Securing Social Media Accounts
Social media accounts have become a staple part of society today. Many businesses use social media to market their content. Families and friends use social media to stay in touch and share photos. Social Media influencers use social media to earn a profit and develop entertaining content for their followers. Love it or hate it, social media has become a large part of the world we live in today. The popularity of social media accounts makes them a great target for hackers. When securing your social media accounts, many of the same general security practices discussed in my article Cyber Security Tips Every Computer User Should Know still apply like strong password and utilizing two factor authentication. Let’s discuss some security practices specific to social media.
Passwords and Two Factor Authentication
As previously discussed in Cyber Security Tips Every Computer User Should Know, strong password and two factor authentication are one of the best things you can do to protect your account. Do not share social media passwords between accounts, and if possible use a password manager to randomly generate passwords.
Using two factor authentication further secures your accounts from hackers. As discussed later on in the article, two factor authentication adds an additional security measure hackers must bypass to access your account if they do identify your password. Social Media sites offer a variety of different methods of two factor authentication. Use the one best suited for you.
Privacy Settings
Most social media accounts have a subsection under settings titled privacy. This section is important because it controls what other people have access to on your account/profile. If the account is a personal account using more restrictive privacy settings is preferred. This might include turning the profile to private so only friends can view your posts. These settings may vary depending on the platform. Below is a short list of examples.
Friend requests (who can add you as a friend? Anyone? friends of your friends?)
Posts and comments (are posts public to anyone? Only friends? Can anyone comment on your posts?)
Request verification (Do you want to manually verify every friend request you receive?)
For personal accounts changing the main privacy setting to private and restricting access to your friends list is generally recommended, but these settings may vary based on personal preference. Social Media platforms will update their settings periodically, so I would recommend reviewing them periodically throughout the year.
Approving Friend/Contact Requests
What do you do when you receive a connection request? For many people clicking accept is automatic, but do you really know this person contacting you? The process you go through to validate friend requests will vary site to site. LinkedIn for instance is used for professional connections and connecting with recruiters. You may not have met all your connections in person, but you can review and validate their profiles make sense and are real before accepting them. Personal accounts are easier to vet. You receive a friend request to your personal Facebook account from someone you have never met and easily decline it. Some things to look for when vetting friend requests:
Do I know this person? (If this is a professional site like LinkedIn this might not be straightforward. Check out their profile. Does it look complete and legitimate? Do they work for a company that makes sense for your industry? Does their profile picture look generic or unique?)
Do we have friends in common and/or other similarities? Maybe you are both members of the same group, work for the same company, or are alumni of the same school?
Is this a fake account? Are you already friends with this person? Is it someone you know who would never make a Facebook account?
Some of these questions are easy to talk about, but may be difficult to answer. They are worth considering before accepting a friend request.
Phishing Emails
Phishing emails are a common way to steal credentials for any account. You receive an email titled “Urgent your Facebook has been hacked Change Password now” and click the link without thinking. This is one method hackers may use to get your information. The website you go to enter your credentials looks like Facebook, but the url isbit.ly/tw842134 hosting a cloned Facebook log in page. After you login the site redirects you to the real Facebook and the hacker now has your credentials. Unless you have two factor authentication turned on, they can now log into your Facebook account as you and lock you out.
To protect against this, never immediately act on Urgent emails. This is a common phishing tactic to take advantage of human emotion. Slowdown and review the message. Does it make sense? Would this site notify you this way? Look at the link, does it lead to the real website?
Use Secure Internet
When accessing social media accounts, use secure internet. Free wifi hotspots might be convenient, but they pose a number of security risks. Wifi at coffee shops and airports can be monitored or impersonated, allowing a hacker to monitor all your online activity and steal your credentials. It is best to only use personal password protected wifi. For more information on man in the middle attacks check out some of the articles below.
Conclusion
Securing social media accounts is similar to any account you have on the internet. Utilizing strong unique passwords and two factor authentication makes hacking your account much harder. Reviewing your privacy settings and vetting who you add to your friends list ensures you are only friends with people you know and are not sharing personal information with strangers. Using secure, authenticated WIFI ensures hackers cannot intercept your computer traffic. When you receive an email from a social media platform with a link to log in for whatever reason, take a moment to validate the message is authentic. Finally although it isn’t specifically security related, be smart about the content you post. After something is put on the internet you don’t have full control over what happens to it. Social media sites offer positive aspects to society, but we must be vigilant to keep our accounts protected. Thanks for reading!