­Cybersecurity in the Age of So­cial Media

Posting holiday pictures on Facebook or airing your political opinions on Twitter may not feel like a security risk. For many of us, it’s just a routine part of daily live in the age of social media. However, as with anything in the online world, cybercrime is an ever-present underlying risk. This means that anyone using social media needs to take steps to ensure they have the right cybersecurity in place.

Why Is Cybersecurity for Social Media So Important?

Let’s just put this in context. Most of us use social media channels. In fact, research shows that over half of the world’s population now uses social media. That’s 60% of us – some 4.8 billion people – sharing pictures of meals out, watching reels or posting the latest memes that have made us chuckle.

As at April 2023, the enormous global appetite for social media meant that seven of the world’s top ten most visited websites were either social media sites or sites that had a social media platform as part of their overall business offering. The sheer scale of this usage means that opportunities for fraudsters are abound – which is why anyone using social media needs to pay attention to their cybersecurity policies and their company social media guidelines and policies.

What Are the Risks Associated with Social Media Use?

There are many risks associated with social media use. Cyberbullying and cyberstalking, for example, can have a devastating impact on people’s lives. Social media platforms can also facilitate a range of dangerous and criminal activities, from radicalization to fraud. There are mental health dangers too, with information overload contributing to a lack of focus, attention, and productivity.

Then there is the risk of social media platforms facilitating the creation of fake and synthetic IDs. As SEON explains on their new account fraud guide, automated onboarding processes roll out the red carpet not just for genuine customers but for fraudsters.

Cybercriminals are wise to the fact that banks and businesses increasingly use lookup tools to check that new customers are who they say they are. These checks include searches for social media profiles. As such, many fraudsters are using social media sites to create profiles that they hope will help them to sail through other companies’ onboarding security checks.

Risks, of course, can come from all angles. Many businesses use social media platforms to engage users with their brand as part of marketing efforts to raise their profile and sell their wares. With many using social media management tools to do so, there is a double risk to cybersecurity due to the use of third-party tools as well as the social platforms themselves.

For individuals, social media sites also come with a significant risk of identity theft. The sharing of photographs and personally identifiable information (such as your name, email address, date of birth, and telephone number), provides cybercriminals with all they need to clone a user’s identity.

Not only that, but many users’ lack of attention to how well they have locked down their social media accounts, or willingness to accept connection requests from people they don’t know, means that fraudsters have a wealth of information at their fingertips that they can use for identity theft.

Even users who have taken the time to ensure their security settings are as they should be face risks when using social media. In 2022, an API vulnerability enabled the theft of users’ non-public data (including phone numbers and email addresses) from as many as 5.4 million Twitter accounts.

The year before, 533 million Facebook users had personally identifiable information stolen and published on hacking forums. The details included names, dates of birth, locations, email addresses, phone numbers, and more. And these are just two examples of the types of breaches that have taken place.

The sharing of such details on hacker forums means that cybercriminals have all they need to implement social engineering attacks such as phishing.

With such a wealth of information to use, fraudsters can fairly easily use the details to convince victims to hand over further information, to click links in emails that install malware, to visit fake websites, and more.

How Can Individuals Protect Their Digital Identities from Cybercriminals?

The need to protect oneself has never been greater. The amount that American consumers lost to fraud rose by 70% between 2020 and 2021, then by a further 30% between 2021 and 2022. In total, consumers lost $8.8 billion to fraudsters in 2022.

Business and banks are hard at work implementing solutions to stop cybercriminals in their tracks. However, the scale of the work and the ever-evolving nature of cybercrime threats means that those organizations face an uphill struggle. As such, the emphasis is also on individuals to do all they can to ensure their online presence is secure – including their social media profiles.

There are several steps that individuals can take in their efforts to protect their digital identities. The first of these is to educate themselves. Many people fall victim to scams because they simply aren’t aware of the risks that are out there in cyberspace. As such, self-education is a must when it comes to staying safe from social engineering attacks and other attempts at fraud.

In practical terms, individuals can review their social media security settings to ensure that all of their profiles are as locked down as can be, so that only their contacts can see their details. That means turning on multi-factor authentication and using complex passwords. It’s also best practice to only accept connection requests from people you know – never from strangers.

Every device on which users access their social media profiles should also be up to date with anti-virus software and firewalls. It’s not only PCs and laptops that need protecting, but phones and tablets too.

In terms of getting online, users also need to be careful. That means changing the default name and password when setting up home WiFi and never using public WiFi (such as that in hotels, airports, or coffee shops), so as to stay safe from data-stealing man-in-the-middle attacks.

It is unlikely that any social media use will ever be entirely risk-free. However, with a bit of research and thought, individuals can ensure their profiles are as safe from cybercriminals as possible.