How Secure is Social Media Really?

It is highly unlikely that anyone in the world is actively managing, or at least worrying about, their social media security minute by minute. If you’re like most people, you use the same password for all accounts. When you make a new account you probably slap the same password on it without a second thought.

We’re here to tell you that “Password123” just doesn’t cut it anymore.

Some of you are thinking, “Only idiots would use that password. No one can guess mine.” Well, some of the 50 most common passwords include birthdays, names, pet names, profanity, and simple number combinations. Furthermore, only 18% of Americans regularly change their social media password. Just one frequently used password could allow access to hundreds of people’s personal information.

Are you rethinking your password yet?

Threats to Online Security

You may have heard how the Russians used Facebook ads to influence the 2016 U.S. presidential election. Russians posed as Americans or seemingly legit groups to target people in key states. Negative messaging spread like wildfire, rendering voters taut. Sensitive topics, like racial equality and immigration, were publicly put on the chopping block.

Bots are also becoming a problem with their guerilla tactics. Social media bots pose as humans and can perform helpful tasks, such as collecting and sharing useful information. However, pernicious bots can permeate social groups, eventually swaying public opinion. The percentage of bot users on social media is increasing rapidly, possibly paving the way persuasion en masse. What’s more is that bots are becoming so sophisticated that distinguishing them from humans can pose a challenge.

Also Read: Tech Hacks: How to Stay Invisible Online
There are thousands of hackers globally. These people have the technical skill to break into companies’ secure digital data to obtain critical consumer information -- this is a cyberattack. They can also develop malicious software, coined “malware”, that can take control of devices. This is why you never want to click on links from questionable emails.

Important Facts

Facebook has over 600,000 hack attempts every day. However, that number is miniscule compared to the NSA’s (National Security Administration) 300 million attempted data breaches every 24 hours. How can business giants protect their millions or billions of users’ private information with this constant hacking bombardment?

Unfortunately, users don’t make it any easier. Even if you’re not very active on social media, simply having an account can provide social media platforms a nice bundle of information, including your name, mailing address, email, birthday, and phone number. For perpetual perusers and posters, 20 or more aspects of personal information are entrusted to social media platforms, such as signal strength, location, address book, photos, and even credit card information.

Some of the Biggest Data Breaches

In 2013, Yahoo suffered a cyberattack that compromised all 3 billion user accounts.

Two years ago an adult content network was breached, releasing two decades of data from six different databases.

The attack on eBay in 2014 might have been the result of an inside job as hackers accessed the company’s data using employee credentials. All of eBay’s 145 million users’ personal information was exposed.

Equifax was hacked in 2017, affecting nearly 150 million people. What’s worse is that 143 million social security numbers were compromised and about 209,000 credit cards were compromised.

What Social Media Platforms Are Doing About It

Fortunately, the largest social media platforms have security blogs to help combat and prevent security breaches. They will post details about security advancements and ways to fight fraud. Public statements regarding hacks are also issued when necessary.

To figure out how these platforms are guarding vital personal information, Varonis broke down security initiatives and features of major social platforms. Scroll to the infographic for insights on Facebook, Twitter, and LinkedIn security measures.

Facebook

Tor Onion Site Option: Access Facebook through thousands of layers to impede traceability.

Secure Email with OpenPGP: Emails sent from Facebook are encrypted.

CT Log Monitoring: Scans certificate transparency logs for new certificates.

VPN Protection with Onavo: Use Facebook through a virtual private network, maintaining location privacy.

Twitter

CSP to Prevent XSS Attacks Through JavaScript: Inhibits browsers from reading malicious JavaScript.

DMARC: Domain-based message authentication that monitors spam emails that appear to be from Twitter.

START TLS: Secure your connection with Secure Sockets Layer or Transport Layer Security.

Removal of bots: Works to find and terminate insidious bots.

LinkedIn

Three Level Security: Puts data into different levels based on confidentiality.

Cluster Analysis: Compares names in groups to find and remove fake names.

Sometime & Burp Suite Extensions: Tests web applications to find and protect vulnerabilities.

Blocking DNS Rebinding with Jaqen: Blocks attackers from taking control of your router.

Facebook, Twitter, and LinkedIn

Bug Bounty Program: Compensate researchers who report perilous bugs.

Two-step verification: Requires users to confirm identity, usually in the form of receiving a code via SMS or email.

HTTPS: The secure version of HTTP.

Takeaway

As you can see, businesses are incorporating more and more cybersecurity measures. It is vital to maintain the integrity of the company’s and user’s personal information.

However, as the Internet of things continues to grow, security measures will have to increase in number, speed, and complexity. The number of connected devices and people at risk rises at an exponential rate. This means that the number of attempted data hacks is unlikely to decrease any time soon.

We suggest you check out the infographic below, created by Varonis, for more information, and consider changing your password every once in a while.

Social Media Security: How Safe is Your Information?
Previous Post Next Post