Cyber resilience tips to follow this World Social Media Day



This week marks World Social Media Day (30 June) which recognises social media’s impact on global communication and to bring the world together to celebrate it.


According to UK Finance, the prevalence of scams beginning on social media increased significantly in 2021, with social media becoming the most profitable way for scammers to operate. And with so many now using social media - there are 53 million active users in the UK today, this provides cybercriminals with unlimited opportunities to exploit victims through the likes of Instagram, Twitter and Facebook.


Take one Cardiff-based freelance photographer who found himself under threat from a hacker when his Instagram account was taken over – as reported by ITV. This had damaging consequences with the cybercriminal changing his email address and phone number, so he is unable to access it.


This has also led to the perpetrator contacting high profile actors who the photographer had previously worked with and sending messages to his friends who were completely unaware it wasn’t him, causing serious damage to the photographer’s reputation and character.


While social media is a great tool for Welsh businesses and organisations to connect with customers and wider audiences, it’s also a breeding ground for cybercriminals. It presents a vast number of opportunities for them to leverage publicly available information found on social accounts and using this to go as far as finding vulnerabilities in a company’s system, gaining illegal access to sensitive information - as demonstrated here.


So how can you, as a business protect, yourself from such cyber risks?

One way to quickly boost the safety of your online social media accounts is to enable two-factor authentication, aka 2FA.


But what is 2FA?

In simple terms, 2FA gives you an extra layer of security to your social media accounts by adding two layers of logins.

It’s becoming increasingly easier for cybercriminals to crack passwords so 2FA is more important than ever. It might seem like a hassle to add an extra step in accessing your online data, but without it you could be leaving yourself really vulnerable to cybercriminals who want to steal your personal information.

This easy process works as follows:

  1. You enter your username and password.

  2. The account, platform, or site prompts you to input another form of verification, such as texting a code to their mobile phone.

  3. You then enter the verification code to gain access to your account.

SIMPLE!


To help you set up two-factor authentication we have also collated these useful links for the following social media platforms:


Facebook

How to require two-factor authentication for people in your Business Manager | Meta Business Help Centre (facebook.com)

Instagram

How do I turn two-factor authentication on Instagram for multiple devices on or off? | Instagram Help Centre

Twitter

How to use two-factor authentication (2FA) on Twitter

WhatsApp

WhatsApp Help Center - How to manage two-step verification settings

LinkedIn

Turn Two-Step Verification On and Off | LinkedIn Help

Snapchat

Set Up Two-Factor Authentication (snapchat.com)


The National Cyber Security Centre also provides the following guidance for setting up two-factor authentication for email accounts:

Turn on 2-step verification (2SV) - NCSC.GOV.UK


The Cyber Resilience Centre for Wales is there to support sole traders, micro-businesses and SMEs across the region. We offer free membership which will inform you of the current threats and simple steps to take to reduce your vulnerability to an attack. By becoming a member, you will have the opportunity to speak to one of the team about your own cyber security and concerns.



The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.