Most people are aware that it’s a bad idea to post sensitive and personally identifying information on the web. But with the arrival of social media, and especially the speed and ease with which we can all now post, our guards are at risk of dropping.
The reality is, however, that cybercriminals are getting more and more sophisticated – their capabilities going far beyond that which many social media users may imagine. While having an account hacked remains a top threat, there are also many other ways that criminals are looking to exploit our online presence.
It may sound like a storyline from a spy film, but a stalker in Japan has just been charged with assault, after using his victim’s Instagram selfies – in particular, the reflection in her eyes – to pinpoint her location.
Social media photos
And it’s not just revealing (even if accidentally) your location and whereabouts that can lead to problems. Did you know that a copy of a key can also be made using a photo? There are even step-by-step guides to doing so online.
We may also need to be mindful of showing the end of our hands in photos too – such as when making a ‘peace’ sign or giving a thumbs up. It’s been suggested that hackers could even use such images to copy fingerprints, which can then be used to unlock devices that rely on fingerprint ID, including phones, computers and tablets.
For businesses, social media poses a growing threat, as cyber criminals look to use it as a ‘way in’. Many businesses use it as a marketing tool, but even if you don’t it still needs to be covered in your cybersecurity planning, as it is likely your employees will be.
The risk to business
The best way to protect your business is to build employee awareness around social media security best practices and the dangers of targeted attacks on such platforms. For starters, if you are running phishing tests, then expand this to social media too and use it as part of your employee education. Start a dialogue and return to it often.
Being cybersafe on social media
While the safest course of action will always be to avoid sharing any personal information online, if you – like the billions of others across the globe who use them daily – are not ready to give up on using social media platforms just yet, then here are some steps you can take to minimise your risk.
- Check your profile setting and make sure they are always set to private, to limit who has access to the content you are sharing
- Be mindful of who you have and accept as ‘friends’
- Avoid clicking on links, especially within social ads from unknown sources. That harmless looking personality quiz could actually be giving a hacker access to your account and devices
- Use 2-step authentication to reduce the risk of your account being hacked
- Use a password system such as LastPass to store and remember your passwords for you, then make sure you are using very difficult passwords that are different for every site. Use a random password generator if you need to.
- See if your data has already been compromised using the search function on http://www.haveibeenpwned.com, which will reveal if your email address has been leaked in some of the biggest hacks recorded to date
- Test employees on susceptibility to social media cyber attacks
- Train employees on safe usage and what to do in the event of an attack
- Make sure your antivirus software and system updates are kept up to date
For more advice on cybersecurity, for you and your business, see our blog: Cyber security: 10 top tips for small businesses.
About Dragon – IT Support Services Milton Keynes
At Dragon IS we specialise in IT solutions for small businesses. For more advice, call us on 0330 363 0055.