Our Social Media Security Tips
Social media has become the main communication channel and source of information for most, if not for all of us. Naturally, Facebook, Twitter, Instagram, and the likes have also proved to be an efficient ground for malicious activities of all sorts – like disinformation campaigns, account takeover, and targeted phishing attacks (spear phishing).
The following techniques will help you be better prepared.
Enable 2-Factor Authentication (2FA)
Most major online services offer this security-boosting functionality. By enabling 2FA, you will need to provide a dynamic secret code along with your password to log in. Thus, even if someone gets hold of your password, they will have a hard time logging in to your account.
If you have not enabled 2FA yet, please go to the settings of your accounts and set it up. We advise you to use a mobile app such as Google Authenticator or Microsoft Authenticator or a service such as Authy, where possible, instead of relying on SMS as a channel to receive the secret codes.
Use a manageable number of social media platforms
Driven by curiosity, we easily set up accounts with many social media platforms. Until we realize we barely use most of them and the effort to regularly check them and change passwords does not make much sense.
The fewer accounts you have, the fewer accounts you worry about. Pick them carefully and revise them regularly. And keep in mind that as you delete your account, the username you have been using can be picked up by someone else.
Do not authorize third-party apps to access your social media data
For most use cases, the built-in functionalities and mobile apps of social media platforms are good enough. Letting third-party applications have access to our data – like friends, activity, photos, and messages – provides little value, yet it can have severe negative privacy and security consequences. As a next step, we advise you to regularly revise what apps have access to your data in “Authorized apps” in Settings.
Do not share too much personal information
“Sharing is caring”, but it is better to keep personal information private. Be careful not to disclose too much about yourself, such as your birthday, relatives, contact details, and ID number.
Do not use your social accounts to sign up for other online services
Do not trust everybody and everything
As the saying goes, “on the Internet, nobody knows you are a dog”. This has both positive and negative implications. On the negative side of things, we may connect with people with malicious intentions who can even portray themselves as someone we know or work with. Further, we are constantly bombarded with content triggering our fear of missing out. In almost all cases, attractive titles do not deliver on their promise. Instead of giving them all a chance, rely on your closest friends, and work peers as quality content filters.
The recent security incident involving Twitter and the profiles of high-ranking figures only serves as a reminder that security cannot be taken for granted. Take these extra steps and stay cybersafe.