Social Engineering and Social Media: What to Look Out for and How to Stay Safe.

This post was from the June edition of our newsletter. Want to get content like this delivered straight to your inbox for free? Sign up here!

Social media has become an integral part of our personal and professional lives, but it also presents a significant cybersecurity risk. Cybercriminals use social engineering tactics to exploit trust, manipulate users, and gain access to sensitive information.

Does this mean…. that people on the internet don’t always have my best interests in mind!?

Vizzini can’t believe people on the internet might be out to cause harm

Unfortunately, that’s the reality of things. However, all is not lost. Let’s learn about what social engineering is, common tactics cybercriminals might use, and what we can do to keep our businesses just a little safer.

What is Social Engineering?

Social engineering is a form of manipulation where attackers trick individuals into revealing confidential information or taking unsafe actions. On social media, these tactics often exploit trust, emotions, and human error to achieve their goals.

Common Social Engineering Tactics on Social Media

1. Phishing Links in Direct Messages or Posts: Attackers send fraudulent links disguised as legitimate content. These links may lead to malicious websites or download malware onto your device.

Pro tips:

- Never click on unsolicited links, even from known contacts.
- Verify the sender’s identity through a different channel before responding.

2. Fake Profiles: Cybercriminals create fake accounts to impersonate colleagues, influencers, or trusted entities to gain your trust.

Pro tips:

- Verify profiles before accepting connection requests.
- Be cautious about sharing personal or professional information with unfamiliar accounts.

3. Oversharing Information: Attackers scour social media for personal details like birthdates, addresses, or even answers to security questions (e.g., pet names or favorite places).

Pro tips:

- Limit the personal information you share publicly.
- Review your privacy settings to restrict who can see your posts.

Best Practices for Staying Safe

Legolas keeps a wary eye out for social engineering attacks on social media

Strengthen Passwords
- Use strong, unique passwords for your accounts.
- Enable two-factor authentication (2FA) for an added layer of security.
Be Skeptical
- Question unexpected requests or messages, even from known contacts.
- Look out for grammatical errors or unusual language, which can indicate a scam.
Educate Your Team
- Train employees on the risks of social engineering and social media use.
- Share examples of recent scams to keep them alert.
Monitor Your Online Presence
- Regularly check for fake profiles impersonating you or your organization.
- Report and block suspicious accounts or content immediately.
Think Before You Click
- Avoid clicking on links or downloading files from unknown or unverified sources.
- Always verify the source before engaging with social media content.

Key Takeaway

Social media can be a powerful tool for connection and growth, but it also poses unique cybersecurity risks.

By staying vigilant, educating your team, and implementing best practices, you can reduce the likelihood of falling victim to social engineering attacks. Want to learn how to spot and identify fake phishing attempts and social engineering tactics? Sign up for a free Human Risk Assessment here to see how your team would do against a real-world mock phishing test!

The world’s best boss knows how to be responsible online