Social Media Networking Safety
Participation in social media networks has become one of the most popular online pastimes, with billions of people using social media to connect with old friends, make new friends and share information. These networks of interconnected people, while being very popular, bring cybersecurity exposure to everyone associated with it. Platforms are also free-to-use tools utilized by scammers and cyber criminals leading to promote misinformation, loss of confidentiality and identity theft, and even fraud.
Younger site users can be exposed to various risks like online bullying, disclosure of personal information, cyber-stalking, access to inappropriate content, etc. In recent years, there has been a growing rise of fake profiles touting false information, which can have unpredictable consequences for users. While social network companies have begun addressing several issues, social media has become an unregulated haven for misinformation, malicious applications, spam, and fake links which often leads to cyber-attacks.
Sophisticated misinformation/disinformation campaigns are especially problematic today, and there are growing discussions on how to address these issues without undermining the benefits of social media. In order to maintain an open system, government, business, and consumers must work together to solve these complex problems.
Spam refers to unwanted email advertising flooding users' inboxes. Similarly, social media sites make it easy for spammers to gather the personal information of unsuspecting users.
We are all working in an era of unprecedented online sharing, social connectivity and collaboration. The rise of social media has paralleled the emergence of phishing as a serious security threat if left unchecked. The two trends are also connected. Spear phishing, in particular, benefits from the socially networked world. The attacks target employees in order to steal login credentials and gain access to internal systems and data. However, unlike the generic "Dear Sirs and Madams. I am needing your help" type of phishing emails, spear phishing involves precise targeting and the use of real identities. The inherent nature of social media allows availability to details of someone's job, their functions, and the coworkers that are connected to them.
For instance, if Bob knows Joe, the attacker might pose as Joe to get Bob to tell him the password to the personnel database or click on a malware link. In some cases, the hacker posing as Joe will take over Joe's actual social network account. This is known as "account hijacking." With this approach, the hacker is nearly indistinguishable from Joe. He's logging into Joe's account and using it "as Joe".
Tips to Mitigate the Risks of Social Networking• Limit the information you put in the social networking sites.
• Don't put personal information like your family details, addresses, personal photographs, video, etc. If you must post your personal photographs change your account settings and make them visible only to friends.
• Most sites and services provide options for privacy settings to prevent attackers from viewing your information. You can use these options to choose/deny whom you want to allow to see your information.
• Never meet someone you are "friends with" on social networking but have never met in person. In the case of account hijacking or misinformation, this may not be their true identity.
• Don't ever click suspicious links while logged into social networking accounts.
• Always clean browser cookies and cache.
• Install a current version of Anti-virus/Anti-malware to keep your system free from malicious applications like viruses, worms, Trojans and other malware.
• Don't ever share your password with anyone, and use different passwords for different networks, changing them regularly. For strong passwords, use a minimum of 14 or more characters with a mix of alphanumeric and special characters). Some of the strongest passwords are passphrases.
• Many social media networks provide Multi-Factor Authentication options for access to your profile. If this option is available, it is highly recommended.
• Always check URLs for misspelled links before you proceed to click to avoid logging in to a fake site – that goes for links in your emails as well.
Please visit our Cybersecurity Center for more helpful information on keeping information safe from cyber threats!