4 Best Practices to Prevent Social Media Phishing Attacks

Social media phishing attempts continue to increase at an alarming rate, putting your staff and your organization at risk. To protect your business, educate yourself and your employees about what to look for to avoid social media phishing attacks. Through education and diligence, you can prevent costly outcomes to avoidable attacks.

Identify and Avoid Illegitimate Customer Service Accounts

Fake customer service account communications are made to look so similar to the real thing that it can be difficult to tell them apart even side by side. Oftentimes, attackers will intercept tweets and other communications between a customer and their bank, for example, then respond to the customer in place of the bank, gaining account and other personal information.

Don’t Click Spammy Comments or Links in Popular Posts

Popular social media stories often garner much attention and a long string of comments. Scammers see the opportunity to access a large group of people and post a comment with links to credit card fraud and similar websites.

Never Follow Links to Live Streams

Just as attackers post links in comments that lead to risky sites, fraudsters often promise a live stream of a popular event through a link. The link leads to a site that requires personal information before the video will play, and the video usually doesn’t work after the phisher already has the user’s personal details. That said, watching Facebook live stream is considered safe.

Don’t Provide Personal Information to Receive Discounts, Complete Surveys, or Receive Free Gifts

Phishers know that many people can’t resist the idea of a discount or free gift and take advantage by having people fill out surveys or register without an actual discount or free gift in return. They get users’ information, and users get nothing in return (except to find their personal information has been stolen).

Ongoing Training Is Crucial

With the increasing success of phishing attacks, the best protection is education. Ongoing training and education of your staff about what to look for and how to maintain vigilance will give your organization a tremendous weapon in the fight against phishing attacks.