By: BuddoBot Team
It’s no surprise: over half the world’s population uses social media. And they aren’t just using it for scrolling and entertainment – they’re sharing tidbits of personal details thousands of times a day through check-ins and seemingly innocent posts. Just think of all the information in cyberspace – hackers certainly do. Unfortunately, people continue to feed them information, sometimes without even knowing it.
We’ve all heard the warning, “Be careful what you share online!” But what are the actual dangers of social media and online sharing? This blog will analyze what, why, and how hackers can find your information and provide valuable tips that can keep you one step ahead.
Why Social Media is the Perfect Target for Hackers
According to Verizon’s 2023 Data Breach Investigations Report, over 70% of data breaches involve the human element. This means cybercriminals are often successful at exploiting people by tricking them into clicking malicious links, opening attachments, and sharing sensitive data. It’s not surprising that most of these interactions occur on social media platforms, considering some of the following key factors:
- Personal Data: Within social media lies a treasure trove of personal information that stretches far beyond names and locations. People share birthdays, interests, family connections, professions, and much more. Attackers collect this information to help create personalized phishing attacks and scams. You’re more likely to fall victim to a scam if it contains information relevant to you, such as a birthday invitation to receive a discount from a vendor you’ve used before.
- Familiarity and Trust: People use social media mainly to engage with people in their circle. Criminals can use this by hacking into someone’s account to deceive the user’s connections into divulging sensitive data or enticing them to click a link. Was your coworker sending a link to this new weight loss system they’re using – or was their account hacked?
- Massive User Base: Social media platforms have billions (yes, billions) of active users, making them prime targets for cybercriminals. This large pool expands their potential victim count and increases their probability of success.
- Money: Some hackers do it just for fun, but 76% of attacks are financially motivated. Hackers can sell the personal information gathered, use it to steal identities, or distribute malware for ransom.
- Lack of Cybersecurity Awareness: Most social media users remain woefully uninformed about potential risks, despite the heightened awareness surrounding online security. Hackers know this and use it to their advantage – 1.4 billion social media accounts are hacked every month.
Types of Attacks to Look For
Hackers have no shortage of attack options in their toolkits and will use many different strategies.
These are the most common:
- Account Takeover: This is when someone gains unauthorized access to another user’s social media account. Once in, they can exploit the account for various activities, from bombarding followers with spam to assuming the person’s identity altogether.
- Account Hijacking: Similar to an account takeover, a hacker sets their sights on a business or organization’s account. Then, they can post malicious content to damage the brand’s reputation, cause financial loss, or spread false information.
- Phishing and Clickbait: These tactics are all about tricking users into performing an action to divulge login information or financial details. Here’s a common scenario: someone sees an Instagram ad for an item that catches their eye, so they click the link and purchase it. Unfortunately, it’s a convincing but fake site. The item never arrives, and the user has unknowingly given up their personal information, address, and card information.
- Social Engineering: This type of attack goes beyond general phishing and is geared towards human psychology, using tactics like fear and false urgency to get results. Picture this – you get a message on Facebook from an “administrator” saying your password has been compromised in a recent data leak, and you need to create a new one. At first glance, it seems legit, so you click the link and change your password. It turns out it was a fake Facebook Admin account, and the link took you to a bogus page where someone tracked your password change and can now access your account. Cybercriminals are good at making accounts and messages seem very real. They are hoping people won’t take the time to analyze them thoroughly – and unfortunately, they’re often right.
Social Media Cybersecurity Tips
We all know the importance of using strong, unique passwords, right? And understand that we should use different passwords for each account? Hopefully, that’s a resounding yes. Here are some other lesser-known tips to keep you secure on social media:
- Use Two-Factor Authentication (2FA): It might sound overly technical, but it’s easy to use. It’s just another layer of login security that most social media platforms offer. For instance, let’s say a hacker somehow obtained your Instagram password, but luckily, you have 2FA enabled. They would also need access to your phone or email to enter a security key. The Verge has an excellent two-factor authentication guide for enabling 2FA on all platforms and apps. Potential breach = blocked!
- Verify, Verify, Verify: Never click on an ad – always visit the site directly instead. Never click the link to a phone number provided in a message or email. Cybercriminals can manipulate caller IDs, so always verify with a simple Google search. Review social media profiles before accepting or messaging. Is it a brand-new profile with little content or few friends? Is it someone you thought you were already friends with? Do their messages include a lot of grammar and spelling errors? You can even reverse image search their profile picture through TinEye or Google Image Search. If the photo is linked to a different name or appears in an unrelated context, it’s most likely a fake.
- Don’t Tag Your Location: When you’re out with friends or trying out a new restaurant, it can be tempting to share all the fun, but letting strangers know your whereabouts is risky. You can temporarily disable geotagging features and location sharing while out and about to prevent anyone from tracking your movements.
- Track Access: For businesses that have shared accounts or multiple people with access to the business page, be sure to track who has access. It’s also important to periodically update the password, especially after an employee leaves.
- Skip the Trends: Trends can be fun but think carefully before participating in trends that reveal sensitive information. One recent trend taking social media by storm is the “Get to Know Me” trend, where people answer questions so their friends and followers can learn more about them. Answering questions about where you went to elementary school, how many tattoos you have, or your favorite places to visit involves revealing a lot of information, which can make you a target. This tip also applies to the fun personality quizzes you find online. It might be cool to know what type of house plant best describes you, but at what cost?
- Don’t Use Real Answers: We’ve all seen security questions like “What was your first car?” and “What is your mother’s maiden name?”. But do those security questions add another layer of security? They could reveal personal information if a database were ever breached. Instead of putting real answers, choose responses that you’ll remember but aren’t necessarily true” For instance, put your dream sports car for your first car, or use the last name of your favorite TV character for your mother’s maiden name.
- Sharing is NOT Caring: Sharing is caring… but not when it comes to cybersecurity. We’ve all shared some exciting news on social media. But what are those posts revealing? Take this simple example post:
Innocent enough, right? Let’s take a closer look.
This post reveals a ton of information. Before posting anything, always read through and analyze what cybercriminals could use to their advantage. This isn’t to say you should never share exciting news – just be careful what you share. And if you’re going away for a bit, post the photos after your return so people aren’t aware of your every move.
Key Takeaways
- Slow down. 95% of data breaches are caused by human error. Review your posts, analyze incoming emails, and do your research if something feels off.
- Report any suspicious activity to keep yourself and others safe. Social media security is a shared responsibility, and together, we can create a safer online community.
- Regularly review and update your privacy settings. Apps are continually updating and changing their settings – control your account.