Personal social media accounts are one of the most common forums for cyberattacks. You may think cybercriminals would prefer to hack online banking accounts or shopping accounts, but that doesn’t seem to be the case.

Social media accounts hold a lot of personal information including name, email ID, date of birth, place of birth, place of work (your business!), high school attended, anniversaries, names of family, friends, and pets, and more. This means they’re gold mines of Personally Identifiable Data (PII). Plus, if you play games and have your credit card details saved, there are even better chances for fraud. All this data can then be used to hack into other user accounts, including your company’s financials. So, hacking into someone’s social media account can help cybercriminals enter other more “useful” and secure accounts.

But why does it matter for your business? And why should you know when it happens? It’s a personal account so you shouldn’t have anything to do with it, right? Wrong.

DANGERS OF PERSONAL SOCIAL MEDIA ACCOUNT HACKS

• If the hacked employee is the administrator of your company’s business social media accounts, you’re in big trouble. Hackers will gain access to your company account and consequently to customer information. The whole situation can result in a lot of damage to your business and brand reputation, not to mention result in penalties and possible lawsuits.
• Even if your employee doesn’t handle your company’s social handles, hackers may have enough of their PII to pry open a small entryway into your IT network.

HOW TO AVOID PERSONAL ACCOUNT SOCIAL MEDIA ACCOUNT HACKS

• Train your staff on social media and cybersecurity best practices including advanced privacy and permission settings for social media accounts.
• Ensure your employees can identify and steer clear of phishing and social media frauds.
• Help your employees understand the importance of practicing good password hygiene across all their online accounts—both work and personal.
• Ensure they realize that their Facebook or LinkedIn account is not ‘just another online socializing platform’, but an actual gold mine of information and only those who they really trust should be able to access them.
• Share regular Day Zero Alerts and relevant news articles with your staff that keeps them updated on the latest modus operandi and happenings related to cybercrime.

GET HELP IF YOU NEED IT

Many Managed Service Providers like Help Desk Cavalry provide end user cybersecurity testing and training. Beyond that, they can also make sure your company is notified when large incidents happen that have wide-reaching impact. If you’re curious how both your company and your employees can remain safe with so many possible access points, contact us. We’re always ready to talk cybersafety.