Documents in Portable Document Format (.PDF) require Adobe Acrobat Reader 5.0 or higher to view. Download it now.
FDIC-Insured - Backed by the full faith and credit of the U.S. Government
Enterprise Bank
Online Banking
Enroll Now | Forgot password or PIN?
HomeResources

Social Media Dangers

Social Media Dangers — Social Butterfly Beware

 

Friending, following, tweeting, instagram-ing, checking-in and linking-up....In today's ever-connected world, people all over the globe are utilizing social media websites and their associated mobile applications.

Social media, although still relatively new and evolving, is here to stay. As such, your goal as a user of the medium should be to understand the potential security issues you may be exposed to through its use.

Did you know that Facebook has 2.4 Billion active users as of 2019 (www.statista.com) and many do not bother with any kind of privacy control? The natural human tendency to trust and the lack of knowledge makes for a quintessential playground for a social engineer on the take.

Knowledge is power, as they say, and the best way to limit your exposure is to understand the dangers of social media and implement solutions to smarter socializing.

Spear phishing, baiting, pharming, elicitation and click-jacking... No, these are not episodes of a reality show on a sports and outdoor channel, these are uncommon names for common tactics used by social hackers. Devious minds with more sinister interests than wanting to hear about what you did over the weekend or who won the corporate volleyball tournament.

These social engineering gurus utilize social media platforms and emerging technology to threaten, track and attempt to take down entire organizations one friend, follower and fan at a time.

"Fraudsters go where the potential victims are and social media sites are a prime breeding ground for fraud. - Elizabeth Khalil - FDIC

Baiting

When someone makes accessible an electronic device such as a USB drive that is preloaded with malware with the intent that you will use the device and allow them access into your computer.

Spear phishing

Occurs when a user receives a fake email from a hacker posing as a colleague or friend. The email contains a dirty link or file corrupt with malware.

Click-jacking

The concealment of hyperlinks beneath legitimate content which lead the user to unknowingly perform damageable actions such as downloading malware or sending your ID to a site. These scams often employ "Like and "Share" buttons on social networking sites.

Elicitation

The strategic use of conversation to extract information from people without giving them the feeling they are being interrogated.

Pharming

The practice of redirecting users from legitimate websites to fraudulent ones for the purpose of extracting confidential data such as banking or transactional sites.

"Once a user posts information to a social networking site, that information can no longer be considered private and can be used for criminal purposes," the FBI warns. "Even if you use the highest security settings on your account, others may --intentionally or not-- leak your information. And once in the hands of criminals, this personal information can be used to conduct all kinds of cyber attacks against you or your family members, friends, or business associates in an effort to obtain additional and even more sensitive personal information." (source: FBI)

Even with these sophisticated cyber-tactics, creating a culture of security within your family is well within your reach, in the palm of your hand and at your fingertips. With smart strategies and good old-fashioned common sense, any social butterfly can fly safe and secure. But without these things, social media users could find their wings clipped and victims of a security attack.

Social Media Safety Best Practices

  1. Do not use an electronic device, such as a USB thumb drive, given to you from someone you do not know.
  2. Avoid having the same password, especially the name of your prized pet, on all social networking sites, banking accounts and access codes.
  3. Do not give out your work codes and corporate passwords...ever.
  4. Avoid posting on Facebook or Twitter that you are leaving for vacation for a week and that you are bummed your home security system is down.
  5. Do not friend people that you do not know.
  6. Do not leave your security settings on Facebook inactive.
  7. Be mindful of the important information taught during your corporate security training.
  8. Remove your Global Position System (GPS) coding in all items.
  9. Avoid conducting online banking at a public computer or via public Wi-Fi.
  10. Be observant and report suspicious incidents to your internet service provider or the local authorities.