Individuals, companies and even government entities increasingly rely on social media platforms. But it’s easy to be hacked on these online forums.
It is no surprise that online social platforms have become a veritable treasure trove for cyber criminals and other ill-intentioned profiteers. Along with other looming cyber threats such as ransomware and cyber espionage, the scourge of ‘social hacking’ is fast becoming a major issue for internet users worldwide.
What is social hacking?
Social hacking essentially refers to the act of manipulating outcomes of social behaviour, most commonly by gaining illegal access to private or restricted information that is gleaned online.
Increasingly, savvy hackers use some form of psychological manipulation to trick unsuspecting users or employees into handing over data (passwords, financial information, business IP, etc.) that ultimately has costly ramifications for the targeted individual or company.
Related: Who’s hacking your data?
Recent social hack drama
In the wake of the Facebook/Cambridge Analytica scandal, in which up to 87 million Facebook users had their data shared in order to sway political opinion, technology companies are having to relook their data protection and data privacy policies in order to avoid the fallout that Facebook and its beleaguered CEO Mark Zuckerberg is now facing.
Following the revelation of the ‘data leak’, Zuckerberg was summoned by American Congress to testify before the House Energy and Commerce Committee, where he faced tough questions around the failure to protect user privacy. Arguably, however, we cannot rely on technology companies – or even governments - to protect us from the dark shadow of cyber crime and the malicious hunt for our private data.
It is up to individuals, business leaders and companies to be proactive and to ensure that they are taking every action possible to guard against social hacking and other nefarious acts online.
How to protect yourself (socially) online
A good place to start is toestablish a Social Sharing Policy.Given the threats that exist daily, employees need to be made aware that what they post online might compromise the company they work for – and themselves. With this in mind, developing a social sharing policy is necessary to keep both individuals and companies safe.
In addition to putting strong policies in place, businesses mustinvest in education and training.Without doubt, employees are the weakest link when it comes to the psychological battlefield of social hacking, so education and training is key.
Today, companies across sectors should implement bi-annual training (at minimum) that is geared towards each user group (end-users, IT staff, managers, etc) so that everyone is aware of the latest cyber attacks and methods. Importantly, employees should undergo regular ‘testing’ by having an outside party conduct a social engineering hack.
Finally, social hackers are adept at gleaning key information from social media accounts. Increasingly, these accounts are also vulnerable to being hacked directly.Securing these accounts must be a top priority for every business and internet user.
Related: Don’t be hacked – Yes, we mean YOU
Here are key steps to take:
1. Delete the accounts that you’re not using
Forgotten/old social media accounts may be compromised without being noticed, which can have terrible consequences. Hackers can leverage these and access other accounts linked to it, such as your email.
2. Learn about good password hygiene
For example, use different passwords for your social media accounts, and also make sure that each password is complex and unusual. Enabling 2FA for all your accounts can prevent unauthorised parties from accessing your accounts.
3. Understand which apps are connected to your social media accounts
Do you use Facebook or Google to sign in to any other applications, for example? The less this happens, the safer you are.
4. Always use a unique email address for your social media accounts
If possible, create a whole new email address specifically for social media accounts, so that if you are compromised, the hackers cannot gain access to any valuable information.