As the Digital Marketing Manager, I often find myself on social media every day. I keep our company accounts updated, and I’m always browsing around for the latest news.
Prior to starting at Security Innovation, I worked a great deal in the agency space. I remember one instance when a client contacted me and asked whether I had posted anything to their account recently...turns out, their Facebook page admin (an employee) had their account hacked and the hacker used the company page she was connected with to start posting some spam messages on their behalf. After investigating, I realized very few clients actually had security measures in place for any of their online accounts. These are were some large, well known businesses. What should they have done to better protect their brand reputation and information in their accounts? And if they don't protect their personal accounts, what happens to their business?
How Hackers Use your Social Media Information
While social media websites now offer a number of privacy and security features, many users don’t use them. If a profile is out there in the open for anyone to see, in as little as 15 minutes someone could easily find information such as:
- Your full name (including maiden names and nicknames)
- What you look like (and what everyone you know looks like)
- Current address and where you’ve lived in the past
- Age
- Current and past employers (including job titles)
- Phone number
- Email address
- Who you're connected to...personal contacts and businesses
Without even hacking into your account, status updates could allow a cybercriminal to determine your hobbies and interests. Combining available information, someone could send you a phishing email from your best friend with a believable message. With enough information, a cybercriminal might even be able to apply for credit cards or loans in your name.
Don't Get Hacked. Check out the Security and Privacy Features.
Several social sites have been hacked in recent years, including Twitter, MySpace, Facebook, and LinkedIn. As security and privacy have become a large concern for social media websites, many have started incorporating security features into accounts. You may not have much control over a data breach, but you can implement several of these features within your account to notify you of suspicious activity or minimize the damage in the event a hacker does get into your account. Some of these include:
- 2 Factor Authentication: Should a hacker gain access to your password, 2-factor authentication can help prevent them from physically logging into your account if they don't have the additional 6 digit number available. Popular social sites including Facebook, LinkedIn, and Twitter support 2FA, which sends the user an additional one time code through SMS, email, or authenticator app requiring the user to enter in the security code before logging in.
- Login Alerts: Think someone may have hacked your account? Certain security features can let you know when someone logs into your account, where you’ve logged in from, and even allow you to configure special passwords when logging into apps. These notifications will immediately let you know if your account has been compromised, allowing you to take immediate action to help minimize damage.
- Privacy Settings: You should always think twice about what information you post, but you can also limit who you share it with. Several social websites allow you to configure your privacy settings to limit what profile information is shared and how people can search or connect with you. Remember, if they can hack into your account they could have access to any businesses or groups where you have admin privileges, so organizations need to enforce security for those with access.
Always Be on the Lookout
Even with security measures in place, social media accounts can still be hacked. Without configuring security features, a cybercriminal won't even need to do much to get the information they need. Always be on the lookout for suspicious activity within your social accounts, and limit the information you share and keep within them. Organizations are no exception. Employees with access to social media accounts need to properly protect them, be on the alert for suspicious activity, and take action immediately when necessary or their company’s reputation could also be at risk. Be mindful not only of yourself, but those you connect with as well. Their information could be at risk too!
