Gareth Redelinghuys
As we head into the summer holiday season, many of us will be checking our work emails less and less and opting for some more light-hearted content on our favourite social media platforms.
Whether it’s sharing some happy snaps from that beach getaway in our stories, or scrolling through our timelines and feeds, social media is a great place to stay in touch with the latest updates from friends and family near and far.
And while we might be taking a break from the office, hackers are always looking for a window of opportunity. Your social media profile could be their next target.
In recent months, celebrities and businesses have fallen victim to social media hackers. TV presenter and business owner Roxy Burger’s business account, The Piercery, was taken over by hackers and used by another business, while Martin Bester of Jacaranda FM lost access to his Facebook profile.
How hackers gain access
To prevent your business and personal accounts from being hacked, there are some important tactics to be aware of. One of the most common methods is a phishing email or direct message to your social media account.
The first tell-tale sign of a phishing message is a generic greeting, like “Hello there” or “Dear user”. If the message doesn’t address you directly by name, it is probably a scam.
The message will then create a sense of urgency to try to get the user to click on a link. The scenario can include the possibility of your account being deleted or an offer such as receiving a gift, verified badge or payment. The cybercriminal then stipulates a deadline to prevent the account from being deleted or puts an expiration date on the offer.
Within the message, there is usually a link that needs to be clicked on to save the profile or claim the offer. The link directs users to a page that mimics the social media platform’s website. The page will then ask you to confirm your details which usually includes your email and password. Once these have been submitted, the hackers have access to your profile and can change your password to lock you out of the account.
The benefits of taking over a social media account
For businesses and even celebrities who have a huge following, the accounts are considered trophies for hackers. Once they have access to the account, cybercriminals can choose to sell it to another scammer to propagate their own scams or to an organisation looking to push their own agenda to a large following.
A hacked social media account can also be used to scam unsuspecting friends and family. Criminals can pose as their victims and request money from their contacts or send additional phishing links. The profile is legitimate, so people believe that the person asking for money is a genuine friend or family member.
How to secure your account
Thankfully, social media platforms are aware of the issue and have introduced safety features to counteract the attacks. For Facebook and Instagram, there is a security check-up for people who may have experienced an account hack. Users can follow a step-by-step process that allows them to check login activity, review profile information and update contact details for account recovery.
In addition, there are some extra precautions you can take to prevent yourself from falling prey to the scams. The first is to be aware of the signs of a phishing scam. If the message uses a generic greeting and tries to create a sense of urgency, it’s probably a cybercriminal looking to get hold of your login details.
Be wary of links in messages, especially if it comes from an unknown contact. Rather than clicking on the link, visit the site directly by typing the address in your browser.
And if there’s any doubt in your mind about whether your login details have been compromised, change your passwords. Doing this regularly is a good habit to ensure your accounts stay secure. And for good measure, turn on two-factor authentication (2FA) in your settings.
This adds another layer of security. If a hacker gets hold of your login details, 2FA prevents them from gaining access by sending a one-time pin or code via SMS or email. Without this code, they cannot hack your account.
And if you receive a 2FA notification and you haven’t been active on the app or account, it’s a sign that someone is trying to log in. If this happens, you can usually report the suspicious activity to the social media platform and it’s a good opportunity to change your passwords.
Social media accounts are full of valuable data that can be stolen and used by cybercriminals for profit and malicious plots. By taking the small security steps to stay safe, we can all enjoy the fun and benefits that come with being on social media.
Gareth Redelinghuys, country managing director African Cluster at Trend Micro.
The Star