Billions of users visit social-media sites daily. It’s an addiction many of us can’t avoid. We use these platforms to get our news, keep in touch with friends, display our emotions, let others know what’s going on in our lives – whether good or bad – or pursue careers.
But no matter how valuable these sites – particularly Facebook, Twitter, LinkedIn, Instagram, Pinterest and Snapchat – might seem, they aren’t immune to security breaches. Hackers populate newsfeeds with landmines buried to steal valuable personal data. For example:
Recklessly clicking on shortened ones could send a user to rogue websites and load malware onto their computers. Twitter’s limited use of characters in posts make it a prime platform for this scam. Slow down and use caution before clicking on URLs. Check the account from which the information had been posted. Real-time protection against viruses and spyware could help you avoid pitfalls.
You receive an email that reads inappropriate pictures of you have been posted on a social-media site. A link is provided for you to click on. It takes you to your login page. You enter your credentials and the hacker steals them to take control of your account.
What happened? A cyberthief sent you to a fake landing page. Social engineering caused you to panic. You delivered your username and password and must deal with the consequences.
Bots impersonate people using artificial intelligence. Your Facebook, Twitter and LinkedIn platforms reveal which friends or contacts are your favorites. Hackers learn the commonalities you share with your acquaintances and use them in private messages. A photo message from a vacation might be sent by an imposter. Unbeknownst to you, the image is infected with malware and spreads through your computer once it’s opened.
Ignore random messages that include attachments. Message the sender and confirm the attachment was sent from him/her and not from a bot.
Friend requests from strangers
Facebook users are unlikely to accept friend requests from someone they don’t know. LinkedIn not so much. The career-driven platform’s primary use is building relationships that could lead to better job opportunities. Hackers create fake accounts and make requests. Once accepted, hackers gain access to email addresses they can use to send spam or bait you into opening an email that contains malware. It’s best practice to look at the person’s background and work history before accepting a request.
This technique is used to shroud data within an ordinary file or message to avoid detection. It also blankets malware. Hackers use memes as vehicles from which they transport malicious code. Downloading them leaves users susceptible to attacks. Commands hidden inside infected memes could be used to collect information about a victim’s machine, capture contents of its clipboard, retrieve lists of running processes or steal personally identifiable information. It’s best practice to avoid memes, no matter how amusing or smug they might be.
You have seen posts asking which character you might be from your favorite movies. Are you Vito Corleone or Luca Brasi? You enter your cell number, receive a text and learn you’re about to sleep with the fish (no pun intended). Not to mention, you’ve been charged a monthly fee for a service that doesn’t exist.
A Facebook friend sends you an urgent message pleading for money. This friend might have lost his/her wallet or got robbed on vacation. You’re given the details as to where to send money. The goodness in your heart shrouds common sense. A cyberthief infected your pal’s computer with malware, stole his/her identity and emptied your pockets.
Act cautiously should this happen. Call or email your friend to learn more details, and scan your computer to be sure it hasn’t been infected.
Facebook is littered with posts begging for retweets or likes. They’re likely benign and sent by pranksters wanting to see how many users will follow their command.
This is a snapshot of what lurks on social media. Remain cautious, avoid scams asking for too much information and use common sense. You don’t want to be put in a socially awkward situation you can’t easily escape.
To discuss security strategy, email Security Analyst Frank Verdecchia at firstname.lastname@example.org.