7 Ways Hackers Can Exploit Your Employees on Social Media
Nearly two decades into the social media era, most of the nearly 3 billion people with social accounts can separate good decisions from bad. Still, it’s all-to-common for people to shoot themselves — and their companies — in the foot with mistakes that cybercriminals make a living by exploiting. While these mistakes are often made innocently and unwittingly, it doesn’t make their end-result any less calamitous.
While restricting social media access on work computers is a good start, not even that will completely insulate your business. Regularly refreshing your employees on social media safety is the more effective way to keep cybercriminals at bay.
Here are seven of the biggest ways your employees can be exploited.
- When Phish Attack: While phishing attacks are most closely associated with emails, social media sites like Facebook and Twitter are also a playground for hackers. In fact, social media phishing jumped an astounding 500 percent in 2016 and has continued to rise in the years since. Phishing is often attempted via links to fake stories, which are either laced with malware or attempt to trick you into sharing sensitive information.
- Lose Your Attachment: When it comes to social media attachments, suspicion and skepticism are always the best policies — especially when they come from untrusted sources. Your employees should always avoid opening attachments from senders they don’t know, as you never know what kind of malware is lurking under the surface. In other words, your employees need to think before they click.
- Picture This: More than 3.2 billion pictures will be shared on social media today. That’s more than 15 billion pictures going up just this week! So what’s the big deal if your employees post a picture or two at work? The problem is that you just never know what company secrets are lingering in the background. Hackers can zoom in on pictures to find passwords, financial data or trade information discreetly lingering on post-it notes, whiteboards and computer monitors.
- Angry on the Internet: People like to let out steam on social media. It should come as no surprise that this is a bad idea, especially when the target of the person’s vitriol is their employer (or in the case of ex-employees, former employer). Disgruntled people tend to make poor decisions, like revealing sensitive information that can come back to haunt your business. While you can’t control what people say, there are certainly ways to deter them.
- Identity Fraud: Facebook, Twitter and Instagram are no substitute for Outlook, Slack or Skype when it comes to having sensitive business conversations. Social media accounts can easily be hacked with a stolen password, opening the door for imposters to masquerade as one of your employees and get a “coworker” to spill revealing information.
- Spoof Accounts: Another reason to be skeptical of social media requests, hackers can easily set up a spoof account that to the untrained eye is indistinguishable from the victim’s real account. According to some reports, 2 to 3 percent of all Facebook accounts (or roughly 60 million) are fake. If one of your employees finds himself on the receiving end of an odd request, he should reach out to the person supposedly contacting him using a more trusted method. Even if the request is legit, the conversation should be moved to a more secure platform.
- TMI: Oversharing no longer just refers to personal information. Every little detail you share, even seemingly innocuous morsels like your birthday and your pet’s name, can be used by cybercriminals to verify your identity, and as a result, get one step closer to hacking your business. Urge your employees to exercise extreme caution about the info they give away.