Social Media Security TIps

How To Protect Your Social Media Accounts From Hackers

Union Bank Security Department October 10, 2017

From Yahoo to Equifax, there have been many high profile cyber security stories in the news recently. When you learn that hackers have stolen customer data from large companies, you may worry that your information is exposed, but have no idea what steps to take to protect yourself. Social media is a great place to start to shield yourself (as well as your contacts) from identity theft, computer viruses, and phishing scams. In this article we’ll give you an overview of the most common social media scams you need to watch out for, and provide social media security tips you can implement right away. We also want to remind you that Union Bank will never solicit personal information via email, text, telephone, or social media. If you get a suspicious message claiming to be from Union Bank, contact us immediately to report and resolve the issue.

Union Bank will never solicit personal information via email, text, or phone

Why Social Media?

Social media isn’t usually the focus of cyber security discussions. However, Facebook, Twitter, LinkedIn and other favorite platforms are increasingly the preferred venue for scams, malware, ransomware, and phishing. According to Proofpoint, 2016 saw a 500 percent increase in social media phishing attacks. Why? The answer is simple–it’s easy to open a social media account and use it for malicious purposes. Many of these fraudulent accounts masquerade as customer service reps from legitimate companies. With little time and effort, hackers can reach thousands of users through pages, posts, and tweets. Once you click on a harmful link, hackers can access your account to target your social media network of friends and followers.

Popular Social Media Scams

Most social media scams utilize phishing, an attack in which a hacker poses as a legitimate entity in order to steal your account login information or other sensitive data, get you to transfer money to them, or lure you to click on a link that will install a virus or ransomware on your computer, phone, or other electronic device. Here are the most common types of social media phishing scams to watch out for.

Shortened URLs

Social Media Short Links Example

Thanks to the brevity of Twitter, URL shortening is a common way to link to an article or webpage without using up too many characters. Plenty of social media users share legitimate shortened URLs, but they have also become a favorite tool of hackers since they conceal the link’s real destination.

How can you spot a shortened URL phishing scam? You may receive an email that looks like it’s from one of your social media platforms. The message links to a post or tweet you were mentioned in, or a similar notification, and invites you to click on the link to see the whole thing. Most of us don’t read an entire URL before clicking on a link, especially if we’re using a smartphone. To protect yourself from a shortened URL phishing scam:

  • Never click on an abbreviated link in an email or social media post.
  • Avoid logging into any website you visit through a link you received in your email or social media account. Hackers create counterfeit websites to steal your username and password for everything from your bank account to your social media profiles and email. Since many people use the same password for multiple websites (another cyber security no-no), getting the key to one of your accounts usually unlocks others.
  • To test a shortened URL before you click, copy and paste it into a URL extender so you can see the full web address. If it’s authentic, there’s no harm in using the shortened URL.
  • You can also hover your mouse over a link to see the full address pop up before you click. Microsoft reports that many phishing links look like a string of numbers or a .exe file.

Fake Coupons

Every shopper loves a deal, and the Internet can be a great place to find coupons for your favorite stores. However, counterfeit coupons are another common phishing scam on social media. To protect yourself from fake coupons:

  • Be careful before you download a coupon. If you’re shopping online, you don’t need to download anything; you can simply use a coupon code. If you need to print out a physical coupon to take to a store, analyze the source of the coupon.
  • Before clicking on a coupon link in a social media post or message, visit the retailer’s website to see if you can find the same coupon there. You also shouldn’t have to click on a link to get a coupon code; if it’s not visible in the original post or message, that’s a red flag. Hackers may bait you with the promise of a coupon in order to direct you to an outside website that will install malware on your computer.

Click Baiting

This phrase refers to stories and headlines that are intended to be irresistibly alluring. They may promise juicy celebrity gossip or a new 5-minute workout guaranteed to help you lose abdominal fat. Click baiting also appears in the form of promotions and giveaways. When you click on the interesting article headline or the link to enter the sweepstakes, you end up visiting a malicious website that will either install malware on your computer or collect your sensitive personal information. To protect yourself from click baiting:

  • Critically examine the content of the message or post. Are there obvious spelling, punctuation, or grammatical errors? Logos or graphics that don’t look right? If the copy isn’t professional, it’s probably a hacker’s work.
  • Contact the company associated with the promotion or giveaway to verify they are actually offering it. If they’ve never heard of it before, you know you’ve got a scam on your hands.
  • Trust your gut. When something seems too good to be true, it probably is, especially when it comes to sweepstakes you hear about on the Internet.

Malicious Friend Requests

Do you reflexively accept most or all of the friend requests you receive on Facebook and other social media? It’s a good idea not to approve people you don’t know. Once they’re in your network, it’s easier for hackers to view personal information they can use for identity theft. Also delete any messages sent to you from people who aren’t already in your network.

Social Media Security Best Practices

Social security best practices

Now that you can identify the most common social media scams, here are the best practices you can use to protect yourself and your devices from identity theft and malware.

  • Don’t give out your birth date. Yes, it’s nice to receive all those Facebook birthday wishes, but cybercriminals can use this important fact to steal your identity.
  • Keep your address and phone number private. You may need to share your business address and phone number for professional reasons, but try to keep your personal information to yourself. Sharing this sensitive information on social media exposes you to the risk of physical burglary as well as cyber crimes.
  • Think carefully about your answers to security questions. They often ask for information like the location of your wedding or your mother’s maiden name that can be surprisingly easy for hackers to find in your social media profile. Try to choose a question and answer that only you will know.
  • Out and about? Resist the temptation to tag your location in your social media post. Thieves can use this information to track your routines and find out when you’re not at home.

Union Bank Helps You Prevent Fraud

Want to learn more about protecting yourself online? Visit our Preventing Fraud page for helpful tips on avoiding scams and other cyber security attacks. Also, keep in mind that Union Bank and other companies will never ask for your personal information through any communication channel. Follow us on our official social media accounts to stay up-to-date on the latest cyber security news and tips: