Social media safety rules for 2020
How much time do you spend on social media? 2, 3 or even more hours a day? Meanwhile, posting and communicating on social networking websites are not just bells and whistles, they often put our safety and privacy at risk.
But how to stay secure and improve your social media safety?
In order to do this, you have to learn all possible risks of social media and know useful practical tips on how to protect your private data on social networks.
In this guide, I will show you how to use social media safely and secure your accounts.
Let’s dive right in.
Why social networks are not safe?
Taking into consideration current statistics and news about social network safety, it becomes evident that privacy and security on social media are far beyond the simple usage of a VPN service.
Today people use social media on a daily basis, sharing, posting, tweeting, etc. Meanwhile, the popularity of social media websites makes them the number one target for cybercriminals.
However, why safe networking is so crucial today? And why such popular websites like Twitter, Facebook, YouTube, and others are so desired by attackers? Let’s have a look.
1. Up to 20% more methods to deliver malware
According to the report “Social Media Platforms and the Cybercrime economy”, cybercriminals earn nearly $3.25 billion per year violating social media.
How do they manage to do that?
As the same report says, social media platforms have up to 20% more methods to deliver malware than other websites on the Internet. This is the first reason why such services attract attackers.
Updates, add-ons, plug-ins are not the only ways to deliver malware to a user. Only infected ads are the reason for 30-40% of all social media infections.
The most common techniques to exploit social media
The situation is compounded by the possibility to use other “not direct” ways to exploit social media websites, for example, by using certain malware services.
Besides, almost every person has hundreds of connections, it helps malefactors to distribute malware to a wide audience.
2. People do not consider social media unsafe
Personal data trading is one of the most popular cybercrimes on social media. Many small hacks are happening every day, actually, there is a hacker attack every 39 seconds, to be precise.
Today malefactors are getting smarter. They try to find new ways to hack people. Taking into consideration that 81% of the US population has a social network profile, it becomes clear why attackers choose exactly social media websites for their playground.
Using social networking sites to keep in touch with family and friends, a person usually does not understand that his account is a perfect information goldmine that highly desirable to hackers. Meanwhile, attackers use people’s interests and habits for their own benefits.
They hide their attacks in “innocent” posts to do harm. Besides, hackers create customized applications that appear to be trustworthy. The major goals of such apps are to infect a user’s computer or share data without his knowledge.
The situation is getting even worse because people tend to share too much personal data, making it easier for hackers to access the needed information.
3. Easy access to private data
A desire to communicate and share with others runs deep in our evolutionary past. Today, in a technology and sharing era, it is super easy to keep in touch with a person from every location. A great number of people cannot imagine their lives without posting and sharing, they are not willing to get rid of their accounts and profiles.
However, posting and oversharing can lead to certain security risks. Especially if a person does not set restrictions on who can see his activities on social platforms. As a consequence, attackers can get access to the needed data by bringing together information about their victims on various networking websites.
Think twice before sharing your real location on the Internet. Doing this you just tell the world: “I’m thousands of miles away from my home”. Such kind of information is beneficial for a malefactor.
Top threats of social media
Today social media is used for both, communicating with our friends and solving certain business issues. If speaking about chilling and keeping in touch with others, the core element of such services is to share data. However, sometimes posted information is too private and can jeopardize our privacy.
Besides, social networks have become an essential attack vector that enterprises can no longer neglect. Taking all these facts into consideration, it is crucial to take steps towards safe networking.
What are social media dangers? Keep reading to learn.
1. Social engineering
The term is used for various forms of malicious activities through human interaction. The main goal of this threat is to trick a user in order to get the desired private information.
The process of this type of threat is complex. First, an attacker tries to prepare the ground for the attack. He gathers the information about the victim and only then establishes a relationship with him or her. Once a malefactor builds the trust, it is time to ask for specific data (password, logins, project names, etc.). A new “friend” can even ask to visit a malicious website or open an infected document.
Social Engineering cycle
Cyberstalking is exactly the type of cybercrime that shows how unsafe is posting too much private data on your social media profile. Stalking is one of the most dangerous cyber threats on social media as law enforcement, as a rule, cannot take measures because there is usually “not enough evidence”.
