The number one form of attack delivery for everything from ransomware to credential theft is phishing. Email-based phishing is well known, but other types are growing rapidly as well.
There has been a 500% increase in phishing over social media over the last few years. In addition, there has been a 100% increase in fake social media accounts.
It is common for social media phishing to trick victims since people tend to let their guard down when using social media platforms such as Facebook, Instagram, Twitter, and LinkedIn. Instead of looking for phishing scams, they’re socializing.
The problem is that phishing scammers look for you and will contact you via friend requests and direct messages. Here are several ways you can protect your social media usage from covert attacks.
Set your social media profile as private
Scammers usually target public profiles on social media because not only can they gather information about you to strike up a conversation, but they can also clone your profile and create a fake page to target your contacts.
This is done by criminals so that they can send social phishing links to those on your friends or connections list. If the target believes it is from a friend, they are more likely to click on the link.
To reduce your risk, make your profile private to only your connections. Only people you’ve connected with will be able to see your posts and images.
On sites like LinkedIn, where many people network for business, you might still want to keep your profile public, but you can reduce your risk by following the other tips below.
Set your contacts/friends list as hidden
This does not prevent scammers from seeing you as a friend or connection on someone else’s profile unless they have also hidden their friends list.
Watch out for links sent via direct message & in posts
Phishing attacks are frequently delivered through links, particularly on social media. The links in social posts are often shortened, making it difficult for people to understand where they are being directed. As a result, clicking links you see on social media platforms is even more dangerous.
Scammers may contact you on LinkedIn to ask about your business offerings and give you a link to their website. Clicking on links sent via direct message or social media post is not a good idea unless you have confirmed the source is legitimate. You might be visiting a phishing site that downloads malware on your computer by doing a drive-by download.
Even if one of your connections shares a link, research where it came from. Many people share posts in their own feeds because they like the meme or picture on the post, but they never check the source.
Surveys and quizzes on social media should be avoided
It may be fun to find out what superhero or Disney princess you are, but stay away from social media quizzes. Many of them are designed to gather personal information about you. The data can be used for targeted phishing attacks or identity theft.
Millions of Facebook users’ personal data was compromised by the Cambridge Analytica scandal not so long ago. The company was found to be collecting information from users without their consent using surveys and quizzes.
In spite of the high-profile nature of this case, they are not the only ones who abuse social media to gather as much information as possible.
The best thing you can do is avoid taking surveys or quizzes on any social media platform since once your data is exposed, it cannot be recovered.
Avoid purchasing directly from Facebook or Instagram ads
It is true that many businesses advertise on social media legitimately, but scammers also use the platforms to commit credit card fraud and identity theft.
Check out an advertiser’s website directly if you see something you like in a Facebook or Instagram ad, don’t click through.
Before accepting a friend request, do your research
Getting a connection request on a social media platform can be exciting. Perhaps you’ll make a new business connection or reconnect with someone from your Alma mater. The scammers may use this method as well to take advantage of you. First, they’ll connect with you, which can be a first step before DMing directly.
Make sure to check the person out online before accepting friend requests. A timeline that has only pictures of themselves and no posts is a huge red flag to decline.
Find and retain cybersecurity talent
For Bakersfield cybersecurity talent, look no further than Grapevine MSP, California’s Central Valley leading IT service provider for forward-thinking businesses. Whether compliance, remote working, or cloud security concerns are hindering your business’s growth and recovery from the pandemic, we have Microsoft 365 cloud tools that can revitalize your team with productivity and security to help you stay safe from cyberattacks.
Send us a message online or call 661-369-8427. It’s time to put technology back in your business’s driving seat to compete, grow, and keep it safe.