Social media & cybersecurity: 6 tips for securing your business
Social media is one of the most powerful ways for businesses to build their brands and influence customers to purchase products and services. The reason? Americans are increasingly connected to social media.
In fact, two-thirds of American adults are on Facebook, according to a March 2018 report from Pew Research. Thirty-five percent of Americans are active on Instagram, while 50% of Americans with a college degree use LinkedIn.
While most executives appreciate the potential benefit of social media, they often do not realize the magnitude of the risk that it creates. Recent studies show that social engineering is the most common way that criminals penetrate organizations to steal data. And many social engineering attacks start with hackers scanning social media for information that can be exploited.
At Bank of the West, we recently had to shut down two fake LinkedIn accounts impersonating a senior executive. Managers within our institution unknowingly accepted connection requests from the fictitious accounts. (To ensure that I am connecting with a real-person, I often IM my business contact to ensure they had actually just sent me an invitation.)
How can you protect yourself from fictitious connection requests and other possible risks? Here are six tips to help keep your social media accounts secure:1. Verify connections. Make sure the connection request came from the real person. Email, call, text, or IM to confirm the connections are from a friend and not a scammer. 2. Use strong passwords. A good password has at least 16 characters and looks something like this: Gh27cV^?b320O#Vc!. It’s not easy to remember — for good reason. Consider using a password manager. 3. Be mindful of privacy settings. Ensure the privacy settings for your social media sites are set to the appropriate preference level. Do you want your LinkedIn profile to be public or private? Do you need your connections to be alerted each time you update your profile? 4. Do not share login credentials or other confidential information. 5. Cut ties with questionable contacts. If you have connected with an unsavory character, remember that you can always unfriend, block or delete a connection on your social networks. (Note: This doesn’t include your Aunt Janet, who comments on every single Facebook post.) 6. Act fast. If you believe you’ve fallen victim of a phishing scam or a cyberattack, quickly change your passwords and, if you feel it is necessary, close the accounts.
Remember to limit the amount of information you share online. If you post too many details about yourself, an identity thief can find information about your life, use it to answer ‘challenge’ questions on your accounts, and get access to your money and personal information. Of course, never post your full name, Social Security number, address, phone number, or account numbers in publicly accessible sites.