Blog

Cybersecurity

5 Social Media Cyber Risks to Watch Out For

Phishing

Just as the typical phishers have figured out how to mimic a legitimate company’s email structure and tone to try and dupe unsuspecting victims, malicious actors have turned to trying to phish on social media. Phishers will target social media users by providing login alerts to the legitimate user. They then go one step further and send erroneous links to a person’s social media messengers or emails. If you find yourself in this situation, do not click on the link but seek out the legitimate site yourself and check your account from there. When in doubt, it is always safest to go back to the original source.

Social Engineering

Social engineering is the psychological manipulation of a person to try and get them to divulge some sort of private or confidential information. Malicious actors do not always take the “nice” way out of things by trying to trick you, as some will try and scare information out of you. These cybercriminals take social engineering to social media platforms via direct messages with that typical threatening nature. These DMs will ask for immediate action or else. The “or else” can be an empty threat or it may be threat of exposing private information or pictures. It can also be something under the guise of “click this link immediately!” to get a person nervous enough to click without thinking — these links are usually full of malware and other unsavory cyber risks.

Oversharing Personal Information

While we all have that one crazy family member or old high school friend we will just quickly scroll passed while on social media because they share too much information with us, this is more of a risk than just being an annoyance to other social mediate users online. Oversharing where you are at all times in real time is a major physical risk because people know you are away from your home or at a specific location. Beyond the physical threats that oversharing your location can present, there are risks of sharing personal things that you always think of or that you hold dear, particularly if you do not practice strong password hygiene. For example, if you post how your lucky number is 4, your anniversary is this day, children’s birthdays are this and that day, and your street you grew up on was Leisure Lane, malicious actors could use this information to try and guess your passwords. While it is common guidance to not use these personal things for password creation, if you do so and you overshare, you’ve created an easily solvable puzzle for the scammers to decipher.

False Flags

On occasion, we will need to login to our social media accounts again after a long time of not entering such login credentials. However, a cyber attack known as a “false flag” tries to trick the user into entering login credentials by prompting them for such authentication. The prompt asks the victim to update their password; once this has been changed by the unsuspecting user, the attacker steals the username and password for that person and will steal more personal information from that encounter. Users should be aware of any urgent requests from social media sites to reset a password as this is likely a false flag and not legitimate.

Social Media App Integrations

Social media’s main purpose is to keep us connected with friends and family no matter where we are. As social media outlets have grown and evolved, they have taken on secondary roles as well including the ability to share and play games with your friends. However, you should be wary of these games that ask you to join by using social media as this allows the third party game to gain access to all of your personal information from social media including your messages, posts, friends, and more! The third party app, once connected to a person’s social media account, the third party app is granted access to the user’s accounts. This should be of concern because the privacy policy of the social media app you are signed up for is entirely different than that of the gaming app. Be sure to review the privacy policy for every application you download.

Image by stories for Freepik.