Why you shouldn’t ignore the social media factor when protecting your business from hackers
January 27, 2022 •
Imagine this, you’re taking a break from work and scrolling through Facebook when you receive a message from a friend about a video that went viral and you’re in it. Curiosity kicks in and you think “what video?” and so you click the link, and at first everything is fine. You see it was a joke message and log out of the browser. A few minutes later, you try to log back in and you can’t. You keep trying only to realize: you’ve been hacked. You’re now scrambling to your other accounts to see if they’re affected and you just keep thinking to yourself “if only I could have prevented this”. Well, maybe you could have.
Let’s say your company avidly uses their social media accounts to market themselves. You likely have one or two employees running the accounts from their work devices. It may seem like it’s enough to have two-factor authentication (2FA) on the company device but because social media is a platform of its own, it also needs its own separate 2FA protection.
Social media platforms have only recently started implementing two-factor authentication, but because of how new it is, not many people are aware of the 2FA that is available for their social media accounts. Having your accounts compromised doesn’t just happen at work. It can also happen in your personal life too. This is why it’s important to practice good cybersecurity health in order to make sure that you are fully protected from these types of incidents both at work and at home.
Phishing scams are not unknown. In fact, they’re one of the most popular scams out there. While phishing scams can sometimes be difficult to identify, on social media they stand out a bit more than they would in an email. In 2018, social media scams accounted for 56% of users’ accounts being compromised. In 2023, it is projected that cybercriminals will steal 33 billion accounts on social media.
Almost every business has some sort of social media account to show legitimacy, and for marketing purposes. Social media poses a rich area for hackers to earn some revenue and make a living. One of the most common scams however, is through links in a user’s ‘DM’s’ (direct messages). Often the scammer will send you a link that includes a ‘special offer’ or a ‘gift’ which compels the user to ultimately click the link, and input their information to receive that offer or gift. Once this happens, the hacker now has your valuable information and can gain access to your personal information and accounts. The hacker will then use your account to send out similar messages to people you know and begin creating a chain of this. This is a big trend on Facebook as there are a lot of fake marketing companies posing as ‘legit’, but are really just there to trick people into giving them your personal information.
A more common scam that happens but in different variations are the cash grab messages. When this first came about, you would receive a message from a friend requesting money in order to get home from a trip. However, your friend who supposedly sent the message doesn’t even know that message was sent. The hacker who gained access to your friend’s account sent that message to every one of their contacts in hopes that someone would send money. The most recent cash grab scam that has been floating through social media (mainly on Instagram), is a scam trying to get users to invest their money with someone and get a significant ROI in return. This is something to look out for as now the hacker has access to not only your profile information but also your banking information. Believe it or not, this can happen in both your work life and personal life if you’re not careful. It’s best to have yourself and your employees trained on how to identify phishing scams.
Clickbait is another scam that’s on the rise from hackers, especially on Facebook. Essentially what they do is create a catchy headline that has to do with a trending news article and link it with a malicious website. Whenever you log in to something with ‘Facebook’, you are now giving your profile information to that website, which may not be as legitimate as you think. If you do not have 2FA enabled, they can log in and change your password whenever they please.
So how can you protect yourself against these types of hacks?
Well, the first way we would suggest is utilizing your two-factor authentication on literally everything that requires you to have a username and password. 2FA is the strongest form of protection for any account. Even if your password happens to be guessed correctly, that extra layer from the 2FA will not allow them to access your account any further.
Another recommendation is cybersecurity insurance for your business. This will protect your company from any future ransomware attacks that may arise, including ones that are caused by passwords compromised not just through work accounts.
Another suggestion we have is to make sure your computer or device has malware protection. Usually this is the case when you purchase a brand new laptop, but you can also purchase that software by itself to install to your computer. In the event you do click on a malicious link, the software will prompt a notice that the site is not safe and recommend you exit the page which doesn’t seem like much but can save you from a big problem.
Lastly, make sure your passwords are completely secure. This means making your passwords nearly impossible to guess by using password phrases rather than the traditional mix of letters, numbers, and symbols. The more complicated the combination, the harder it is for a hacker to guess. We also recommend utilizing a secure password manager, allowing you to use a different password for each account and still be able to keep track of them all.
At LoginTC we can help you stay secure no matter where you are. Give us a call today at +1-877-564-4682 or email us at sales@cyphercor.com to learn more about how you can keep your company and personal information safe!