World Social Media Day

June 30th is World Social Media Day

Social media or networking sites are a powerful way to communicate and stay in touch with friends, family and organizations around the world. Billions of people are viewing and uploading new content every day. Unfortunately, these same sites also make it easy for cyber attackers to watch and learn what you are doing. Here are some ways to protect yourself and share safely.

Use Strong Passphrases and Enable Two-Step Verification

Shield yourself by protecting each of your social networking accounts with a strong password or better yet, passphrase. Use a different passphrase for each account and always enable two-step verification whenever it is available. Poor, easy-to-guess passwords are one of the most common ways cyber attackers hack into and take over other people’s social networking accounts.

Think Before You Post

Whenever you are posting online, assume any information you post will eventually become public. Privacy controls on social networking sites help and should be used, but these controls can be confusing, change often, and may not fully protect your information. If you do not want your family or boss to see it, don’t post it. In addition, the more information you post about yourself, the easier it is for a cyber attacker to craft an attack against you.

Avoid Oversharing

For example, if you post extensive information about your family, your favorite hobbies, or your travel schedule, a cyber attacker can harvest all that information, then craft a phishing email that specifically targets you. In addition, social media information can be leveraged to commit many forms of identity fraud or perform account takeovers on other platforms.

If a cyber attacker were to learn that your favorite pastime is photography, he could craft a phishing email with a special promotion for new camera lenses. In the email, the attacker includes and attachment that has a discount for 40% off your favorite camera lenses; however, what you don’t realize is the attachment is really infected. When you open the attachment to print it out, it silently infects your computer, giving the cyber attacker control of your system.

Be aware of and track what your friends, coworkers, and contacts in your network post about you. Ask them to be considerate of your privacy. If you feel a post is inappropriate or shares too much information about you, simply ask them to remove the content or report it to the website’s abuse department. In return, be considerate of what you post about others. Ask if it’s okay before you post that picture you have of them or share information about their favorite hobbies.

Use Caution with Third-Party Apps

Many social networking sites also support third-party applications. Only install applications from trusted sources and only install the apps you need. Check the ratings, reviews, and permissions of any app before installing it. If an app is very new, has few or negative reviews, or very few downloads, you most likely do not want to install it. If you no longer need an app, uninstall it or disable its access to your social networking profile.

Beware of Phishing Scams

Just like email and messaging, cyber attackers may attempt to fool you on social networking sites. For example, a common attack is when a cyber attacker hacks into a person’s social networking account, such as one of your friends’, and then pretends to be your friend online. If you receive any odd or suspicious messages online from a friend, such as they are in London, just got mugged, and need your help, be careful how you respond. Do not reply directly via their social media account, as you will be communicating directly with the cyber attacker. Instead, call your friend on the phone to confirm if he or she truly posted the message and needs help.

Keep It Professional

Finally, to help keep the University secure, never post any confidential information about UVA on any websites. If you have any questions about what you can or cannot post about work, please ask your supervisor.

Stay Connected

Keeping these things in mind can allow you to enjoy all the connectivity of networking sites while protecting yourself and the University. Celebrate World Social Media Day by sharing something new on your preferred social networking site, get together virtually with friends or family, or try out a new platform you haven’t used yet.

Adapted from SANS Institute, Social Networking
ec