Social media and data security
The events of recent days, regarding data security on social media, have shown that this aspect of using the Internet must be a priority for all its users.
The gigantic amount of data currently stored on servers is, on the one hand, motivation for hackers to gain access to this data and, on the other hand, challenge for controllers and social media portals to secure the data while maintaining high availability.
What is more, the security of users’ data also depends on their level of awareness of the risks associated with using the Internet.
Remember a few rules to follow to minimise the risks associated with using social media:
- use a strong password - you can use a password generator for this purpose;
- use a two-step login - first enter the login and password, and then confirm the login with an external token. The use of such a hardware key will effectively protect your account against hacking attacks (phishing, session hijacking or data extortion). In addition, the token will not work when trying to log in on a fake website;
- do not log in on unknown devices;
- use different passwords for different portals and systems, a password manager may be helpful;
- do not use an untrusted internet connection (e.g. public hotspots);
- limit the permissions in the application settings for logging in with your social network account.
What should you do if you suspect that your data may have been leaked?
- change your password as soon as possible, following the rules for creating a complex password;
- be particularly careful of phishing attacks. These attacks may increase following the leak of contact details (e.g. e-mail address). Do not use links included in the received e-mail, especially in unsolicited correspondence or e-mails from unknown persons, institutions or companies;
- be wary of social engineering attacks carried out during phone calls. A potential hacker may use data intercepted from a social networking site, and then, during a phone call with the victim of the attack, gain the data needed to authenticate the user, to directly obtain further information from the user's account while being logged in, including access to the user's systems or devices.