Social Media

Social media has become a big part of everyday life. More and more organizations are allowing social media for work related purposes. However, social media also opens up exploits for identity thieves and malware.


Appropriate Use

  • Remember that once something is on the internet, it will be there forever! - Think twice before posting something you wouldn't want a future employer to see. According to, 70% of job recruiters rejected candidates based on information they found online.
  • Some companies prohibit social media - Some companies may not permit the use of social media on workplace resources or during work hours in their Internet policies.
  • Take care when posting about work - Posting about your company's products, customers, etc. may be taken as opinions of the organization rather than just yourself and cause damage to their reputation. In extreme cases, it may subject the company or its employees to lawsuits.


Social Engineering

Social Engineering is an attack that targets human nature instead of computer vulnerabilities. Social Engineers attempt to trick people into breaking normal security procedures and divulging important information.

Follow these other best practices to avoid falling victim to Social Engineers:

  • Always check the default privacy settings - Many of the default settings allow anybody to view your posts and pictures. It may be better to only allow "friends" or "accepted followers" to view information.
  • Don't reveal any Personally Identifiable Information - Many social media sites require biographical information (name, birthday, etc) in order to open an account. You can limit how much of this information is available to other users. Hackers may also scan your social media site for answers to security questions. Also, never post financial information such as credit card numbers.
  • Never accept friend requests from people you don't personally know - It may be identity thieves trying to gain access to information normally blocked by privacy settings.
  • Choose a username that doesn't contain personal information - Remember that usernames are often public, so don't include information such as age or birthdays
  • Do not post that you are going to be away from home - Letting other people know that you will not be home creates the perfect opportunity for burglars. Wait to post pictures from vacation until you've returned home.
  • Don't post photos that may reveal information - Posting your senior photo that you are so proud of may sound like a good idea, but posting a picture with your name, the name of your high school, and your graduation year would make it easy for an identity thief to track down your location and identity. Posting a picture of a brand new TV or stereo is like an advertisement for burglars.
  • Don't click on suspicious messages or posts from friends - Hackers will often gain access to accounts and then send out links than can be used to compromise other accounts or install malware