Monday, October 17, 2016

#StayingSafeWithSocialMedia

Today’s guest blog comes from Merlin Namuth, Director of Standards, Risk, Compliance, and Security with Red Robin Gourmet Burgers, Inc.

Social media sites such as Facebook, LinkedIn, Twitter, Instagram, and Snapchat are great for staying in touch with friends and family, and they’re widely used. They connect people with similar interests to lend support, and share and collaborate on ideas. Other benefits include finding a new job, discovering new friends, asking opinions, and quick information sharing. The advantages are unlimited.

There are dangers you need to be aware of when using social media. People with ill-intent (attackers) use social media sites to steal personal information, commit fraud, and infect your personal computers, tablets, and smartphones with viruses/malware You can take steps to protect yourself and still enjoy the many benefits of social media.

Security Concerns
There are many ways attackers use social media to trick you.
  • Attackers post links in social sites that are malicious in nature. A malicious link may take you to a site that looks like your bank’s website, but really isn’t. The attacker attempts to trick you into entering your login information and banking information on this fake site. 
  • Another example of a malicious link is one that takes you to a site where a computer virus/malware is downloaded and installed on your system. A common tactic by attackers is to create malicious websites that focus on current news events, such as an election, natural disaster, or some tragedy to lure as many people to them as possible. These malicious links are forwarded amongst your social media connections. 
  • Attackers create fake groups to trick people into joining in order to gather information from unsuspecting users. 
  • Sometimes attackers will target someone and create a fake profile. They send invitations to join to the connections of the “real” person. Once people are connected to the fake profile, the attacker will try to trick them into divulging information or click on malicious links. 
  • Attackers look for personal and work information on social media sites. They may try to piece enough information together in order to answer password reset questions on your behalf. If the attacker is successful, your password will be changed along with your answers for the password reset questions. You are then locked out of your account with someone else posing on your behalf. 
  • Posting your vacation pictures while still on vacation tips off the attacker that you aren’t home. The attacker may then target your home for a physical robbery or vandalism. 
  • Posting information to social media sites without any restrictions on who can view your posts will show up in an internet search. This may include information you don’t want the entire world to see.

Protect Yourself
You can take several precautions to stay safe on social media, while enjoying the vast benefits:
  • Educate yourself. Pay attention when social media sites add more functionality, as this may create different security concerns. Most sites have a web page dedicated to security tips specific to their site, such as how to configure multi-factor authentication. Some sites will send a PIN to your phone via a text message. This makes it harder for an attacker to login as you.
  • Change your privacy settings so only your connections can see your list of friends. Hiding your list of friends keeps the attacker from targeting your friends. 
  • Watch out for fake profiles. Recently, I had friend who is in a high profile position become the victim of someone creating a fake profile as her on Facebook. She contacted Facebook about the fake profile and it was disabled within a few minutes. 
  • Use your privacy setting to restrict your posts so that only your connections can see them. This will help prevent your posts from showing up in Internet searches. You can check what is visible on Facebook, for example, with a feature where you can view your profile as someone who isn’t connected to you. This will help you verify your privacy settings.
  • Some applications will ask you to use your social media login. Be very wary of doing this. Attackers create malicious applications where they capture your login information.
  • Cover your webcam when you aren’t using it. There have been instances where attackers have gained access to the webcam via malware and used the pictures captured from the webcam as blackmail.
  • Be wary of clicking on links. When possible, go to a known and trusted site.
  • Don’t use the same password for each site. If your login is compromised on one site, it will then likely stay contained within that one site. I understand how difficult it is maintaining multiple passwords and trying to remember which password you used for which site. There are different password management programs such as Password Safe, KeePass, and Apple Keychain. This isn’t an endorsement for any of them, but just examples of ones out there for free. 
  • Wait until you return from your vacation before posting your pictures. Avoid the temptation of sharing your immediate whereabouts in general, in order to protect your home.
  • Keep the devices you use for connecting to social media up to date with the latest patches. If you inadvertently click on a malicious link, you may be protected with the most current patches from anything bad happening. 
  • Avoid using public WiFi. Don’t use the public computer in the library, hotel and other places, as they are often infected with malware. Attackers can set up fake WiFi networks at these locations and trick your device into connecting to them. Better to use your smart device on your carrier’s cellular network.
  • Be very sensitive of the information you share on social media. Don’t share your birth date, home address, and social security number. These can all be used to steal your identity.
I hope this gave you new ideas for protecting yourself on social media. Enjoy its benefits while keeping yourself safe.
Merlin Namuth is the Director of Standards, Risk, Compliance, and Security with Red Robin Gourmet Burgers, Inc., a casual dining restaurant chain founded in 1969 with more than 540 locations across the United States and Canada.