Social Media Dangers — Social Butterfly Beware

Friending, following, tweeting, instagram-ing, checking-in and linking-up....In today's ever-connected world, people all over the globe are utilizing social media websites and their associated mobile applications.

Social media, although still relatively new and evolving, is here to stay. As such, your goal as a user of the medium should be to understand the potential security issues you may be exposed to through its use.

Did you know that in 2012, Facebook hit 1 Billion in Users (Businessweek.com) and according to Alltwitter, 25% of users do not bother with any kind of privacy control? The natural human tendency to trust and the lack of knowledge makes for a quintessential playground for a social engineer on the take.

Knowledge is power, as they say, and the best way to limit your exposure is to understand the dangers of social media and implement solutions to smarter socializing.

Spear phishing, baiting, pharming, elicitation and click-jacking... No, these are not episodes of a reality show on a sports and outdoor channel, these are uncommon names for common tactics used by social hackers. Devious minds with more sinister interests than wanting to hear about what you did over the weekend or who won the corporate volleyball tournament.

These social engineering gurus utilize social media platforms and emerging technology to threaten, track and attempt to take down entire organizations one friend, follower and fan at a time.

"Fraudsters go where the potential victims are and social media sites are a prime breeding ground for fraud. - Elizabeth Khalil - FDIC

Baiting When someone makes accessible an electronic device such as a USB drive that is preloaded with malware with the intent that you will use the device and allow them access into your computer.
Spear phishing Occurs when a user receives a fake email from a hacker posing as a colleague or friend. The email contains a dirty link or file corrupt with malware.
Click-jacking The concealment of hyperlinks beneath legitimate content which lead the user to unknowingly perform damageable actions such as downloading malware or sending your ID to a site. These scams often employ "Like and "Share" buttons on social networking sites.
Elicitation The strategic use of conversation to extract information from people without giving them the feeling they are being interrogated.
Pharming The practice of redirecting users from legitimate websites to fraudulent ones for the purpose of extracting confidential data such as banking or transactional sites.

"Once information is posted to a social networking site, it is no longer private," the FBI warns. "The more information you post, the more vulnerable you become...The more information shared, the more likely someone could impersonate you and trick one of your friends into sharing personal information, downloading malware, or providing access to restricted sites." (source: FBI)

Even with these sophisticated cyber-tactics, creating a culture of security within your family is well within your reach, in the palm of your hand and at your fingertips. With smart strategies and good old-fashioned common sense, any social butterfly can fly safe and secure. But without these things, social media users could find their wings clipped and victims of a security attack.

Social Media Safety Best Practices

  1. Do not use an electronic device, such as a USB thumb drive, given to you from someone you do not know.
  2. Avoid having the same password, especially the name of your prized pet, on all social networking sites, banking accounts and access codes.
  3. Do not give out your work codes and corporate passwords...ever.
  4. Avoid posting on Facebook or Twitter that you are leaving for vacation for a week and that you are bummed your home security system is down.
  5. Do not friend people that you do not know.
  6. Do not leave your security settings on Facebook inactive.
  7. Be mindful of the important information taught during your corporate security training.
  8. Remove your Global Position System (GPS) coding in all items (even your digital camera).
  9. Avoid conducting online banking at a public computer or via a public Wi-Fi spot.
  10. Be observant and report suspicious incidents to your internet service provider or the local authorities.

These helpful tips are provided by Digital Defense, Inc., a computer security company working with your bank as a responsible member of the community to help insure the privacy and security of our nation's financial information.