Updated: Feb 16
Social media is here to stay. It’s the way people communicate and how businesses promote their brands to the public. Social media is accessible and entertaining and convenient – but social channels are not always safe. You must recognize the value of your personal information and take the appropriate steps to protect it when using social media channels.
The average Internet user is likely very trusting when it comes to online communication. People can be relaxed and maybe even a little careless about the amount of personal information shared online. You may not realize how cybercriminals can use seemingly innocuous posts to hack accounts, steal identities, tarnish brands and reputations, and generally wreak havoc in people’s lives.
While there are many great benefits to using social media to keep in touch with family and friends, promote businesses, and share information, you must guard against the inherent risks. Following are some strategies you can implement today to protect yourself and your private information.
21 Ways to Protect Your Social Media Privacy
Use Strong Passwords. Avoid using passwords that can be easily guessed or contain obvious information like names and birthdates. The more random your password, the harder it will be for a hacker to breach. Change your passwords periodically. Be careful to store your password in a safe place – not on your computer in an unprotected file called Passwords!
Enable 2FA. Two-Factor Authentication, or 2FA, requires you to log in to an application with two credentials such as a password and randomly generated passcode, or password and the answer to a security question you have set up on your system.
Set Privacy Controls. Social media applications provide you with privacy controls so that you determine how much information you want to share and with whom. As soon as you set up an account, go through all of the privacy settings and ensure your posts are protected and only visible to those you trust with the information.
Careful What You Post. Remember that once on Internet, always on Internet. Even if you delete a post or hide it from general public view, posts can be downloaded by others and shared with others. Be careful when posting negativity – like ranting about the job or employers you just left. You never know who’s reading your posts. Often potential employers review your feed to get a sense of who you are as a person. Are there posts or pictures on your page that you wouldn’t want them to see?
Friend Requests. Not all friend requests are friendly! Be selective about accepting friend requests from people you don’t know.
Check-in Posts. Be careful of status posts that reveal your physical whereabouts. Post those vibrant vacation photos after you get back – not while you’re 2000 miles away having fun in the sun, signaling to bad actors that your home is temporarily vacant and your possessions unguarded.
Phishing, Malware, and Other Cyber Scams. We can’t stress enough that email is the number one entry point for cybercriminals to lure you into a scam. They are growing increasingly more clever and sophisticated with the ways they use to induce you into clicking a bad link and giving them access to your accounts. Don’t be enticed when someone notifies you about an unexpected inheritance or needs your assistance with a massive funds transfer. Don’t believe it when someone you haven’t heard from in a while suddenly writes that she’s stranded in a foreign country and needs you to send money. These scams are still being used today and the unsuspecting still fall for them. When you receive an imperative message, even if it looks legitimate, don’t click the link or respond. Instead, contact the “sender” through an outside, direct and known official channel to confirm whether the message is real. Clicking one bad link can be the entry portal to a disaster.
Control Tagging. You can control, through your social media privacy settings, whether people can tag you in posts and who can see you in tagged posts.
Install and Activate Security Software. Ensure your computer and mobile/smart devices are protected with antivirus and security protection software.
Analyze Your Safety Score. Applications are available that will analyze your devices and give you a security score based on the privacy protocols you have in place. A low score is an indication that you need to enhance your privacy settings and mitigate opportunities to be hacked.
Review Privacy Policies and Terms of Agreement. Whenever, you install a new app or social media channel, don’t blindly agree with the policies and terms without reading them. You may discover there are some protocols or permissions included in the agreement that you really don’t agree with that may allow you to opt out. Review all your existing social media channels and ensure your privacy controls are appropriately set.
Discard Unused Apps. Not only do unused apps take up valuable storage space on your devices, but hackers may use them as a portal to access your information or other parts of your system.
Avoid sharing PII. Don’t post Personally Identifiable Information (PII) including your full name, date of birth, place of birth, home address, and phone number on social media. This information can be used for research to steal your identity and may invite other types of criminal behavior such as stalking or harassment.
Set Teen/Family Rules. Teenagers tend to be more open on social media and therefore more likely to convey private information about themselves, family members, friends, and others in their posts. Ensure your family has clear and enforced rules about what can and should not be posted on social channels.
Careful with Photos. As mentioned, what goes on the Internet, stays on the Internet – forever. Avoid posting pictures that not everyone should see. Avoid posting pictures of your children with identifying information that may attract the attention of cybercriminals.
Be Careful with Login Bypass. Some apps allow you to bypass an account setup and use your Facebook, Gmail, or other common app credentials to log in. This allows third party applications access to the account you’ve used to bypass and may subject that account to compromise.
Keep Your Contact List Private. Be careful displaying your network contacts in ways that others can collect and sell or otherwise exploit your contacts’ information.
Report Scams. Always inquire if in doubt about any contact received and report any known or suspected scams through applicable reporting channels. For example, if you receive an imperative text from your bank asking you to resolve a purchase issue, don’t click any links in the text, call any phone number provided in the text, or reply back. Instead, contact your bank directly from a separate phone number to confirm the validity of the message. If invalid, the bank will involve its fraud department to address the issue.
Secure Mobile Devices. Use a passcode or other means to secure access to your mobile device should it be lost or fall into the wrong hands.
Log Out. Make it a practice to log out of applications you are not using so that cybercriminals can not gain immediate access to your accounts should your device be hacked. Even if the browser window is closed, you may still be logged in to your account.
Log-In Alerts. If available, set up an alert system that will notify you if there is any outside attempt to access your devices or accounts from an unknown location. The sooner you’re aware that an attempt has been made, the more quickly you can act to ensure your protections are in place.
Protecting Business Social Media Privacy
For more ways to protect your organization’s social media privacy, the Cybersecurity & Infrastructure Security Agency (CISA) released the following guidance documentation in Dec 2021: