We often hear that we should be careful when choosing the comments, photos, and other media we share with our networks on social media. After all, what we post affects our reputation. But now there’s also a new worry. Did you know that your participation on social media can also pose a risk to your organization? Here are some cyber threats in social media for which your organization needs to prepare:
Gone Phishin’
According to Christie Terrill, information that people post “can be used to craft a targeting phishing email containing a malicious link,” which raises the probability that people will take the bait. For example, posting about a certain shopping site you like can set you up for a phishing attack that warns of fraudulent financial activity on that site. In your worry that you have been compromised, you click the link without thinking, and launch the attack. You can reduce this risk to your organization by educating your employees on utilizing privacy settings on social networks when sharing personal information, and choosing what to share carefully.
Nix the King of the Hill
Who is in charge of social media in your organization? If only one person serves as the administrator of your organization’s social media accounts, you may be putting your brand name at risk, especially if that person’s personal account is attached to your corporate accounts. Consider having one person serve as the main administrator, but grant social media administrative access to other key players as well. Storing all passwords in a shared password manager, discouraging employees from attaching personal accounts to professional accounts, and having an off-boarding procedure in place will further alleviate these risks, helping you to counter cyber threats in social media and making sure that several people within your organization can do damage control.
Avoid Complacency
While social media providers are working hard to bolster their security features to make users feel safer and counter ever-increasing cyber threats, don’t rely on their safeguards too heavily. Cover your own bases by including security and conduct guidelines in your organization’s social media policy. (Don’t have a social media policy? It’s time to create one!)
Social media can be a powerful tool for your organization, as well as another window of opportunity for cyber attackers. Cyber threats in social media can be countered, but only by being proactive. Make sure your organization is taking the preventative steps it needs to leverage the power of social media while keeping itself safe from major risks.
For more information and training on how to strengthen your organization’s cyber security, check out IEEE’s new course, Cyber Security Tools for Today’s Environment.
References:
Duggan, M., Greenwood, S., & Perrin, A. (2016, Nov. 11). Social Media Update 2016. Pew Research Center.
Terrill, C. (2017, April 28). What You Need To Know Now About Cybersecurity and Social Media. Forbes.
[…] scraping and data mining for social engineering attacks. Technical professional organization IEEE recommends that if your company has a social media account, then one person should be the administrator, but […]