6 Ways to Stop Social Phishing Attacks

6 Ways to Stop Social Media Phishing Attacks

Phishing is the number one method of attack for everything from ransomware to credential theft. Email phishing is the main method for delivery but other delivery means are on the rise.

Phishing over social media has skyrocketed by over 500% in recent years and there has also been a 100% increase in fraudulent social media accounts.

Phishing over social media often tricks the victims because people think they are in a safe zone with friends and often let their guard down. Phishing scammers are out there in big numbers on social media sites and often will reach out via friend requests and direct messages. Learn several ways you can secure your social media accounts to help avoid these types of attacks.

1) Make Your Profile Private

Scammers love public profiles as they can gather personal details on you and enable  them to clone your profile and put up a fake page to phish your friends and connections.

Criminals clone profiles to connect with your friends or connections to send them social phishing links that they will be more likely to click on because they believe it is from someone they know and trust.

You can limit your risk by going into your profile settings and making it private to your connections only. This means that only someone that you have connected with can see your posts and images, not the general public.

With sites like LinkedIn where you may want to connect with unknown people due to business and work prospects, you might want to keep your profile public, but to reduce your risks follow the other tips below.

2) Do Not Click on any Surveys, Quizzes or Similar Articles

Yes it is fun to fill in a quiz and waste a few minutes to discover your super hero name or similar they are often designed as a ploy to gather data on you. This data could then be used for a targeted phishing attacks or identity theft against you.

The Cambridge Analytica scandal that impacted the personal data of millions of Facebook used surveys and quizzes to collect information on users without their consent. While this case was high-profile, they are by no means the only ones that do this. As such, it is best to avoid any types of surveys or quizzes on any social media platform because once your personal data is out on the Internet or beyond, there is no getting it back.

3) Be Wary When Receiving Links in DM’s and in Posts

Links are the #1 way of delivering phishing attacks over social media. Links in social posts are often shortened, this makes it difficult for someone to know where they are going until they get there. This makes it even more dangerous to follow links you see on a social media platform.

A scammer might chat you up on LinkedIn to inquire about your business offerings and give you a link that they claim is to their website. Unless you know the source to be legitimate, do not click links sent via direct message or in social media posts. They could be leading to a phishing site that downloads of malware onto your device.

Even if one of your trusted connections shares a link, be sure to research where it is coming from. People often share posts in their own feeds because they like a meme or picture on the post, but they never actually checked whether the source can be trusted.

4) Hide Your Contacts / Friends List

Platforms like LinkedIn and Facebook both give you the option to hide your friends list. This helps keep scammers at bay as they often use your lists to create fake profiles from people that you know.

Just be aware that this does not keep scammers from seeing you as a friend or connection on someone else’s profile unless they too have hidden their friends list.

5) Avoid Clicking on Adverts on Social Media

There are many companies that advertise on social media legitimately, but unfortunately, many scammers also use these social media platforms for credit card fraud and identity theft.

If you see something that catches your eye, go directly to the advertiser’s website to check it out, do not click on the social media advert.

6) Doublecheck Before You Accept a Friend Request

Ys, it is exciting to get a connection request on a social media platform. It could mean a connecting with a new business connection or with someone from your past. But this is another way that phishing scammers will look to take advantage of you. They initial connection is the first step before reaching out via a direct message (AKA a DM).

Do not connect with friend requests without first checking out the person on the site and online using a search engine. If you see that their timeline only has pictures of themselves and no posts, that’s a big red flag that you should decline the request. Also check to see if you are already their friend as scammers often create fake profiles of people you already know and a social media friends with.

Can Your Business Handle a Phishing Attack?

It is very important to safeguard your business from attacks. You can protect your IT infrastructure with things like DNS filtering, antimalware, email filtering and more. Contact us now to see how we can help!

Leave a Reply

Your email address will not be published.