Cyber security and social media
Social media has become a way of life for many people. We use it to keep in touch, plan events, share our photos and comment on current events. It’s replaced email and phone calls for a lot of us. But, as with anything else online, it’s important to be aware of the risks. Check out our advice on how you can keep your social media accounts safe and secure.
Look after your login and password details
- Use bookmarks or favourites to access social media sites, or type the URLs into your browser. Don’t access your accounts through links that someone else has sent you, or links on other websites. These could lead you to fake sites, allowing attackers to access your personal details or even install malware on your device.
- Make sure you haven’t set your PC or your apps to remember your social media login details so they log you in automatically. If you do, and someone else gets access to your phone or your PC, they’ll get access to your social media accounts too.
- Have a different password for each one of your social media accounts. Don’t use the same password for your Facebook account as you do for Instagram, for example. That way, if someone gets access to one of your account passwords, they won’t get easy access to your other accounts as well. Aim for passwords of eight characters or more, and use numbers, letters and symbols in them. Don’t share them with anyone, and think about changing them from time to time.
- Be cautious of logging in to your social media accounts using a hotspot or free WiFi — if you’re logging on at a cafe, for example. These networks are untrusted, meaning that it's possible that others could see what you're doing when you use them. You’re also at risk of people 'shoulder surfing' — looking over your shoulder to try and see the login details for your account. So while it’s ok to check the news or the weather, try to keep social media use to a minimum.
- If you access your social media accounts through an app on your phone or your tablet, make sure you lock it when you’re not using it.
Understand your privacy settings
- Get to know the privacy settings for each of your social media accounts — you’ll find them in your account settings. Think about who you want to see your profile, and what kind of information you want them to see.
- Check your settings regularly. They’re often updated so review them from time to time to make sure that nothing’s changed.
- Some social media sites let you share updates and posts to your other social media accounts. For example, you can have your Twitter posts display on your Facebook timeline as well. Make sure you know if your account is set up to do that and if so, that it’s what you want.
Be smart about making friends
- Only accept friend invitations from people that you know in real life. This means someone you know personally, or someone that you know is a real person, like a celebrity or public figure.
- Look out for verified accounts on social media. Verified accounts usually have a blue tick next to the account name. Business accounts, or those of celebrities or public figures, are often verified because they have a high likelihood of being impersonated. The blue tick lets you know that an account is authentic.
- Remember that if you don't want to be friends with someone, or let them see what you're posting on social media, you can block them.
Watch out for scams
- Be on the lookout for social engineering and scams on social media. Social engineering is when an attacker:
- gains a person’s trust and tricks them into giving them access or information they shouldn’t have
- researches a person and gets enough information to be able to either guess their passwords, or get them reset to something the attacker chooses.
- Be wary of opening links and attachments in social media. Links asking you to visit another website to claim a free offer or a prize are often scams. These can be used by attackers to get hold of your personal details, or even install malware on your device. Think before you click — if something sounds too good to be true, it probably is.
- Look out for fake friend requests. Scammers often set up fake profiles to get information from you that they could use for their own gain.
- Don’t log in to other websites or apps using your social media login details. For example, some sites will ask if you want to create an account with them using your Facebook login details. If you’re creating a new account, always choose a new username and password.
Remember that what goes online, stays online
- Don’t reveal too many personal details on social media. 'About me' fields are optional — you don’t have to fill them in.
- Don’t share anything that could embarrass you, or someone else you know. Only share things that you’d be happy for anyone to see, or that you’d be prepared to say in real life. Keep an eye on what others post about you too.
- If you’re using Twitter, remember that it’s open to everyone — anyone can see what you’re posting.
- Think about who could see the things you post other than your friends and family. For example, potential employers could see what you post online. Social media provides as much of an opportunity to create a positive online reputation as it does a negative one.
- Remember that anything you post online stays online, so think before you post.
Close your old accounts down
- If you have any old social media accounts that you don’t use anymore — remember Myspace? — close them down. Don’t leave your personal information out there unused and unloved. Otherwise, you run the risk of someone else using it without your knowledge.