Phishing attacks are the most common cyber attack practice for everything from ransomware to credential theft. We are very aware of it coming by email, but other types of phishing attacks have been growing rapidly.
In recent years, phishing attacks over social media has skyrocketed by 500%, in addition to 100% increase in fraudulent social media accounts.
Phishing attacks over social media often tricks the victims because people tend to let their guard down when on social platforms like Facebook, Instagram, Twitter, and LinkedIn where they are socializing and not expecting scams like phishing attacks
However, phishing attackers are out there looking for you and will reach out via friend requests and direct messages. Learn several ways you can secure your social media use to avoid these types of covert attacks.
Make Your Profile Private on Social Platforms
Phishing fraudsters love public social media profiles because they can not only acquire information about you to start a conversation, but they can also clone your profile and create a fake page to phish your connections.
Criminals do this to try to connect with others on your friends or connections list in order to send social phishing links that those targets are more likely to click because it appears to be from someone they know.
You can reduce your risk by limiting access to your profile to only your connections. This means that only those you’ve associated with will be able to see your posts and photographs, rather than the broader public.
For platforms like LinkedIn where many people network for business, you might still want to keep your profile public, but you can follow the other tips below to reduce your phishing attack risk.
Hide Your Contacts/Friends List
Hide your friends or connections list to prevent social phishing attacks and criminals from using your social media profile to gain access to your connections. This privacy option is available on platforms like LinkedIn and Facebook. However, unless they have also removed their friends list, scammers will still perceive you as a friend or connection on someone else’s profile.
Be Wary of Links Sent via Direct Message & in Posts
Phishing attacks are best delivered over internet, especially over social media. Because links in social media posts are frequently truncated, it’s difficult to tell where you’re going until you get there. This makes clicking links you see on social media platforms increasingly riskier.
A fraudster may contact you on LinkedIn to inquire about your company’s offerings and provide you with a link to their website. Do not click links received via direct messaging or in social media posts unless you know the source is trustworthy. They could be going to a phishing site that downloads malware onto your device without your knowledge.
Even if one of your connections sends you a link, look into where it came from. People frequently share posts on their own feeds because they enjoy a meme or image, but they never check to see if the source can be trusted.
Don’t Participate in Social Media Surveys or Quizzes
While it’s interesting to figure out which Marvel superhero or Disney princess you are, avoid social media quizzes. They’re frequently meant to acquire information about you that could be utilized in targeted phishing attacks.
The Cambridge Analytica scandal , which exposed millions of Facebook users’ personal information, occurred not long ago. The company was discovered to be collecting information on users without their agreement through surveys and quizzes.
While this was a high-profile example, they’re far from the only ones who play fast and loose with user data and utilize social media to gather as much as possible.
It’s advisable to stay away from any type of poll or quiz on any social networking platform since once your personal information is out there, it’s gone forever.
Avoid Purchasing Directly from Ads on Facebook or Instagram
Many legitimate businesses advertise on social media, but scammers also use the channels to commit credit card fraud, identity theft and phishing attacks.
If something in a Facebook or Instagram ad catches your eye, go to the advertiser’s website directly instead of clicking via the social ad.
Research Before You Accept a Friend Request
Receiving a connection request on a social media platform can be exhilarating. It could be a new business link or a reunion with a former classmate. However, scammers will try to take advantage of you in this way as well while planning phishing attacks. They’ll attempt to connect with you as a first step before reaching out to you directly via DM.
Connect with friend requests only after thoroughly researching the individual on the site and utilizing a search engine. If they simply have photographs of themselves on their timeline and no posts, that’s a significant red signal that you should deny the request.
Can Your Devices Handle a Phishing Link or File?
It’s important to safeguard your devices with things like DNS filtering, managed antivirus, email filtering, and more. This will help protect you if you happen to click on a link and caught up with phishing attacks.
Find out how we can help!