Here are seven ways for defenders to raise social engineering awareness and cyber risks this year
Social media threats in corporate settings are evolving at a blistering pace, along with perpetrators’ social engineering skills.
Threat actors’ techniques are reaching such a high level that even the tech-savvy administrator of a corporate network may not be able to tell the difference between a scam and the truth.
Here are some tips to help administrators to mitigate such cyber risks in 2023.
-
Delete old irrelevant information in direct messages and draft folders
People often use corporate social media channels to write directly to brands, asking for help, using the account holder’s product or service. Also, some partnerships, such as those with bloggers, can be negotiated in direct messages. The personal or financial information that is shared in these conversations could remain in the messages folder long after the interaction. In the event of a breach cybercriminals can harvest such information.To avoid this risk, delete irrelevant messages when the dialog has ended, and the information it contains is no longer relevant. The same applies to posts: regularly review what is saved in the drafts folder from time to time.
-
Review old posts to minimize reputational risks
Every word, action, and decision posted in social media can either help or harm the company’s image. When sensitive information (re)appears in public, it almost always ends up hurting a firm’s reputation and could incur financial lossesTo be on the safe side, spend some time reviewing already-published posts and check for old information that does not fit into the current reality — anything from inappropriate jokes to controversial advertising campaigns.
What was normal yesterday, can cause a negative public reaction today. A review of publications made over the past few years can help reduce related reputational risks.
-
Be careful posting your success stories
Having signed a lucrative contract or reached a deal, we want to post it on social media to tell as many people as possible about our success. But we really need to be aware of unwanted cybercriminals’ attention. If a potential attacker knows who your suppliers or contractors are, they could try to conduct an attack impersonating them or breaching their accounts and acting on their behalf.Moreover, the clearer you reflect your organization’s structure and working methods on social media, the easier it is for perpetrators to organize a BEC or other type of attack.
-
Warn newcomers
After getting a new job, newcomers usually share the news on social, but they may not yet understand how cybersecurity processes are built in the organizations, such as how identification works or with whom they can share sensitive information. Therefore, newcomers are more vulnerable to social engineering attacks.Cybercriminals may impersonate the firm’s IT administrator to write to a new employee to divulge a password on the pretext of some technical requirement. It is highly likely that newcomers will share the password because they do not know that the administrators would never make such requests. Moreover, new employees may hesitate to ask their colleagues if the letter is authentic. A tiny little post on social media may just turn the employee into an entry point for cybercriminals.
To mitigate the risk, offer newcomers a course on information security immediately.
-
Control account access and weed defunct profiles
Logins, passwords, and access to the email address are used to create a social media account are just as valuable as other internal corporate documents. When an employee with access to accounts and authentication data leaves the company, it is useful to apply the same rules as when blocking their access to the corporate network.To begin with, change the password for the e-mail account linked to the corporate social network; then unlink the ex-employee’s mobile phone number and check other authentication methods; for example, a spare mailbox.
-
Secure social network accounts with multi-factor authentication
Multi-factor authentication is an absolutely necessary setting for any type of account.The email address linked to the corporate social media account should be as protected as the social media account itself.Often the attack begins with an initial access to e-mail. After breaching an account, an attacker can configure filters in the mailbox settings to delete all support emails from the social network. Users will not be able to restore access to their account, because all emails will be deleted automatically. Not to mention that in a stressful situation we will not be checking which filters are currently configured in our mailbox.
Also, it is best to register a social media account using a corporate e-mail address. To begin with, it is better protected (assuming the firm cares about cybersecurity). Furthermore, in-house security specialists can block access to this mailbox along with all access to the corporate network.
-
Train staff on phishing threats
Even tech savvy Gen Z staff succumb to sophisticated social engineering techniques. The human factor cannot be reduced to zero, but it can be minimized with the help of continual dedicated training.