6 Ways to Protect Yourself From Social Phishing - STG

6 Ways to Protect Yourself From Social Phishing

Hackers are getting creative these days. From ransomware to credential theft, phishing is the number one method of attack delivery. We are mostly aware of it coming through email, but other types of phishing are on the rise. Here’s 6 ways to protect yourself from social phishing attacks.


Let’s give a quick run down on what phishing is. It’s important to know so you can recognize all types on phishing threats.

Phishing by definition is the fraudulent technique of sending emails that appear to be coming from a company or person you would trust. The purpose is to get individuals to give up personal information, such as passwords and credit card data.

Now we have to worry about the idea of social media phishing.

Phishing that uses social media to mislead their victims only works because often people let their guard down while scrolling. They are socializing on sites like Facebook, Instagram, Twitter and LinkedIn, not looking for phishing scams.

Phishing scammers know this and are looking for moments they can get to you. They will try to contact you via friend requests and direct messaging. The way you can avoid these sorts of covert attacks is to learn how to keep your social media secure.

Make Your Social Media Profiles Private

Public social media profiles are a field day for phishing scammers. They acquire lots of personal information and pictures to use in sparking up conversation with you or to create a spoof profile of you to phish your connection.

Criminals do this to try and send social phishing scams to your own connections. They are hoping your friends and acquaintances will trust you trying to contact them. They are more likely to click on the scam if they think it comes from someone they know.

Making your profiles private to your connections only will lessen the risk of someone using your information against you. Only accounts that you allow to follow you will be able to see your posts and images, rather than the general public.

You may feel like you need to keep your profile public on platforms like LinkedIn, where many people network for business. So we have a few other tips you can follow in these cases to lessen your risk.

Keep Your Friends and Contact Lists Hidden

For social platforms you would like to keep public like LinkedIn and Facebook, you have the option to hide your connection lists. Hiding your friends and connections prevents social phishing scammers from using your socials media connections to commit crimes.

However, this will not prevent scammers from seeing you as a friend or connection if that persons profile is public. Only if  they also hide their connection lists.

Be Cautious of Links

Phishing attacks are typically sent via links, especially on social media. Social media links are visually shortened, making it impossible to tell where you’re going until you get there. This makes links sent through direct messaging or posts even more dangerous.

An example of this is when a scammer contacts you through LinkedIn to inquire about your business. They will converse with you for a while until they ultimately send you a link saying its their website. Unless you are sure this is a legitimate link, do not click links sent through direct messaging or in social posts. They might be misdirecting you to a phishing site that downloads malware onto your device without your knowledge.

Even if the link is sent by one of your connections, research where it’s coming from. People frequently share things on their own feeds because they find the meme or image funny, but they might not have checked the source.

Don’t Take Part in Social Media Surveys or Quizzes

We know it seems fun to figure out which Marvel Superhero or Disney Princess you are, but you should avoid social media quizzes. They’re frequently designed to acquire data on you. Data that could be used in targeting phishing or identity theft attempts.

The Cambridge Analytica scandal, which exposed millions of Facebook users’ personal information, occurred not long ago. The company was discovered to be collecting information on users without their agreement through surveys and quizzes.

While this was a high-profile example, they’re far from the only ones who play fast and loose with user data and utilize social media to acquire as much as possible.

It’s best to stay away from any sort of poll or quiz on any social networking site since once your personal information is out there, you can’t get it back.

Avoid Buying Directly From Ads on Facebook and Instagram

There are plenty of businesses that advertise on social media legally, but unfortunately, many scammers use these channels to commit credit card fraud and identity theft.

If you notice anything in a Facebook or Instagram ad that catches your eye, go to their website directly instead of clicking via the social media ad.

Could Your Company Be More Tech Savvy? –> We know what it looks like! Feel free to look it up before clicking, it goes to our websites blog.

Before You Accept a Friend Request, Do Some Research

Receiving a connection request on a social networking platform can be intriguing. It could be a new business connection or a reunion with a former classmate. However, phishing fraudsters will try to take advantage of you in this way as well. They’ll attempt to connect with you as a first step before reaching out to you directly via DM.

Take that extra step and research the individual trying to connect with you. If they only have pictures of themselves on their timeline and no posts, its a big red flag that you should deny that request.

Protect Your Devices

It’s critical to protect your devices using DNS filtering, managed antivirus, email filtering, and other features. If you accidentally click a phishing link, this will help lessen the blow.

Our IT professionals can help set these anti-phishing features up for you. Feel free to book a meeting with us today and learn more about what we can do for you.

Click here to schedule a free 15-minute meeting with Stan Kats, our Founder, and Chief Technologist. 

STG IT Consulting Group proudly provides IT Service in Greater Los Angeles and the surrounding areas for all of your IT needs.



Leave a Reply

Your email address will not be published. Required fields are marked *