Avoid being attacked through social media

Eight best practices to follow - personally and professionally 

  1. Learn how to use and adjust the privacy and security settings offered on each site. These settings are there to help you control who sees your posts and control who can share content on your profile or business page. Set the security to a high level (a minimum amount of sharing), and review them once a quarter because they change.
  2. Everything you post will literally be there forever. Nothing on the Internet really disappears completely. Even though you may be able to delete your photo or post, someone else may have taken a screenshot or copied it. Just ask yourself, “Is this something I want the world to see forever?” or “Would this be harmful if it was on the front page tomorrow morning?”
  3. Make sure you fully understand what information your organization considers confidential or sensitive. Exposing that kind of information could do more damage than you know.  Hackers use posted information on social media to build a profile, which they use to attack your organization. For example, a bad guy could use data about an upcoming product release or announcement to send a phishing email to your coworkers, who might fall for it and allow a hacker into your network.

  4. Don’t post that you are out of town attending a conference or on vacation. Robbers love to know when you are away from home, and hackers love to know when you are away from the office. Specific personal information like this seems harmless...but for the bad guys, it can be worth gold.


  6. Only accept a friend or connection requests from people you know personally or can verify through another friend or connection. A bad guy who is now a connection or a friend can do harm in a number of ways. For example, he can now trick you into clicking on a malicious link and infect your workstation with malware.
  7. Some websites allow you to log in with a username and password from a social media site. While that is convenient, it also has risks because social media sites are a major target for hackers who can steal millions of passwords. Using those stolen passwords, hackers can now get into all the sites you used with that same password. Always use different usernames and strong passwords for every social media site, and never reuse them, especially your work username and password, which brings us to the last best practice:
  8. Never use your work email address for anything other than work. Use a dedicated email account just for social media. For instance, create one or more Gmail accounts for your different social media sites and use different, hard-to-guess security questions for each site.
  9. And, as a bonus, here is one last major rule to always keep in mind: Think Before You Click On That Link!