Is SOCIAL MEDIA making you vulnerable to CYBERCRIME?Tuesday, October 16, 2018
BY: ORIN MALCOLM
Social media has become a pervasive part of our existence, with many of us spending hours updating our status or posting photos of our friends and family. We post our opinions, location, likes, dislikes, religious beliefs, professional profiles, hobbies, and a range of our favourite things. However, during this often casual engagement, we may unwittingly expose ourselves to criminal activities, as these posts may, in some instances, be accessible by billions of individuals across the world.
'Living out loud' on social media
Kim Kardashian's unfortunate robbery in Paris serves as a reminder of the dangers of 'living out loud', which made it easy for criminals to know her exact whereabouts by simply following her on social media. The incident has caused the Kardashian family to rethink how they use social media and what they share publicly. Likewise, we can use this as a wakeup call to guide our social media usage.
Social media platforms often allow for integration with third party applications (apps), for example, Candy Crush. In order to use these applications, you will need to grant them permission to your account, including: contacts, location and other personal information. Some of these apps request excessive permissions to your account. However you have a responsibility to review the type of access being requested by third party applications, before signing up. Malicious third-party applications can be used to access your personal information, which can then send direct messages to your contacts with scams, which appear to be coming from you. This can also compromise your reputation with your contacts.
'Friendly Online Strangers'
Your typical social media followers often include individuals who you invited in your circle because of common interests, shared friends followers and association. This social connection makes it easy for 'friendly strangers' to target individuals through what is known as targeted phishing attacks. Targeted phishing attacks typically rely on information gleaned from social websites and other sources to create a sense of familiarity and trust.
Researchers have found that following verified financial institutions often times increases followers. However, some of your new followers may be 'scammers' seeking to prey on individuals presumed to be customers of financial institutions. These criminals will often follow up with messages trying to lure you into some type of fraudulent scheme or will try to solicit sensitive information to access bank accounts or credit card information. They may even mimic the way in which your financial institution communicates on social media to make themselves seem more authentic, with the hope that you will divulge sensitive information.
Another common approach by cyber attackers is to create malicious content on social media platforms such as Facebook and target you directly, based on your interests, favourite pages, followers etc. This can be done by creating a fraudulent site of a company you follow or use for e-commerce, such as Amazon and Fashion Nova, then craft a communication to appear similar to one of these companies, offering you discounts on your favorite items and asking you to login to access the deals, in order to access your credentials and credit card information. Your account can then be used to make fraudulent purchases.
Protecting yourself on social media
Most of us will continue to use social media, even with the potential threats that exists, because it keeps us connected. We can however reduce our vulnerability with the following tips: • Post after leaving the location: When posting pictures or videos of your vacation, favourite restaurant, or just sharing randomly, do so after you leave the physical location. Also, be sure to disable your location services on your device to ensure your location is not shared, as a part of your posts. • Review the access of all third-party applications to your social media accounts. This will ensure your account is not used in an unintended manner without your knowledge and that you are aware of any potential risks. • Consider setting your account profiles to private: Additionally, carefully screen friends or follow requests from persons you know personally and limit clicking on sites from 'friendly strangers'. • Exercise caution when clicking on advertisements or direct messages offering deals that appear to be unrealistic.
Several individuals and companies have been victims of cyber-attacks, made possible with the vulnerability presented through their usage of social media. So, as you keep social, be vigilant in protecting your personal information.
Orin Malcolm is the information security, risk and compliance manager within the Jamaica Money Market Brokers (JMMB) Group.