How would you feel if social media didn’t exist?
If you said ‘lost’, I am pretty sure many people feel the same way because, for many of us, social media is a way to express what’s going on in our minds and connect with people.
While some people use it to get in touch with people, others share ideas, some post pictures and stories, and others just scroll feeds.
However you use it, it’s worth mentioning that Mark Zuckerberg did a fantastic job placing Facebook and other social media channels like WhatsApp in our lives.
Today people are using Facebook for much more, and Facebook has extended its wings into the business sector with Marketplace and business pages. People equipped with just their mobile phones and an internet connection are capable of buying, selling and completing financial transactions. But just like everything else, social media has its own issues and concerns. It’s imperative for everyone participating in social media to know the risks. These risks extend from getting hacked by your ex, scammed by an impersonated seller, or even being blackmailed for a comment you made on a public figure. With so much happening worldwide, such as the pandemic and Russia Ukraine war, cyber crimes and fraud are simultaneously taking their place.
HACKS AND SCAMS CAN HAPPEN TO ANYONE, ANYTIME!
I started using Facebook back when I was in school and to share my personal social media misery; just one year later, my account was hacked. At first, when I couldn’t log in, I didn’t realise what had happened to the account; later, one of my school friends called me and said she saw me posting sexual content on my feed. I was shaken, scared and worried about what my friends & connections would think of me. I told my brother, an engineering student at the time, about it, and he consequently rescued my account. He deleted the account and created a new one with an extremely strong password, at least I thought it was strong, because like most of the other people at that time, they would use basic passwords like “Ilovedad”.
That was my first cyber security lesson, not from a book, tutorial or university but a real-life hacking incident.
When I reflect on that time now, it’s so weird and contrary to see how I became a forensic analyst and a cyber security professional over the subsequent years.
Years later, in January 2022, I came across something similar, but this time my approach was a lot different, thanks to my profession and background education. I woke up in the morning and looked at my phone (as I am sure most of us do now as a morning ritual). I had received this message on Messenger from my old friend, “Are you the one in this video?” with a youtube link following.
This time, I was not shocked as I knew the message’s intent. I just informed my friend not to circulate that link, and I left my phone and went to the washroom. When I returned to my phone and spoke with my friend, I was not surprised to discover she had been hacked. The same message (which was sent to me) had been sent to all her friends. She was facing something similar to what I had encountered in my school days, and I could hear the worry in her voice.
I was grateful I was in a position as a cyber security professional to help her. I advised her to check if she could still log into her account, and luckily, she was able to do so. Next, I advised her to check the devices logged into her account from the ‘settings>>privacy’ section.
She could see someone else was logged into her account from an Android device in a suburb of New South Wales, Australia. I told her to select the “remove that device” section beside the device name. I also suggested she change her password and gave her an example of how she could create a strong password.
No matter how much we talk about cyber security, it is a sad truth that it is still endemic in many areas of society. People in the countryside and remote parts of the world today have smartphones, social websites and apps on their devices, with little or no IT skills.
I was prompted to write this blog, as I felt for these people with little cyber security knowledge put in these situations.
Statistics show that social websites, Facebook, in particular, are used by people from weak IT backgrounds. These sites are widespread in different nations with different educational and financial contexts.
We talk about cyber awareness, but most users don’t even know what kind of attack they can be exposed to, what they can lose and how to manage these cyber fraud and crime incidences.
So, what can happen to your everyday social media account ?
When we think of ‘loss’ in fraud or cyber security, we often think of financial loss. But the facts are very different. You are at risk even if you don’t have millions in your account.
Hackers can post obnoxious content from your account, defaming your profile. Your account can be used for generating malware campaigns, cyber terrorism and for other illegal activities.
Your account could also be used to send malicious links to your contacts. This is an effective strategy by the hacker, as your friends would assume the message is genuine, as it would appear to be coming from your account. Also, with access to your account, they now know all your private conversations and could share sensitive information. Moreover, with access to one account, the hackers can leverage this information to get other account logins, contributing to further malicious activity.
It’s worth mentioning some of the main categories in which your social media apps could be hacked:
- It all starts with a “PASSWORD”: whether it’s weak and easy to guess, you haven’t changed it in a long time, or you may have given it to someone, a password is your door key. Make sure you take care of it well!
Don’t leave your device unattended
- You are busy dancing at a get-together. Someone has back shouldered your mobile password earlier, then opens your WhatsApp and scans the code. Now they can log in from their own device sometime later on.
Think before you act
- Getting a link in your inbox claiming that “Your private video is out” provokes you to click on the link rather than taking the time to think about it.
- Is someone asking for advance payment when buying something on the Facebook marketplace?
- Winning an iPhone is not as easy as receiving a message in your inbox. Don’t jump into clicking any link saying “You have won an iPhone” or something similar.
- Emails from Facebook saying, “you’re having trouble logging into your account. If you need help, click the button below, and we’ll log you in.” Before hitting that button, don’t forget to check where the email is coming from. Is it really the original Facebook Security email ID or an impersonated email?
Review access & permissions
- Are you sharing your photos and location with the right person at the right time? We forget to remove these accesses even if we have removed certain people from our lives.
When in doubt, check – do your research!
- Do you have basic information about a person before paying for your item?
- A lottery link or a voucher code revelation from a very close friend? Don’t forget to be mindful of the link’s appearance and get confirmation from your friend that the link works.
- For all those Tiktok stars and Insta reel gems getting requests for collaborations? Be wary and go through a quick background check before collabing, sharing personal information and finally, before paying anything.
Over the years, I still believe cyber security makes more sense only when people know and face its practical implications. This is not only relevant for individuals but also for large organisations who are often only convinced to invest in security practice or strategy when a breach has occurred in their respective industry or their firm. We have seen a lot of those cases around lately.
Read More on you Favourite Streaming Channel
Want to know more?
Skillfield is an Australian based IT services consultancy company empowering businesses to excel in the digital era. Across our two main practices of Cyber Security & Data Services, our talented and committed professionals provide smart and simplified solutions to complex cyber security and big data challenges.