In today’s world, we are increasingly living digital lives, where we interact and engage with our friends and family online. Social media has become central to our lives, writes Carey van Vlaanderen, CEO at ESET Southern Africa.
And yet, while millions use these platforms on a daily basis, they are not without their pitfalls. In particular, online privacy and information security constantly come under the spotlight, while online bullying and harassment can’t be ignored too.
Anyone, regardless of age or experience, can fall victim to one of the above attacks. Cyberattack incidents are on the rise – with the numbers speaking for themselves. In recent months there have been high-profile attacks on LinkedIn (resulting in 100 million emails and passwords being posted online), Myspace (a data breach affecting 360-million users) and Tumblr (65-million people affected).
With all this in mind, we looked at the ways you can avoid falling victim to social media attacks, and how you can boost your social media security.
Manage passwords and adopt phrases
The problem with most compromises is that people continue to use weak passwords (123456 is the most common) or – worse still – they use the same passwords time and time again.
Cybercriminals today can break these passwords easily and quickly, with brute force and dictionary attacks that are able to crack even lengthy passwords in a matter of seconds or minutes. Then there are keylogger attacks, where malware security installed on your machine can quietly gather passwords without the user knowing.
You can bolster security in this area by using a password manager, which can generate new passwords and store existing ones (as well as your credit card details if needed).
Fortunately, technology companies like Google are also making improvements in this area, forcing users to make their passwords stronger, while catching these passwords with autofill so they don’t have to constantly remember what that password is.
Lastly, you can make a huge difference by opting for passphrases, which are miles better than a password. Moreover, they are easy to implement, and, of course, remember.
Invest in two-factor authentication
Two-factor authentication (2FA) has been promoted as a good additional security measure for a number of years now, but is, as of late, gaining widespread popularity. In essence, 2FA pushes you to enter a secondary piece of information to access and account, meaning that you are not compromised if a password or PIN has been lost or stolen.
Check e-mails for suspicious login attempts
Facebook and Twitter are improving their information security practices and are particularly good at alerting you when a possible intruder has tried to access your account. So keep a close eye on your email to see- and react – when you get that email.
Most social media accounts will block suspicious attempts to login, and will immediately ask you to change your passwords. You should look to do this as soon as possible so that you minimize any opportunity a cybercriminal may have in exploiting your account and your personal details.
Beware suspicious links
While you may trust your social media platform, the same can’t be said of the people who use it, nor can you be 100% confident that people are who they say they are. For that reason, you should be wary of opening links sent on the platform, especially if they have been shortened using such as Bitly or Hootsuite.
Equally, be cautious of links embedded in email messages supposedly from a social network provider, as well as links that appear to come from a trusted source. Be vigilant, extra careful even, and, if you are on a page that does not feel right, close the browser tab without clicking any buttons on the page to avoid clickjacking attacks and other scams.
Instead, connect to the site directly by typing the URL into the address bar, of by using a bookmark. It’s important to note that scams are rife and highly effective.
Be privacy conscious
It sounds obvious, but avoid putting potentially sensitive information about your or other people on social media. For example, some parents don’t like to mention the names of their children online, and so you should respect their privacy preferences.
You should be careful about your own privacy settings, as your page may be open to all viewers, irrespective if they are a ‘friend’ or not. This public information could potentially be used to conduct identity fraud, with techniques like social engineering used to exploit this information for financial gain.