Use of social media is popular in both our personal and work lives, and this doesn’t look to be changing anytime soon. In fact, it’s a given for businesses nowadays. Most organisations use social media as a tool to help promote their business and engage with customers as a key part of their marketing strategy. However, many underestimate the cyber security risks they could be exposed to.
Between September 2019 and September 2020, email and social media accounted for 53% of attacks in the UK, which shows why it’s important to have an awareness of the potential risks of the use of social media for both the businesses and your staff. Making sure every member of your team is aware in the first place is a great way to start protecting your business. This article explores a few things to be particularly wary of when it comes to social media and cyber crime.
Potential Cyber Crime Risks
Unsecure Mobile Devices
The most common platform on which to access social media is a mobile device. This ease of access means it is important to make sure access control is robust. This can be done by using a personal password, which should be at least eight characters long according to NCSC guidelines, pin code or fingerprint ID to secure your phone.
Unused Social Media Accounts
Deleting unused or unwanted accounts and apps will also help to protect you and your business from hackers, as does keeping track of all activity across active accounts. This ensures you can spot more quickly if hackers are posting counterfeit messages from your account.
Malware can be hidden in many guises from seemingly innocent links via direct message to malicious apps on the app store. Its main goal is often to steal important, personal information from your accounts to exploit. Be wary of which links you click, especially those that are unsolicited. Installing anti-virus software is an easy way to combat intrusive and exploitative malware.
Deciding whether an account is real or not can be challenging. In 2020, Facebook blocked 1.3 billion fake accounts. Be sure to report or block any suspicious accounts and only add people you already know directly. A suspicious account may have very little information attached to it and limited activity history. Other indicators are small numbers of friends and only one or even no profile picture.
Be careful when sharing information or posting pictures from your workplace. It’s easy to overshare and this information may negatively impact your business or your employees. Be respectful when posting pictures of vulnerable employees and don’t share any unnecessary information. Hackers use clever tactics to monitor your social media and can even guess what your passwords may be. Authentication questions with a personal element, such as a pet’s name, often give enough clues for them to join the dots. Often the criminals can easily obtain this data from your social media posts themselves or information that’s visible in the background. A tactic to look out for is questions within ‘memes’. Answering these questions (i.e. your new name is your pet’s name + your mother’s maiden name) could hand personal information straight to cybercriminals.
For small businesses, sharing personal information often helps customers to get to know the business better. However, as mentioned above, it is easy to overshare and put your employees in danger. Make sure you have the permission of employees before posting anything regarding their personal lives. From a security aspect, by sharing personal information, you can make it easier for the criminals to break into accounts. They can then use this data to guess passwords and gain access. For example, a milestone birthday tells the world wide web that individuals precise date of birth.
Checking the privacy settings on your social profiles is a swift way to protect your information from data breaches. Double check who can see which posts and which elements of your profile. In fact, it is worth keeping your profile private, with only friends able to view what you are up to. Who can add you? Anyone? Or only friends of friends?
Third Party Quizzes
Links to quizzes often require you to enable unlimited access to your personal information. So, while it may be tempting to find out what character from Friends you are, don’t. It may come at the cost of your own private data.
Four MORE Ways to Stay Safe
There are even more ways to manage your accounts and combat the threats mentioned above. These are as follows…
Social Media Approval
Using both a social media plan for your business marketing, and an approval system will help to stop the wrong posts being shared. Make sure you have the opportunity to review both the text and any accompanying images that may contain personal or sensitive information, especially in the background. If you spot someone’s password on a post-it note stuck to their monitor, there may well be another conversation to be had…
Making employees aware of the risks through mandatory training on media literacy and security is a great idea to reduce human error and increase overall safety on social media. In fact, many schools are considering making digital media literacy a compulsory part of their curriculum in the near future.
Social Media Policies
Although they can seem tedious and time consuming, policies are there to protect you and your business from harm. A detailed social media policy will ensure the accuracy and suitability of shared content, as well as usage of own devices.
Ensure only the necessary individuals have access to company social media profiles. Fewer people with knowledge of those valuable passwords decreases the likelihood of leaks and also means you’ll know who’s responsible if there are any issues.
Beware the DM
Although being able to privately message via social media has many benefits; it is important to be careful about what information is sent. Be aware that such methods of communication won’t have the same level of security as an email.
Use 2FA/MFA to Protect Online Accounts
2FA, also known as two-factor authentication helps to protect online accounts by using something you have, something you know or something you are – together. Many software providers now offer this technique as an additional layer of protection if password databases are compromised. Users are required to log in with two different methods of authentication. This could be a password followed by a code sent via SMS or email or even via an authenticator app such as those created by Google or Microsoft. MFA (multi-factor authentication), as the name suggests, uses multiple methods to help identify a genuine user. With 2FA/MFA, it is more difficult for malicious actors to gather all the information they need to gain access.
Social media use is now a necessary part of working and personal life. However, using these platforms does not need to open your business and employees to dangerous threats. Follow the tips above to ensure you and your business have the protection you deserve.
If you would like more advice on protecting your business from security threats, get in touch with SupPortal today.