Social media

Everyone uses social media. Sharing your photos, events, location, and information on social networks can feel like a lively conversation among friends, family, and colleagues. That’s what makes it so useful—and fun!

Unfortunately, scammers and cyber criminals also use social networks to gather personal information, which helps them steal identities, compromise accounts, or send highly targeted phishing emails.

If you have ever completed a “fun” Facebook survey or posted answers to questions about your first pet’s name or the street you live in, you may have shared something about yourself that hackers can use to access your account. When you share something online, you lose control over how it might be used, and anyone can see it.

The good news is that you can use social media safely using common sense and knowing what to look for.

How to use social media safely

  • Think before you share! Set limits on the amount of information you share and the number of people you share it with.
  • Trust your connections - Make sure you know and trust connections before sharing information or agreeing to meet them in person.
  • Think about what you share – If you can’t imagine your post as front-page news for all the world to see, don’t post it.
  • Review your security settings regularly - use privacy controls and be aware that scammers can still bypass these settings, and social media platforms often change settings and permissions.
  • Protect your login credentials – Use strong authentication methods for each account. If the social network requires security questions, consider using fake answers that don’t match anything you’ve posted. It’s easy for a scammer to find out your mother’s maiden name or the names of your schools, pets, and childhood friends.
  • Don’t reuse passwords – if you use the same password across social media platforms and a cybercriminal hacks into one of your accounts, they can get into all of them.
  • Use caution with third-party apps – Logging into an app with your social network account gives that app some level of access to your information and connections. Carefully examine and verify all third-party apps and avoid the temptation to fill in a quiz or survey, no matter how many of your contacts have shared or tagged you. Using fewer apps also helps reduce your risk.

Identity Theft/Impersonation

Watch out for imposters – Accepting a stranger’s connection request can give cybercriminals access to your profile. Scammers might also create fake profiles to impersonate you or people familiar to you.

Don’t accept unusual friend requests – even if they are from those you are already connected with - check first before accepting. Warn your friend immediately.

If your profile has been cloned - your friends will receive “friend” requests from you even though they are already connected; this is a sign that your profile has been cloned.

Scammers use fake profiles to get information from your friends. If this happens to you, immediately inform your contacts, change your password, and report the fake profile to social media platforms.

Other fake profiles - Some scammers will create fake profiles using photos of attractive people to attract your attention. They may just be curious, but if you don’t know them personally, be wary about accepting their friend request.

When faced with a request to connect, always consider the “who” of the request and then the “what” of a request.

What details are public/private

Do you know exactly who you are linked with across social media networks? Many people don’t - it’s sometimes hard to keep track of hundreds or even thousands of direct connections on multiple sites. And too many more are lulled into a false sense of security by their privacy settings.

Everyone who uses social media is vulnerable -it's not only those who have entirely public social media posts and accounts that are vulnerable to cyber-attacks.

Changing security and privacy settings, not tagging others, and only sharing with close friends and family can help reduce the risk; however, anyone you are connected to can take a screenshot, download your photos, and share your information without your knowledge.

Always think before you post - if you would not be happy with the idea of your post being front-page news, don’t post it. Keep the complaints about your boss or family members in a private conversation. Nothing shared socially can be considered confidential.

Privacy settings - If you regularly review your privacy settings on social media, be aware that changing your privacy settings today will not affect the posts you put up yesterday.

Social Media in the workplace - consider the workplace rules for using social media during working hours. Posting details about your job or events you attend as part of your job could jeopardise your workplace and your professional reputation.

Everything you post on social media should be considered public information, even if you regularly review your privacy settings.

Back to IT@ND: CyberSecurity