost? Social networks do not currently monitor the developers of quizzes, games or third-party apps for security. Also, you could be clicking on a suspicious link that shares your personal information (friend lists, email address or location) with a fraudster.

 

Avoid oversharing

Be cautious about how much personal and work-related information you share on your profile, posts, group chats and public pages. Even live check-ins when visiting locations can be risky. The more information you post, the easier it is for someone to identify behavioral patterns, track down your whereabouts or figure out your login credentials.

 

Be wary of donation scams

It’s extremely common for hackers to capitalize on unpredictable events such as civil unrest, pandemics or natural disasters. Only use reputable donation sites and be mindful of crowdfunding sites to help victims after a disaster. The website may be real, but the stories posted online may be fake.

Jonelle Burns currently leads the firm’s Cybersecurity Education & Awareness team, responsible for educating and empowering employees to better protect themselves, their families, and clients. Burns has more than 10 years of experience in learning and development, and has been with the firm for five years.

Cyber Magazine Fall 2020 Cybersecurity and Fraud Protection