Of all of the attack methods hackers and cyber criminals have deployed, phishing remains their favorite. Not only that, they’ve re-purposed Phishing from emails to phone calls for Social Media like Facebook, Twitter, LinkedIn, Flickr and Instagram.
In the past year, phishing over social media skyrocketed by 103% according to a report by PhishLabs by HelpSystems. There has also been a 100% increase in sign-ups of fraudulent social media accounts.
Phishing on Social Media uses Social Engineering to take advantage of victims’ lowered diligence on social media. We’re socializing and not as aware of phishing scams as we are in our email. Consequently, we are more susceptible to Ransomware and Credential Theft via friend requests, direct messages, memes and other Social Media communications methods.
Following are some things you can do to decrease the risk you will become a victim to a Social Media Phishing Attack:
Make Your Profile Private
To mitigate the risk that a cyber criminal can clone your profile to phish your connections, make your Social Media Profiles private to your connections only. This might not be advantageous for a business network like LinkedIn where you want prospects to be able to find you but it will help with your personal Social Media accounts.
Hide Your Contact and Friend Lists
You can hide your friends list or contact list on your social media profile by hiding them from the public. This does not prevent hackers from seeing you as a friend or contact on someone else’s profile but it’s another obstacle that the criminals have to navigate to get to you.
Check Links in Posts and DMs Before Clicking!
Always check links in any unsolicited email, social media post … anywhere … by hovering over the link (not clicking) and viewing the resulting popup of the link to see if it is going where you expect it to. If it is not, be very wary. A link from a company, for instance, should include that company’s name in the domain name (the part that ends with .biz, .com, etc., as in flexitechs.com). If it looks like it’s going somewhere else, either don’t click or perform further diligence if you are truly intrigued.
Don’t Answer Surveys or Quizzes
You know, the Social Media world doesn’t need to know what car you drive or what your favorite song is or what your dog’s name is. But cyber criminals and unscrupulous marketing companies sure would like to know and profit from that type of in-depth knowledge b y using it to guess passwords to your financial, health care or shopping accounts. Avoid answering these types of questions online.
Don’t Click on Social Media Ads
While many legitimate companies advertise on social media, scammers use the same type of advertising for credit and identity theft. Rather than clicking ads, even if they look legitimate, go to the advertiser’s web site to check the product or service out or make your purchase there.
Perform Due Diligence on Friend Requests
It can be tempting to accept friend requests or connection requests on social media but always be wary of such requests as cyber criminals use that tactic to get into your good graces on the way to scamming you. Before accepting, view the person’s profile and check them out on a search engine. If their social media timeline is sparse, that can be a sign of a scam in progress.
The Internet can be a great driver of business and a fun way to catch up or keep up with friends, but like the offline world, you need to be wary. Follow these tips to give yourself a better chance of avoiding becoming the next victim of a cyber criminal.