Not a day goes by that I don’t see friends or family celebrating their birthday. I know it is their birthday because I see both the reminders on social media – Facebook and LinkedIn – and the countless scores of people who are sending their best wishes. In fact, I used to be one of those people!
I will however, never wish you happy birthday again on social media! And here’s why:
I actually care about you. Now of course those doing the well wishing care too. Don’t get me wrong. The fact is however, that social media is the primary method that cybercriminals now use to learn about you. It’s called social engineering. And knowing what I know now, I opt to not help cybercriminals.
It’s a great question. I am glad you are asking and you should definitely care. There are of course many definitions. Some formal and others not so much. For simplicity sake, social engineering is psychological manipulation of people into performing actions or divulging confidential information. In the age of social media however, manipulation might not be an issue. After all social media is meant to be sharing platforms where we can express ourselves, share information about our family, our jobs, our vacations and even what we buy or do.
For years we have been encouraged to share…maybe even overshare. Every detail of our lives can be found on our social media profiles. And while this is a great way to keep family and friends up-to-date with what we are doing, there is a dark side.
In fact, social media is now one of the best sources for criminals to obtain countless bits of information about you, your family, your employer and even your friends. They can then use this information to:
- Spoof you and create fake social media accounts in your name and/or fill out credit applications. This of course is known as identity theft. The ramifications can range from less than desirable to very serious.
- Send phishing email to your colleagues at work attempting to:
- get more details on your organization,
- try to secure false payments, or
- have a virus or ransomware deployed when a link and/or attachment is clicked by your trusting coworkers who think you are emailing them.
These have all been very effectively used by cybercriminals not just globally, but locally.
So, how can you protect yourself and your employer? Here are 10 simple tips:
- Ensure your privacy and security settings are as strong as possible.
- Review your privacy settings on a regular basis, say three times a year. Set a calendar reminder.
- Never show your birthdate on your social media. Never.
- Never list your martial status on your social media. Never.
- Don’t list your family members.
- Never accept connection requests from people you don’t actually know. This applies to LinkedIn as well.
- Never put your home address on social media.
- While we tend to put a lot of information about ourselves on LinkedIn, don’t put personal information on this profile.
- When you receive an email from someone you don’t know, never click on the link or open an attachment that maybe included. This includes email from couriers, Canada post, Revenue Canada, etc. Think twice and never click.
- When you do receive email from some you DO know, but aren’t expecting it, think twice before clicking on the link or to open the attachment. Don’t be afraid to call the person you know or send a new email ( don’t do a respond) asking if he or she sent you an email with a link and/or attachment.
These 10 simple tips will help protect you and your employer against the actions of cybercriminals. And, I do think it is our responsibility to help protect our employers. Research has shown that cybercrime is expensive and some businesses can’t recover, so doing our part is helping to protect our jobs.
We all must remain vigilant. It is an unfortunate part of using social. Like anything criminals find new ways to leverage technology to try to gain from.
If you would like to learn more, connect with us. Be Prepared! Be Trained! Have a TaylorMade Solution!