For many of us, social media has become a pivotal part of our lives. Whether you love it or hate it, social networking sites such as Twitter, Facebook, and Snapchat can help people connect with long-time friends, share photos with their families, and see what the latest news is (or share memes). However, there is an inherent risk when letting loose online on social media.
It’s important to slow your scroll and understand that you may be putting your own identity at risk when taking certain actions online through social media.
Here are 12 tips that can help you stay safe when using your favorite social network online.
- Curate your friend requests carefully.
- Some use social media just to talk to their close friends. Others may use it for building a base of followers for their art or products. However, you should be weary of who you are allowing access to your social feeds. Over-friending is a real concern regarding social media, allowing strangers access to what’s going on in your personal lives for the sake of having a large follower count. This all depends on the type of content you share online but be weary of who is following you before you follow them back. Also, be careful of duplicate friend requests, as scammers can send fake friend requests under a familiar name that you may be a mutual friend with already. If you see this there is a possibility that their account has been hacked.
Verify who you connect with and take a close look at their feeds when possible, especially on Facebook and Instagram.
- Use unique, strong passwords for EVERY login.
- Social networks can have a large amount of personal information nestled away within your account. Like any online service that requires a login, make sure you are using a unique, strong password for every login. Social media hacking happens every day, so it’s crucial to make sure your password is not easily guessable. Also, if 2FA (Two-Factor Authentication) is available, which sends a unique code to a secondary device (like your mobile phone) for you to log in, enable this feature for even greater security.
- One more thing: keep an eye out for emails that come to you about unauthorized access to your social account that may have a link to either reset your login or to review the login. If this happens, do NOT click the link as it could possibly be a bogus phishing attempt. Go directly to the social media’s page or official app to make any changes to your personal info.
- Watch out for sneaky social browser plug-ins.
- There are several browser plug-ins that are designed to simplify posting and sharing online. However, you should always be wary of extensions that are made by third-party developers that can get through to the App stores. Many of these extensions and plug-ins harvest your personal data with or without your permission so avoid using them if possible.
This Webroot Filtering Browser Extension is an example of a legitimate extension, but take note of how the notification explains what permissions it requires.
- Review your Facebook Privacy Settings.
- We’ve seen several cases of an “accidental” post that went public or on a public page instead of a private account. Reviewing your Privacy settings for all the social networks is crucial to make sure that you are only sharing what you want with who you want. Evaluating your privacy settings at least monthly is a good practice, and before you post on Facebook, make sure your sharing icon is the correct one you desire (public, friends with acquaintances, friends only, and private).
- Keep your online defenses up to date.
- This certainly is not limited to social media use, but always make sure that your firewall and anti-virus defense on your computer and network are well-armed and up to date. Be wary of suspicious links and files. Sometimes malware can be hiding not just within phishing links but also even underneath ads. Using an Ad blocker is also a good idea but understand that some websites may not allow access to their sites with one enabled. You can always whitelist any desired websites for ads to run.
- In addition, never log in to any website from public open Wi-Fi Hotspots. Use a mobile hotspot from your mobile phone provider or use a VPN to keep your credentials from falling into the wrong hands over free Wi-Fi zones.
- No Time for Games.
- Playing online games over Facebook with your friends can be tempting. Or what about taking a quiz that tells you what Game of Thrones character you are? These types of games typically require you to allow access to one of your social accounts. Not only could it put your information at risk, but also your friends playing the same game as well, or even be added to a spammer list.
Do some research on the online games you're playing. Some may be harvesting your data more than you think.
- “Don’t Tweet the Deets.”
- A famous stand-up comedian mentioned those words in his routine, but it’s far from a joke. You may be tempted to tweet that you’re going on vacation, or to make an Instagram post about your favorite restaurant, unknowing that your account is set to tag photos with your exact location. Be careful about sharing your street address or precise locations online, and we recommend disabling location tagging (or “checking-in”) on any social network.
- Leave the work details at the office.
- Since social media is so integral in many people’s lives now, it has become a method of airing the daily frustrations of some. If you’ve had an awful day at work, hate your job, or just want to even dish out the details, don’t. Not only does it put you at risk by revealing too much that could even result in identity theft, but it could affect your ability to land a future job as many employers will check your online activity before hiring. Even if your account is set to private, it can still be compromised.
- Do not use your social logins as logins for other sites.
- This is a peculiar one because many make this mistake every day without even knowing it. Many third-party websites allow users to skip creating a login account on their site in lieu of using their social media login credentials instead. Popular gaming app Pokémon GO also gives you the option to use your Google credentials instead of making a Pokémon Trainer account. The potential risk of this is now you are giving them more information than you should be. Also, if their site gets breached, your social information is now compromised. Yes, it’s another login to add, but the convenience of using your social login is not worth the risk.
Best Buy’s website has the option to use your Google Account to sign-in instead of their own. Convenient? Yes. Recommended? No.
- It’s too late to apologize.
- Treat your activity online as if you are interacting with someone in real life. If you say something offensive to a friend, you can try to take it back or apologize, but the damage has been done. Once something is out there online, it’s probably too late to take it back. Even if you delete it, the odds are that it is truly deleted is next to impossible. As mentioned before, your activity can be searched by potential job recruiters, thieves, or hackers and your information can even be captured by a screenshot. If you won’t do it in person, don’t do it online.
- Arguing isn’t worth it.
- Speaking of treating other right online, the internet can be a place of vitriol at times. During highly political topics or other forms of social outrage, it can be very easy to get into arguments (or “flame wars”) with other people online. Many times, it’s not even with strangers, but your friends, family, or co-workers. Think about your own reputation, your brand even, when you are reacting and commenting online. It can be difficult to not take it personally, but often it’s much better to walk away from the battle than get deeper in it. There are stories of people losing their entire social accounts or even worse, their identity over getting in flame wars with the wrong kind of strangers online. You never know if it could be a hacker on the other end. It’s NOT worth it.
- The Block button is always an option.
- If it gets to be too much and someone is harassing you or even threatening you online, do not be afraid to block them and report them.
We will be going into further detail about online privacy settings in a future blog, but these twelve tips are a good start in the quest to #BeCyberSmart. neoRhino’s Security Awareness Team, certified IT consultants, and 24/7 helpdesk squad are here to help strengthen your online defenses. You can visit our homepage, see more about The War on CyberSecurity, or give us a call at (281) 779-4850, and we can manage your technology so you can manage your business.
