Did you know that social media accounts are one of the favorite targets for cybercriminals? You may think cybercriminals would prefer to hack online banking accounts or shopping accounts, but that doesn’t seem to be the case. Here’s why. Social media accounts hold A LOT of personal information including name, email ID, date of birth, place of birth, place of work (your business!) high school attended, names of family, friends, and pets, anniversaries, and more…which means, they are basically gold mines of Personally Identifiable Data (PII). Plus, if you play games and have your credit card details saved, there’s more information and better chances for the cybercriminal to commit fraud. All of this data can then be used to hack into other accounts of the user, including financials. So, hacking into someone’s social media account can help cybercriminals gain entry into other, more ‘useful’ and secure accounts.
But, how does it matter to you, as a business? If your employee’s personal social media account is hacked, it shouldn’t affect you, as a company, right? Wrong…here’s how it can affect you.
- If the employee whose social media account is hacked is the administrator of your company’s official social media handles, you are in big trouble as hackers will gain access to your company account and consequently to customer information, because you may be having clients who follow your business account on social media. The whole situation can result in a lot of damage to your business and brand reputation and also result in penalties and possible lawsuits.
- Even if your employee doesn’t handle your company’s social handles, the hackers may have enough of their PII to try and pry open a small entryway into your IT network.
You can avoid such mishaps by
- Training your staff on social media and cybersecurity best practices including advanced privacy and permission settings for social media accounts
- Ensuring your employees can identify and steer clear of phishing and social media frauds
- Helping your employees understand the importance of practicing good password hygiene across all their online accounts–social, work, or personal.
- Ensuring they realize that their Facebook or LinkedIn account is not ‘just another online socializing platform’, but an actual gold mine of information and only those who they really trust should be able to access them.
- Sharing regular Day Zero Alerts and relevant news articles with your staff that keeps them updated on the latest modus operandi and happenings related to cybercrime
Your managed IT services provider will help you organize and conduct these kinds of training and awareness sessions at regular intervals for your staff.