There’s no doubt that social media is a part of our daily lives. It’s a fantastic way to stay in touch with friends and family members and connect with like-minded people around the world. You can build a business or a following, and even profit from your profile.
At some point, while refreshing your feeds, you might have asked yourself: is social media safe? Like anything, it has its dark side. The team at ESET are here to explain how social media can make users vulnerable to cyber attacks, and how to step up your social media cybersecurity.
Your personal information might be public
With many social media platforms, the default setting for profiles is “public.” Let’s take Facebook as an example. This means that if you fill out all the fields when you sign up, anyone looking at your profile can find out where you live, work or go to school. Chances are, they’ll also know your full name, age, birthday and religious or political affiliation. And if you’re quite active on social media, you most likely have photos of your friends and family members, as well as places that you regularly visit.
In the world of cybercrime, this is like leaving a trail of breadcrumbs for hackers to find. Unfortunately, talented cybercriminals only need one or two pieces of personal identifying information (PII) to carry out identity theft. By stealing your identity, someone can access your bank accounts, apply for credit cards or loans and even set up a business.
Identity theft and impersonation aside, revealing too much personal information can leave you vulnerable to stalkers and catfishing, which is when someone – usually a potential romantic partner — fakes their identity to trick you into passing on your financial information.
Solution: Setting your profiles to private is the safest way to use social media. Don’t accept friend requests from people you don’t know, and while you’re at it, consider culling your list of connections so it only includes people you trust. In other words, delete acquaintances, strangers and anyone you wouldn’t be comfortable sharing personal details with. Even with a tight network, avoid oversharing — save that for in-person conversations, phone calls and text messages!
New to social media? When you sign up, only fill out the fields with an asterisk and steer clear of handing over any extra information online.
Your location might be known
If you’re a smartphone user, you’re probably aware of apps that need to track your location to do their job. Think maps, weather apps and ridesharing services. When you use these apps, you have to give them permission to monitor your location (and you can just as easily take that access away).
The same goes for social media. Any time you “check in” to a place or tag your location, you are essentially telling people where you are. This can open you up to security issues, as for example, a criminal could know that you’re not home at that time.
App developers are legally required to state whether they’re planning to pull your data, such as your email address or social media login. However, some apps collect more data than is necessary, while others share data with third-party companies. As social media cybersecurity experts, we recommend restricting your data sharing as much as possible.
Solution: To stop social media apps from tracking you, go to your device settings and navigate to “privacy.” You’ll see an option called “location services” or “app permissions,” and from there you can either turn off tracking for individual apps (like Instagram and Facebook) or switch your settings to “only while using.” This means the app will only track your location while you’re actively on it.
If you want to share your location with your social media network, do it after the fact — aka once you’ve left that place. That way, hackers and criminals won’t know where you are in real-time.
You could be exposed to phishing scams
One of the many hallmarks of social media is unsolicited messages. Whether they’re direct messages or comments, people often reach out to strangers — and cybercriminals are guilty of doing this.
Phishing scams are incredibly common on social media platforms. For example, a cybercriminal might send you a friendly or informative message that includes a link or attachment. It will look authentic, but the link or attachment contains malware, which is short for malicious code. When you click on it, the malware will infect your device and steal, delete or damage your data.
Besides messages, hackers can hide malware in social media ads. As a user, you could click on the link, thinking you’ll be taken to another Instagram profile, but you might end up being exposed to social media cybersecurity threats.
Solution: Avoid opening messages from people you don’t know. Most social media platforms have pretty good filtering systems, so most of those messages will go to your “requests” folder, rather than your regular DMs. This makes following social media safety tips a little easier.
If you do open an unsolicited message, comb through it carefully for signs of a phishing scam. These include poor spelling or grammar, excessive use of emojis (like exclamation marks) and a promise that sounds too good to be true. Above all, don’t click on any links or attachments. Instead, go to your browser and search for the person or company name they claim to be messaging from, and see what comes up. Finally, if you discover a scammer, report them to the social media platform.
Rely on antivirus software from ESET
Sophisticated antivirus software can protect you from a diverse range of cyberattacks, such as identity theft, malware, ransomware and phishing scams. ESET Internet Security does all that, plus scans attachments and images for viruses, and analyses any devices that are trying to tap into your WiFi network or webcam. You can download it onto multiple devices, including your smartphone, tablet and laptop. For Android users, ESET Mobile Security is a premium mobile phone antivirus that offers the same line of defence, blocking unwanted users, harmful content and hackers from accessing your WiFi.