Social media is a cyber criminal’s dream—many times unregulated, highly visible and easily exploitable platforms that are used daily by millions of people around the world. Through the years, many fraudulent accounts have been created for the sole purpose of carrying out cyber-attacks. Since most victims are completely unsuspecting, inexperienced cyber criminals can very easily carry out low-tech attacks via social media by building convincing profiles and connecting to the right people.

Here are the top suspicious situations to look out for when using social media (you as security professionals may understand the risks—be sure to share them with your friends and family!)

Gatekeeper friending 

In many targeted attacks, hackers knowingly will connect with colleagues and friends of the target, a tactic called “gatekeeper friending” to appear more legitimate once connecting to the target itself. Some networks, like Facebook, allow you to hide your list of friends, which can make the process of a targeted friending attack significantly more difficult. Be thoughtful and develop a coherent approach to dealing with friend requests, especially if you don’t know the person personally.

Privacy policies 

Since social media sites are typically free to use, the way they generate profit is by advertising to you. As a result, they they are collecting extensive information on your activities to best market to you. That is why the two most important practices to be aware of from the sites you are using are:

• Is your information is being shared with outside companies and partners?
• What information can third-party plug-in software, such as Facebook Applications, use from your profile or page content?

It can be tempting to skip reading the fine print assuming that if everyone else is using the site, the privacy policy must be ok, but that assumption can put your data at real risk. Take some time to compare and review different social media companies’ policies  to better understand how they stack up and where your information might be vulnerable.

Social engineering 

Social engineering is a devious and calculated type of attack that involves a psychological and emotional aspect rather than a technical skill. On social media, it shows up in the form of a suspicious message from a “friend” or acquaintance asking for money or personal information. Often times the cybercriminal will create believable and emotional stories to appeal to your conscious and seem credible. However, you don’t have to be a victim. The best way you can protect yourself is by slowing down. Typically, spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review. Be extra cautious of any message that asks you to click a link, download a document and/or asks for any information.

Your best bet for defending yourself against these types of hacks is to trust your gut and always be apprehensive of suspicious activity on social media. There are real world consequences that you can face if you don’t better secure your social media accounts now. Visit here for more information on how to identify your vulnerabilities and protect yourself.