Cyber Security
Sappi

For billions of us, social media is a big part of our lives.

Online platforms can connect us with old friends and new friends.

They can help us to express ourselves, to share our news, to learn about the world and to have a lot of fun.

However, social media is NOT risk-free. And it can be the opposite of fun. There are lots of crooks and cranks and bad bots cruising the internet ocean, ready and willing to ruin your day – or worse.

Some of them want to steal your identity, your data and your money. Some of them want to tell you lies about your world or your country. Some of them want to threaten or blackmail you. These people and the bots they build can and do invent fake identities, publish fake websites, build fake friendships and spread fake news.

The good news is we can stop them – by following some important rules of the online road.

So here’s how to KEEP IT REAL …

Stop identity theft

The best way to protect yourself on social media sites is to ensure that nobody can steal your identity (in other words, pretend to be you). ID theft is done either by hacking into your real social-media profile, or creating another profile that impersonates you – and then fooling other people you know into transferring money to the ID thief or granting the thief access to your private accounts.

But you can stop this from happening – by taking these steps:

  • Strengthen your privacy settings: each social-media platform will have various options to hide your information from strangers.
  • Ensure that your password is strong (hard to guess) and ensure that your login process is secure. Many sites have the option of sending you an OTP – a one-time password – to your phone whenever you attempt to log in using a new device. Unless your phone has been stolen, this OTP proves that you are the real you, and prevents anyone else from hacking your account.
  • Don’t accept friend invitations from unfamiliar people who are unconnected to your own friend network. Most sites allow direct messaging to happen between users who follow or have “friended” each other, so it’s best to only “friend” people you either know, or know about.
  • Never participate in social-media quizzes that ask you to enter personal information.
  • Never share your password and login details with anyone.
  • Beware of downloading any free and unfamiliar apps (even those shared by friends) or clicking links to unfamiliar websites.
  • Never click on any email links asking you to update a social-media profile.
  • If you have stopped using a social-media profile, then delete it. If you never use a profile, it can be hacked and/or copied more easily.
  • Use up-to-date security software that can detect and block malicious software – or “malware” from being downloaded onto your device.

Stop phishing attacks

Phishing attacks often happen via email – but they can also happen on social media sites, via direct message. Often a friend or family member of yours has been hacked or impersonated by an identity thief, who then contacts you with a fake appeal for help. Sometimes they ask for a money transfer  to deal with some sort of crisis, or for a password to access a private account. If you are not in regular contact with the person the phisher is claiming to be, it can be hard to tell that you’re being tricked. And if you’re a caring person, you can be tempted to help before thinking clearly.

These are the two red flags to look out for: 

Weird words:
It’s very hard to write a message exactly as a stranger would, so it’s very likely a scammer’s language simply won’t ring true. They won’t use the right tone or expressions, for example.

Dodgy deposits:
Phishers will probably ask you to send money untraceably – for example with an international money transfer service like Western Union, or by buying them a gift card. (But even if you are asked to make a normal bank deposit, it could still be a phishing scam.)

If you receive this kind of approach, you should immediately contact your friend or relative via another channel – ideally a phone call – to find out whether the story is true. Do this even if you’re not fooled – because if they’ve been hacked, they need to know about it.

Stop bullies

Social media has become an aggressive space. Many people get a twisted thrill out of being rude or abusive to others, even to people they know. There are also a lot of “bots” or fake profiles created by online propagandists, which are programmed to seek out opposing political viewpoints expressed on social media and attack them with aggressive comments.

These are your tools against social-media bullying:

  • The first and easiest way to protect yourself is to make your social-media account private or “friends-only”.
  • If a friend turns out to be a bully, unfriend and block the friend.
  • Don’t post any personal information about yourself — such as your address or phone number.
  • If you are feeling overwhelmed, deactivate your account and go offline for a while.
  • Take screenshots of harassment or bullying – be they texts, emails, comments or messages. Then you can safely block the attacker and delete the messages, having saved evidence you might need later.
  • Don’t blame yourself: bullies are often damaged people, who are trying to transfer their pain onto you. You did not bring this onto yourself.
  • Don’t respond to aggressive messages: this can only provoke them. Many bullies thrive on responses to their attacks.
  • If you have stopped using a social-media profile, then delete it. If you never use a profile, it can be hacked and/or copied more easily.

Stop misinfo

Many social media companies have tried to stop the spread of fake news on their platforms – but there is still a lot of it out there. Some of this misinformation is created simply to make money from clicks and advertising, and some is created to sow political division and hatred. Some fake news publishers aim to do both. 

These are the questions to ask yourself when deciding whether a message or article is misinformation:

  • Is the publisher a credible news site? Have you heard of it before? If not, it could specialise in misinformation.
  • Does the report make you worried or angry? Many fake news articles are designed to stir up strong feelings.
  • Does it seem too crazy to be true? If so, it likely isn’t true.
  • If you search for the report on a fact-checking website like Snopes.com, is it marked as true or marked as false by the fact-checkers?
  • Are the spelling, grammar and factual details questionable? If so, the whole story is probably not true.

You may not like or agree with the people or the government that the news report is attacking. But that doesn’t mean it is true. The world is a complicated place, and many people on both sides of any debate are liable to exaggerate or tell lies.

If something seems unreal, that’s not a good enough reason to share it. Don’t share anything if you’re not sure about its accuracy and credibility.

If something seems like fake news to you, report it immediately to the social-media platform, so it can check its claims and remove it if need be.

Cyber Security is a team sport
Sappi