1 hour 44 minutes
hi and welcome to lessen to datu off the end user cyber fundamentals course.
This lesson will be focused on the risks of social media.
In this lesson, we will review specific risks off social media.
What are the risks of social media
not paying attention?
Most people tend to use social media on their phone
because of the way we use our phones and it being such a big part of our daily lives and everything we dio,
we tend to not be as careful as we are. When we are on our PCs or laptops.
We are more apt to interact with an unknown person,
click on a fishing link or even fill out a form requesting sensitive personal information.
As we know, by clicking on an unknown link, you can inadvertently downloaded malicious software, which can be designed to steal your personal information or even install ransomware or other malicious software.
Not refreshing and maintaining your online presence.
It is very important to refresh and maintain your online profile on social media.
You should take the time to review your friends.
Does everyone still belong?
Do you know who they all are?
Did you even accept them as a friend.
Delete old photos, posts and other information.
The more personal information about you online, the easier it is for social engineers to trick you into giving out the information they want.
Most people tend to do this with physical photos and papers,
but neglect their online photos, files and data.
This is just as important,
if not more so, as the more information that is available about you online. The greater you are at risk with social engineering,
which can lead to a breach of your personal information and potentially identity theft or other fraud.
Also put into much detail about your company's technology can also put your company at risk.
For example, most people will post technology they are responsible for in their resume, knees or linked in or other websites.
Instead of just saying I am responsible for routers and firewalls for the organization,
they will post that they are responsible for a specific firewall and put the brands and model.
I know recruiters want you to do this because it makes their job easier,
but it does put the company at risk.
Ah, Hacker is going to see that company A uses a particular brand and model of firewall,
and we'll look for known vulnerabilities for that brand and model
and then look to see how they can exploit it in your company.
They even know who is responsible for it,
thanks to your linked in profile
social engineers usual Linton Page and other social media websites to educate themselves on you, your company where you work, where you used to work and you co workers
this way, when they reach out via phone, email or social media, it is much easier
to trick you into breaking normal security procedures because they have enough information to sound believable and entitled to the information.
These are fishing techniques.
Most fishing techniques rely on social engineering, and social engineers love social media sites.
Most people think of e mails when they think of fishing,
but scammers use social media sites for fishing as well.
Social media users will see an attractive sale
click on the social media sale post,
and all they have to do is fill out some information like their name, address, email and birthdate.
Social media sites are the perfect venue for social fishing.
Think about it. Those ads, offers and sites blends right in and hide in plain sight.
You barely look or notice as you scroll by.
Always apply the same safety standards to social media, like do not click links, open attachments or give personal information to anyone who asks
compliance and brand issues.
Employees accidentally sharing sensitive company customer or personal information
on these public forums.
It is very important to ensure employees are aware
off the company's policies, such as your social media policy, data classification policy,
end user accessible use policy
and any regulatory requirements such as GDP are or CCP A. If applicable,
disgruntled employees can purposely share sensitive company or customer information or post inappropriate contents
on the company's social media page with the intent to cause damage to the company's reputation.
Hackers will impersonate and duplicate your business profile to get you to click and end up on the bed after spoof site,
which can put you at risk for drive by downloads, other malware tricked into logging in and exposing your credentials and potentially other sensitive information.
We discussed website spoofing in more detail in less than one.
Exactly the same applies here for social media profiles.
People are not always who they say they are.
Here are some of the most common social media stands.
Fake customer service accounts,
fake comments on popular posts,
fake online discounts and fake online surveys and contests.
Fake customer service accounts, which is called angler fishing, is very popular amongst bad actors on social media sites such as Twitter, Facebook and Instagram.
They will create a fake support page on the social media sites in order to read their customers to phishing websites.
They impersonate the social media, teams off various businesses to gain trust of clients
who then feel safe and willing to share sensitive personal data,
since they assure they are communicating with genuine staff from the brand they reached out to in the first place.
Although big social media sites try very hard to eliminate fake social media accounts, evidence clearly shows they are not succeeding,
according to a study published by researchers
at the NATTO Strategic Command Center of Excellence.
The study found that it is surprisingly easy to purchase tens off thousands of comments, likes and views on Facebook, Twitter, YouTube and INSTAGRAM,
fake online discounts, surveys and contests are basically phishing scams, and they are harder to recognize on social media
saw always go directly to the vendor website and check them out on the Better Business Bureau to verify legitimacy.
Should I connect with everyone on social media?
Onley connects with people you know or people you are genuinely interested in.
This will help protect you from social fishing and malicious activity.
In today's lesson, we discussed the risks of social media.
We covered specific examples of risks such a social fishing angler fishing. And we even talked about how to maintain your online presence.
Here are my references.
Thank you and I will see you in the next lesson.