A malefactor gains such information about a user as his home address, phone number, location, schedule, etc. Such kind of data is used to threaten a victim.
The consequences of cyberstalking vary from slight intimidation to serious physical harm. And of course, speaking about this kind of threat, it is impossible not to mention psychological damage.
Victims of cyberstalking suffer from posttraumatic stress disorder, depression and anxiety. According to goodtherapy, 1 of 5 people change their daily routine and 1 of 7 are forced to move after being stalked.
3. Phishing attacks
You might have already heard about phishing. This form of cyberattack is usually used for obtaining sensitive data through email. However, today social media is another attractive way to deceive a victim.
The material which is sent by friends or publishers that people follow is usually considered as reliable. The trusted environment on social media makes it a perfect way to deliver malware. An attacker creates a fake user or customer service account, making a victim more likely to click malicious links.
Forms of phishing on social media
Being a form of social engineering, the primary aim of phishing is to build trust and access the most sensitive information and compromise computer security. Other impacts:
- Data theft;
- Loss of privacy;
- Computer disruption;
- Money theft;
- Reputation damage.
4. Fake accounts
Fake accounts are also the risks of social media. A malefactor creates a fake profile in order to damage a victim’s reputation. Social and financial embarrassment are other fake account dangers.
As a rule, a malefactor knows details about a victim and creates a profile to impersonate him. An attacker successfully gains the victim’s trust. But why people tend to believe such fake profiles?
Arun Vishwanath tried to find it out. He created a fake profile on Facebook and sent friend requests to 141 students. You will be surprised, but only 30% of the targeted people rejected his request, 18% accepted the request and 52% were considering it.
When Arun interviewed those real people, it turned out they did not even suspect a profile had been created to deceive them and thought that he is someone they or their friends knew.
This proves that we still do not take privacy on social media sites seriously. The point is privacy cannot coexist if we do not take certain steps towards it.
In a nutshell, a botnet is a collection of bots that are programmed to act in the same way. Today they have become one of the biggest threats to cybersecurity. Cybercriminals use social media botnets to distribute malicious links and collect data. As today each social bot represents an automated social account, building numerous interconnected bots is easier and faster.
According to James Foster, the main types of social botnet attacks:
- hashtag hijacking (appropriating and distributing malicious links or spam in organization’s circles);
- trend-jacking/watering hole (the usage of trend hashtags in order to disseminate the attack to as broad an audience as possible);
- spray and pray (posting a great number of links in order to get only one or two clicks on each);
- Retweet storm (malicious botnet activity be reposting or retweeting other bots accounts);
- Click/Like Farming (used to make a social media profile popular).
6. Digital dossier
Since you begin your “life” on the Web, your interests and habits have been accumulating on the Internet. You witness this fact when you are suggesting a product, a website or a discount by Google. It seems it knows you no less than your parents and friends.
However, the core issue is that your information can be brought up against you. A digital dossier is a set of your online data that cаn also include highly private records. It is evident that attackers do not pass up a chance to use it for their own purposes. The point is such digital dossiers with the information revealed on the social networks are used by third parties.
The data can be exploited by a malefactor in order to blackmail, embarrass, or even ruin a person’s reputation.
7. Viruses and worms
Just imagine the situation when an attacker is able to compromise one of a networking website. It would mean every user of this site is susceptible to attack. As was mentioned in the previous section, there are a lot of ways to distribute malware on social media. An attacker can insert a malicious cone right into advertisements or use unsafe applications to lure users.
Besides, social networks are more vulnerable to cross-site scripting attacks than other websites. This vulnerability can be used by an adversary to compromise a user’s account or spread an inappropriate photo or other content. It can also be used for Denial of service and a phishing attack.
The process of XSS attack
Security tips for social media privacy and safety
Knowing the common issues and facts about social media safety, it’s time to take sure steps towards online media security and privacy.
What are those social media safety tips that can guarantee secure networking and data protecting? Let’s have a look.
