There’s no doubt that social networking has become an integral part of our lives, and it’s a great way to stay connected with people. But we have to be wary about the type of information we share and post online.
Facebook, Twitter, Instagram, LinkedIn, Google+ and more have changed the way we interact with family, friends, work colleagues and associates. But for all the good that these networks offer, they’ve also become an incredibly lucrative avenue for attackers to piece information together in order to infiltrate organizations’ networks by exposing both sensitive business and personal information.
Attackers target social network sites and user profiles in an effort to comprise your online accounts, steal identities and proprietary information, and potentially expose your computer to malicious software (also known as malware).
So how can you be more security-savvy when online?
Here are a few simple tips to help protect confidential and sensitive information:
- Be careful with your status updates. Don’t disclose or share personal or sensitive business information online.
- Hover over links. Hover over links without clicking—you’ll see the full URL in the lower corner of your browser, allowing you to ensure you recognize the website.
- Be wary of shortened links. A shortened link is popular on sites like Twitter where character length matters.Make sure you determine that the link is real and secure before clicking.
- Watch out for enticing ads. Malware can often find its way to your computer through ads, so be sure to always think before you click.
- Connecting with strangers. Be wary of those that want to “connect” with you or become part of your professional network on social networking sites—they may not be who they claim to be.
- Remember to keep passwords strong. The stronger the password, the harder it is to guess. Always turn on multi-factor authentication (MFA) if supported by the site. MFA is considered to be one of the best preventive measures for credential theft and unauthorized logins to sites.
- Don’t reuse passwords. “Credential stuffing” is an automated technique that’s commonly used by attackers, whereby they utilize an already-compromised set of user credentials from one service across other online services. Reduce risk by using different passwords for each online service that you use. Use a reputed password manager with a strong master password and multi-factor authentication (MFA) to safeguard all your passwords.
- Don’t forget to log out.If you stay logged in, you may set yourself up to being hacked. Be sure to clear your browser cache, history and log off and shut down your browser when you can—especially if you’re using a device that’s not owned by you.
- Enable security settings.Enable the privacy and security settings available on social network sites—they exist for a reason.
- Be careful what you share. Be mindful and understand how much information you’re exposing. Don’t post or entertain any requests for confidential or sensitive personal or business information.
With today’s technology, we’re more connected to each other than ever before. But don’t neglect your security—you not only put yourself at risk, but others within your organization as well.
If you see something, say something. Be sure to report any suspicious activity to your Information Security Team as soon as possible.