16 Oct Cybersecurity Risks with Social Media
While social media by itself may not seem like a threat to your business, ignoring best practices around cybersecurity makes it easy for scammers to exploit your firm’s data. Neglecting privacy settings invites cybercriminals to use personal information in ways that could be detrimental to the security and reputation of your firm. In fact, more than one in eight enterprises have suffered security breaches through a social media cyberattack.
Risks Associated with Social Media Engagement:
- Phishing: Cybercriminals can post false Facebook updates and messages to your inbox by “third-parties” intending to spread malware.
- Single Social Media Manager: This poses a risk if that person’s personal account is attached to the firm’s corporate account. Granting administrative access to only one person effectively puts your firm’s brand name at risk if his/her account is compromised.
- Complacency: As cyber threats evolve, social media platforms are bolstering their security features to create a safer environment. Relying on these preventative measures alone without having a social media policy in place puts you at risk or a cyberattack. See FINRA11 and the SEC’s guidance on cybersecurity.
- Unattended Accounts: If your firm has a presence on multiple social media platforms but only uses one or two, the accounts not utilized or monitored as often, known as “zombie accounts”, are perfect vehicles for hackers to spread malware.
- Impostor Accounts: Hackers will set up false social accounts with handles that closely match your firm’s name, logo and most recent posts. This creates opportunity for these impostor accounts to follow your clients or employees and engage in social engineering, sending them messages requesting login credentials and other sensitive data.
- Vulnerabilities in Connected Apps: Many firms connect their social media accounts with third-party apps, such as analytics apps. While these apps are useful, they increase the risk of your account being hacked due to bugs.
- Disgruntled Employees: While it’s normal for employees to express feelings about the workplace on their social accounts, they may inadvertently reveal more than they should. Whether they are sharing sensitive data or posting pictures from a work event or of the office, they may end up sharing something that could hurt your firm in the long term.
- Botnet Accounts: Socialbots are an automated software that controls social network interactions by convincing other users that they are a real person. This can affect the perception of brands, skew tracking data such as fake ad impressions, spread false news, manipulate public opinion, and make it difficult for your firm to create and convert content.
VIDEO: Social Media Risks
SDDco CYBER – Protection is in Reach!
Social media can be a powerful tool for your firm – as well as a launching pad for cyber-attacks. Cyber threats in social media can be countered only by being proactive. If you feel unprepared to combat these risks, or simply want to update your firm’s cybersecurity program policies and procedures to reflect emerging trends, SDDco Cyber is here to help! Our experienced cyber consultants will assist in reviewing your firm’s cybersecurity compliance program and social media policy.