1. Keep software current
Despite updating security software takes a few minutes, a lot of users neglect doing this. This mistake can lead to serious security issues such as loss of money, identity theft, and many others.
Updates are crucial for “repairing” security holes in apps. They also can include enhanced features for better compatibility with various apps and devices.
So, even if apps reminders annoy you, do not be too lazy and improve your security by updating your software.
What software should be updated? Among them are your applications, operating system, browsers, and security software if you use any.
2. Create a strong password
It may seem obvious but creating a strong password is another super important step while protecting your privacy on social media websites. I think you will be surprised to know that 86% of passwords are extremely weak and can be easily broken by hackers.
Make sure your password contains at least 8 characters and wasn’t used for another account before. Avoid names and do not make it personal. Your password should be difficult to remember. To do this, you can use a password manager or just create it your own using symbols, numbers, lowercase and uppercase letters. IDs, dictionary words, repetitions, and pronouns are the worst things you may include in your password.
Do not forget to change your password every month. Other security professionals’ recommendation is to use two-factor authentication. Turn it on wherever possible. In order to set up it on Google and guard your private emails, you have to go to your Google account → Security → 2-Step Verification → Get started → enter your phone number → enter your code → That’s it.
3. Use privacy settings
If you really want to make you profile a safe place, you cannot but avoid privacy settings. First, be cautious and avoid posting too much personal data on your profile. Remember, any networking website needs only your email, username, and password to operate. It’s not necessary to provide other sensitive data on your social media accounts.
It would be perfect to exclude your page on social media from being indexed into search engines. In this case, your profile will be visible only for those people who follow you on a certain network.
4. Disable your location
Geotagging is a process of posting a picture on your social media with a tag of your current location. Despite a lot of people prefer to geotag their location being on vacation or visiting restaurants or cafes, sharing your real address is not always a good idea.
There are people on the Internet with ill intent who may try to use this information for their purposes. The consequences may turn out unfavorable. In fact, it is immensely important to keep your current location in secret. As well as other private data like your vacation plans, bank details, current job details, full birthdate, phone number, and home address.
All is needed is to be cautious about what you post online as once we share something on social media will live on the Internet forever. And even such privacy tools as free VPN services cannot protect the data you share willingly.
5. Accept friend requests only from people you know
It is clear that to improve your social media security we have to be careful while posting something too private. However, sometimes it is so difficult not to share the happiest moments with our friends or relatives who are far away from us. As well as not using social media in general.
The only way out here is to be careful while accepting friend requests. Make sure you know a person in real life. Without a real connection, you will never know who is behind a profile.
6. Do not hurry to click a link
Prudent internet users know what is phishing and why it is crucial to be careful while clicking on a link that is sent to you on your social media profile. Even if it is from your friend.
Malefactors know that people tend to click on something that was sent from their friends and successfully use this. What is also important, pay attention to unusual offers, especially if they contain the word “free”. Very often if something sounds too good is not safe or secure.
7. Log out of your social media accounts
It is an immensely important step because every time you do not log out of a social media website, it keeps your session open. And even if you open a new browser or application you are still logged in. Why is it dangerous?
The truth is if your device is held by any third-party, you provide easy access to your information on social media this way. Besides, if your session is not closed and an attacker can hack your computer or another device, he will successfully expose everything on your entire device and your computer network.
I think you are quite aware that if someone has access to your profile, all your photos, videos, messages with intimate details can be revealed.
How to stay safe on Facebook?
Despite Facebook is still a privacy nightmare for millions of users, it remains the most popular social networking website.
However, how to guard your private data on this highly popular network? Here are some useful tips.
1. Manage privacy settings
On the bottom-right corner of the Facebook menu, find “Settings” and choose “Privacy”. Pay attention to the options of who can see your email address and phone number. To maximize your privacy, do not allow search engines outside of Facebook to link to your profile.
2. Block malicious people or pages
If you find some people, pages or application suspicious you can easily block them in the Facebook settings. As soon as you block someone, he or she will not be able to see your posts, write messages to you or tag you.
