Security tips for social media sites

Even those of us who know about these things need to remind ourselves to be vigilant when engaging in social networking. The potential traps are numerous, to say the least – but follow this advice, and you’ll not go far wrong.

Ignore embedded links in emails from social networking services. Too many of them are fake. Instead, go to the service in your browser or other trusted client using a bookmark or by typing in the URL.

Review your list of social networking applications (here in Facebook) to make sure they are ones you authorised, and to remove the ones you do not use. We security people say that these increase your “attack surface.”

Be careful not to divulge other people's confidential information online. For example, some parents don't like their kids' names online.

Be especially wary of job postings on social networking sites unless you can get confirm that you are dealing directly with an official representative. Watch out for "work at home" scams.

If a friend asks for money via a social networking message or chat make sure you are dealing with them and not some thief who has gained control of your friend's account. This is called the "stuck in London" scam and I've had it tried on me before.

It's probably impossible to avoid URL shortening services like bit.ly and Goo.gl, but be alert when you click one of these links, as they are often used to hide the source of an attack. If in any sort of doubt, don’t click the link. And if you do click and you don't like what you see – for instance if you see disturbing images or videos – close the browser window immediately without clicking on anything in the window, as this can lead to click-jacking.

Don't download tools, codecs, or other software when prompted to on a social networking site. These are very often malware links.

Don't use public social networking sites to discuss confidential company information. You just can't be sure of who you're dealing with or if some other person has access to the data.

Assume that even private messages sent on public social networking sites may one day become public, either through error or some hack. Ask yourself if you really need to say something.

Be conscious of your company's policies and interests when using social networking sites. If you see some abuse of your company's data or computer systems, let your IT people know.

For a comprehensive list of social media articles on ITProportal check out our article social media - the conundrum. At the bottom this article are links to many other guides and features on how to protect your social media offering and how to use social media effectively in business.