Why I Will Never Wish You Happy Birthday Again on Social Media
Not a day goes by that I don’t see friends or family celebrating their birthday. I know it is their birthday because I see both the reminders on social media – Facebook and LinkedIn – and the countless scores of people who are sending their best wishes. In fact, I used to be one of those people!
I will however, never wish you happy birthday again on social media! And here’s why:
I actually care about you. Now of course those doing the well wishing care too. Don’t get me wrong. The fact is however, that social media is the primary method that cybercriminals now use to learn about you. It’s called social engineering. And knowing what I know now, I opt to not help cybercriminals.
Some of you might be saying: “What the heck is social engineering and why do I care?”
It’s a great question. I am glad you are asking and you should definitely care. There are of course many definitions. Some formal and others not so much. For simplicity sake, social engineering is psychological manipulation of people into performing actions or divulging confidential information. In the age of social media however, manipulation might not be an issue. After all social media is meant to be sharing platforms where we can express ourselves, share information about our family, our jobs, our vacations and even what we buy or do.
For years we have been encouraged to share…maybe even overshare. Every detail of our lives can be found on our social media profiles. And while this is a great way to keep family and friends up-to-date with what we are doing, there is a dark side.
In fact, social media is now one of the best sources for criminals to obtain countless bits of information about you, your family, your employer and even your friends. They can then use this information to:
- Spoof you and create fake social media accounts in your name and/or fill out credit applications. This of course is known as identity theft. The ramifications can range from less than desirable to very serious.
- Send phishing email to your colleagues at work attempting to:
- get more details on your organization,
- try to secure false payments, or
- have a virus or ransomware deployed when a link and/or attachment is clicked by your trusting coworkers who think you are emailing them.
These have all been very effectively used by cybercriminals not just globally, but locally.
So, how can you protect yourself and your employer? Here are 10 simple tips:
- Ensure your privacy and security settings are as strong as possible.
- Review your privacy settings on a regular basis, say three times a year. Set a calendar reminder.
- Never show your birthdate on your social media. Never.
- Never list your martial status on your social media. Never.
- Don’t list your family members.
- Never accept connection requests from people you don’t actually know. This applies to LinkedIn as well.
- Never put your home address on social media.
- While we tend to put a lot of information about ourselves on LinkedIn, don’t put personal information on this profile.
- When you receive an email from someone you don’t know, never click on the link or open an attachment that maybe included. This includes email from couriers, Canada post, Revenue Canada, etc. Think twice and never click.
- When you do receive email from some you DO know, but aren’t expecting it, think twice before clicking on the link or to open the attachment. Don’t be afraid to call the person you know or send a new email ( don’t do a respond) asking if he or she sent you an email with a link and/or attachment.
These 10 simple tips will help protect you and your employer against the actions of cybercriminals. And, I do think it is our responsibility to help protect our employers. Research has shown that cybercrime is expensive and some businesses can’t recover, so doing our part is helping to protect our jobs.
We all must remain vigilant. It is an unfortunate part of using social. Like anything criminals find new ways to leverage technology to try to gain from.
If you would like to learn more, connect with us. Be Prepared! Be Trained! Have a TaylorMade Solution!
I disagree with some of this advice. Each day I have people reach out to connect with me on LinkedIn. I always accept and create a conversation. Many times that are prospective customers. You wouldn’t lock the door of a brick and mortar building, ask for a driver’s license to before you would talk to them. Don’t live in fear, live in courage. I publicly share much about myself on LinkedIn. This is how you build credibility and trust. In my posts I mention my wife and kids as well as my business interactions. Extreme privacy is for hermits. In the business world you have to be public, craft a brand and build a buzz.
Obviously everyone will make their own decisions. I too used to be more open with how much information that I shared. That was…until I began working in the world of cybersecurity and have seen first-hand the impacts to both business and individuals when targeted and breached. And I respond to this as I sit in a cyber risk conference learning about some of the latest social engineering and phishing tactics being used to lure people and ultimately steal money and or sell credentials.
And while you wouldn’t lock your doors to potential customers, you will use some assessments when people walk through the door. Are they wearing a mask for example (which spoofing online is). If they come into your business with a gun you know it. It is not as obvious online when someone intends you harm.
Ultimately it is each person’s choice what they share or do online. I am not advocating living in fear, but being aware and armed to take steps to protect yourself, your family and your business. 60% of small businesses go out of business within six months of a breach. Human implications can vary. Being aware is better than not.