Skip to main content

Your employee’ social media account was hacked How does it affect you?

Your employee’ social media account was hacked. How does it affect you?

Did you know that social media accounts are one of the favorite targets for cybercriminals? You may think cybercriminals would prefer to hack online banking accounts or shopping accounts, but that doesn’t seem to be the case. Here’s why. Social media accounts hold A LOT of personal information including name, email ID, date of birth, place of birth, place of work (your business!) high school attended, names of family, friends and pets, anniversaries, and more...which means, they are basically gold mines of Personally Identifiable Data (PII). Plus, if you play games and have your credit card details saved, there’s more information and better the chances for the cybercriminal to commit fraud. All of this data can then be used to hack into other accounts of the user, including financials. So, hacking into someone’s social media account can help cybercriminals gain entry into other, more ‘useful’ and secure accounts.

But, how does it matter to you, as a business? If your employee’s personal social media account is hacked, it shouldn’t affect you, as a company, right? Wrong...here’s how it can affect you.
  • If the employee whose social media account is hacked is the administrator of your company’s official social media handles, you are in big trouble as hackers will gain access to your company account and consequently to customer information, because you may be having clients who follow your business account on social media. The whole situation can result in a lot of damage to your business and brand reputation and also result in penalties and possible lawsuits.
  • Even if your employee doesn’t handle your company’s social handles, the hackers may have enough of their PII to try and pry open a small entryway into your IT network.
You can avoid such mishaps by
  • Training your staff on social media and cybersecurity best practices including advanced privacy and permission settings for social media accounts
  • Ensuring your employees are able to identify and steer clear of phishing and social media frauds
  • Helping your employees understand the importance of practicing good password hygiene across all their online accounts--social, work or personal.
  • Ensuring they realize that their Facebook or LinkedIn account is not ‘just another online socializing platform’, but an actual gold mine of information and only those who they really trust should be able to access them.
  • Sharing regular Day Zero Alerts and relevant news articles with your staff that keeps them updated on the latest modus operandi and happenings related to cybercrime
Your managed IT services provider will be able to help you in organizing and conducting these kinds of training and awareness sessions at regular intervals for your staff.

Comments

Popular posts from this blog

Keylogger 101

Keylogger 101 We have all heard of hacking, virus, ransomwares, etc. as they keep coming up in the news every now and then. But, have you heard of keyloggers? In this blog post, we discuss keyloggers and how they can be used to gain unauthorized access to your system, online accounts, network and data. As the name suggests, a keylogger logs keys--it captures the keystrokes you make. In fact, use of keyloggers is not illegal. Keyloggers are perfectly legal and are often used by companies to keep tabs on their employees' IT activities during work and closer home, parents use keyloggers to monitor their children’s computer activities for safety and security purposes. But, as with all tools, even keyloggers can be misused and cause a lot of damage if leveraged by a cybercriminal. By logging keystrokes, the keylogger captures passwords and other confidential information. Imagine someone having access to all your usernames and passwords. Your bank accounts, your shopping accounts, your o

How the Coronavirus crisis is the gateway to the other kind of virus

How the Coronavirus crisis is the gateway to the other kind of virus To say the COVID-19 pandemic gave the whole world a tough time would be an understatement. Economies collapsed, joblessness rose, people lost their loved ones and livelihoods to the disease. Adding to this situation was the need for social distancing and self-isolation which took a toll on mental health of millions across the world. 10 months into the pandemic or perhaps even before, people started growing tired of it and just when it seemed like humankind will give up collectively, there was a light at the end of the tunnel--Vaccines. While the news of the first vaccine being approved and then administered in December 2020, was a huge victory for humankind and rightly welcomed with claps and cheers, cybercriminals were cheering too. For cybercriminals, this was a great opportunity to exploit the eager, mentally fatigued and vulnerable populace. Emails were sent with phishing links disguised as genuine which urged the

How to manage cookies effectively so they are not a threat to your data

How to manage cookies effectively so they are not a threat to your data Avoid third-party cookies: Third-party cookies are primarily used for online advertising and retargeting, so you won’t miss anything significant by avoiding these cookies. So, whenever you see a cookie alert on any site, first, check if it is for third-party cookies and if yes, it’s best to ‘Not accept cookies’. As a business, don’t allow third-party cookies on your site. Secure sites: Make sure the sites you visit are secure (HTTPS) and have a valid SSL(Secure Socket Layer) certificate. The SSL certificate ensures that any data that’s exchanged is encrypted, meaning even if the hackers get access to the cookies, the information will be garbled eliminating any data leakage. As a business, make sure your site is secure and has a valid SSL certificate. Anti-malware software and security patches: Install antimalware software programs on your computers and make sure they are up-to-date. Install security plug-ins and