The recent hacking of millions of LinkedIn users’ passwords has brought new attention to the risks of social networking. “Small businesses experience fraud 50 percent more often than individuals, and the total resolution time of identity theft can take up to 33 hours, according to Javelin Strategy & Research,” says Susan Haider, executive director at Deluxe Corporation. In today’s guest post, Haider explains how small businesses can protect themselves from social networking security breaches.
Small businesses need effective, low-cost marketing strategies – and tools like Facebook and Twitter deliver mega hits for micro budgets. These and other social networking tools can exponentially multiply the touch points of traditional mediums, offering targeted, low-cost engagement with thousands of prospects and customers.
But while many small business owners are being advised to join social media, not all businesses are informed of the risks. Social network sites are fertile waters for Internet pirates who troll for unsuspecting victims, hoping to steal data by planting malware in the form of computer viruses, worms, Trojan horses and spyware.
Security can also be breached through unsecured devices, leaks by employees and a variety of malicious software attacks.
Security attacks can include social media phishing, which can appear in various forms — from fake emails that include a friend request to unsafe links or videos that trick viewers into providing their personal information. According to Barracuda Labs, 54.3 percent of social network users have experienced phishing on social networking sites.
“On the surface, social networking has many advantages for small businesses, but if left unchecked, it can be dangerous,” said John Sileo, chief executive officer of The Sileo Group, which advises clients about how to proactively protect their proprietary assets. “Smart businesses apply discretion and wisdom to their social strategies.”
For a small business owner, the following tips can help keep your business’s data secure and keep you from falling victim to a social media scam:
- Share carefully. Clearly identify what kind of business information should be shared on social networks. Don’t post confidential personal or business information, such as financial information, passwords, or anything else you would not want shared. Once content is posted, we often don’t realize how far it can travel. Before you post content, consider how sensitive the information is in case it is abused.
- Guide employees. At the heart of most security failures is poor judgment, often due to a lack of awareness. Help to educate employees upfront by developing simple guidelines or a social media policy on the potential risks and ways to participate safely. Include personal and professional best practices, and teach your people how to avoid scams. Be sure to keep employees updated on new terminology too, such as “social networking spam,” which targets users of social networking sites like Facebook, Twitter, LinkedIn and Pinterest. And remind employees to limit their personal comments to their own personal pages (e.g., Facebook). Cyber slams and ranting might feel good to a disgruntled employee, but they can have devastating effects on your business and long-term reputation.
- Beware new twists. Thirty percent of all viruses that infect computers originate from spam, targeting users with seemingly legitimate posts, such as “I just checked how many people have viewed my profile.” But beware: Many legitimate-looking posts are indeed scams. Cyber thieves target easy victims first: individuals and organizations that haven’t adequately protected their computers, networks, mobile devices, Wi-Fi and Internet connections. Another scam technique used by hackers is “likejacking” or “clickjacking”: When users follow directions to click on a link, they can be unknowingly directed to a site that steals their Facebook account – and the spread of spam continues to all their friends and contacts. Avoid all links that appear suspicious.
- Don’t automatically click on URL links. Use caution when clicking a link to another page. If an offer in a social post sounds too good to be true –“Click here to win an iPad” – do not click! If you click and aren’t taken immediately to the site you expected, don’t click a second time. Back out of the site before cyber thieves have the chance to download malware to your system.
- Stay current with cyber security. Keeping your computer security updated is the smartest way to elevate your defenses against cybercrime. Deluxe Security Solutions is offers current protection products and services such as McAfee AntiVirus Plus 2012 that defends against online viruses, malware and spyware. Deluxe also recommends that small businesses subscribe to a fraud and identity protection service such as EZShield Business Identity Restoration. When set up in advance, this service offers a fully-managed identity process with certified resolution specialists to assist business owners.
- Protect your passwords and privacy. Using the same password on every site can easily expose your business to account takeover. Don’t use the same password for every social networking site. If that password is hacked or leaked, hackers can access your other site information. Instead, use different, strong alphanumeric (both letters and numbers) passwords for each of your social media accounts and keep them regularly updated. It is also wise to use password protection on any device that has personal or company data on it in the event of a security breach, loss or theft. Be sure to check your privacy settings to ensure they are not left open to the public as you may be unaware you are sharing private information.
Small businesses that take the time to understand the dangers – and implement protections – will find that social media can be a customer magnet, building brand exposure, and creating engagement with potential customers. A little education — and implementing these tips — will help business owners avoid fraud and the latest scam du jour.
Deluxe, a company that helps small businesses find more customers, partnered with Sileo to develop the white paper, “The 7 Security Secrets of Social Networking.” To learn more about how you can protect your company, download your copy of the white paper at www.deluxe.com/highsecurity.
Susan Haider is Executive Director, Security Solutions for Deluxe Corporation. Haider manages a range of products that protect small businesses from fraud or identity theft, such as McAfee and EZShield. Haider was previously at 3M for 18 years, and has an MBA from Case Western Reserve University in Cleveland, Ohio.