3. Use “trusted contacts”
The trusted contacts feature allows recovering your account in case it has been hacked. You have to select a group of close friends who will get a special code if there are some security issues. For this, go to Security and Login, scroll down to Setting Up Extra Security and choose friends.
4. Use mobile settings
Sometimes we forget our passwords or lose them. If you are afraid it will happen to you, confirm your mobile number in the Facebook settings. A new one will be sent to your phone.
5. Remove apps you have allowed access to
Go to Privacy Settings → Apps and Websites and have a look at what apps are logged in with Facebook. Delete those that are not needed anymore.
How to protect your data on Instagram?
Instagram is another popular social media as of now. It has 1 billion users and more than 500 of them use the platform daily. Let’s have a look at privacy and security tips for this social media.
1. Make your account private
Making your account private is important, especially on Instagram where we usually share the happiest moments of our lives with our friends. In order to restrict unwanted persons to view your profile, follow these steps: Setting → Privacy → Account Privacy. The last step: adjust “Private account”.
2. Enable two-factor authentication
Here are simple steps: Setting → Security → Two-Factor Authentication → Text message.
3. Block followers
Of course, if you have already set up a private account you do not need this function. However, if a person seems suspicious to you, block him using the following steps:
- Go to your followers;
- Click a person you want to block;
- Tap the menu button on the right-corner;
4. Select photo and video tags manually
If you do not what other people see photos you were tagged in, just select them manually: Settings → Privacy → Tags → Add Automatically.
5. Hide your activity status
For complete anonymity, it is possible to hide the last time where you were active on Instagram. For this, go to Settings → Privacy → Activity Status.
6. Hide your story
You can hide your story from a specific person: Settings → Privacy → Story → Hide Story From.
7. Cancel access to third-party apps
This account security tip will lower your safety risks. To revoke access, log into your profile through your laptop or desktop. Click “Settings” and choose “Manage Applications”.
Remember, you should allow access only to trustworthy applications as they analyze your data.
How to guard yourself on Twitter?
According to Twitter, this online social network generates 500 million tweets every day. Besides, Twitter is the number one platform for government leaders. However, how to safeguard your data on this social media? Let’s see.
1. Tweet privately
As you have already known, you do not have to follow someone to communicate with him on Twitter. Some people find this ability extremely convenient, whereas others are worried about not being protected from strangers. To hide what you are writing on your profile, go to the Twitter Settings → Privacy and safety → Protect your Tweets.
2. Disable your geolocation
Below the “Tweet privacy”, there is “Tweet with a location”. Uncheck it to deactivate your location. Here you can also delete location information from your previous tweets.
3. Disable photo tagging
If you think that photo tagging can violate your privacy, uncheck “Allow anyone to tag you in photos”.
4. Disable ads and data tracking
You can control how Twitter shares and collects your data. Find “Personalization and data” in the privacy and security settings and turn off personalization.
5. Shut down direct messages
You might have already known that despite Twitter is mainly public social media, it allows sending private messages. However, it is possible to block them. Go to privacy and safety and then to Direct Messages.
6. Hide sensitive content
In the safety settings, you can hide sensitive content and also remove blocked and muted accounts.
7. Do not let others find you by your email or phone number
For privacy and security matters, it’s better to prevent other people from finding your email address and phone number. If you agree with me, go to your Twitter account and uncheck boxes as shown in the screenshot below:
8. Two-factor authentication
And finally, set up two-step authentication. On Twitter, this function is called Login verification. Follow the steps: Settings and privacy → Account → Security → Login verification.
These are just several steps to security and privacy on Twitter. It also would be useful to block your offenders or unwanted persons, remove apps from your Twitter account, and enable personal information verification in order to reset the password. All these, you can find in Twitter’s Settings and privacy.
Taking into consideration that today people spend approximately 142 minutes per day on social media, we cannot neglect safety and privacy on these websites. I believe the above-mentioned tips will help you to secure your profiles and accounts.
I also recommend using security software like VPNs to get a higher level of security. For example, such services like NordVPN or CyberGhost VPN have established themselves as reliable tools for encrypting sensitive data.
Hope the article was helpful for you. Good luck and stay secure!