Social media is now a part of everyday life. It’s impossible to avoid it these days. However, whilst posting about work successes or life events seems innocuous enough, this information can be used by hackers. In fact, social media data breaches accounted for 56% of total data breaches in the first half of 2018. This makes not only the individual vulnerable, but also the company. 

How can hackers exploit social media?

There are several ways that criminals use information shared on social media. For example, for social engineering. By knowing more about the target – such as their birthday, how many kids they have, where they’ve just been on holiday – a hacker can use this information to try and build trust with them, either by pretending to be someone the person thinks they already know, or building a relationship on ‘common interests.’ Once trust has been built, the hacker can then more easily extract confidential information.

Criminals can also use this information to find vulnerabilities. If an employee is posting negatively about their work or is talking about having financial difficulties, for example, a social engineering expert could use this information to more easily convince that person to reveal sensitive information about their employer.

Employees can also unwittingly share sensitive information directly on social media. It’s not uncommon for people to take photos at the office to share on their social platforms. However, they don’t always think about what else is in the photo, for example important documents on a desk, or confidential information showing on a computer screen.

How to prevent employees being your biggest vulnerability

Obviously, you can’t prevent your employees from using social media. However, you can educate them on how hackers might be able to use information they’re sharing and encourage them to think carefully before posting. 

You can also consider introducing a social media policy to offer guidelines around how employees should use social media when it relates to work. 

Finally, it’s important to make sure all the software on work devices is regularly updated. And if you allow employees to download social media apps on work devices, they need to ensure the apps are also updated to include the latest security fixes.