A crash course on social media and online safety

There are a few simple things you can do to protect yourself, your family and your children online. It’s always better to be safe than sorry!

Chances are, you have a Facebook account. Your parents probably do too. Perhaps your pet has its own Instagram account. Or you are a part of an extended family WhatsApp group where some distant uncle sends you unverified news articles and forwards strange videos. We’ve all been there. Today, over 4.5 billion people use social media in some format. According to Global Digital Data Statistics as of July ’21, that’s 57% of the global population!

Unfortunately, with so many people using the internet and social media platforms, there are also many ways that hackers and thieves use the vulnerability of people online to hack accounts, steal money and sell personal information.

Are you being safe enough online?

A common misconception about online safety usually goes something along the lines of, “I have a private profile anyway, nobody wants to hack me!” or “I only accept my friends on my profile, nothing bad can happen.” However, these factors are exactly what makes you the target of cyber-attacks. 

I get multiple messages a week from people on social media, asking me to help them get their accounts back after a hack! As much as I would like to help, I often can’t, as it is a fact that social media platforms still severely lack the proper systems to retrieve hacked accounts, especially with the modern, and high-tech hackers that operate online these days. They also get thousands of support requests a day, which means it could take months for you to get your account back.

If you are the target of a hack, usually the hacker will make your account inaccessible, and ask you to send them money in order to get it back! They will also threaten to sell your personal information online.

In order to avoid these situations, and keep yourself completely protected online, here are a few tips to make sure your accounts and personal information are safe.

1. As obvious as it may seem, it is essential that you choose a strong password. This is something that is parroted to us from the day we make our first online account. We often roll our eyes when websites tell us that we need “a capital letter, a symbol, and a number” to have a strong password. However, every varying letter/symbol you use in your password adds an extra layer of protection, as those are harder for hackers to guess, even if they have managed to get access to personal information of yours that you have used in a password, such as your mothers or pets name. You’d be surprised at how many people still have the password “123456” or “password123”. Make sure that you check with your elderly parents on social media about their passwords as well, as it is often their age group that is targeted because of their low digital literacy.
   
    
2. Another obvious one, use a different password for all your accounts. At the very least, have a different password for important things like email accounts and banking accounts and social media accounts. If someone is able to access your social media accounts, and you have the same password for your online banking, or business emails, that means you are putting yourself more at risk.
   
    
3. Turn on ‘2-Factor Authentication’ (2FA). This is a feature that many people don’t know about, but it is perhaps one of the most important features when protecting yourself online. 2-Factor Authentication adds a layer of security to your account. For example, if you are logging in from a new device, or you are the target of a cyber-attack, 2FA means you will get an extra code sent as an SMS or in an email, to allow the app to identify if it’s really you who is logging in. If a hacker manages to guess your password, but you have 2FA on, they will not be able to access your account, and you will get an email telling you there was an attempted breach, which will give you enough time to change your password. Often, when your social media accounts are hacked, the hackers will also change the email address associated with your account so that you can’t get your account back with 2FA, so make sure this is turned on early. You can turn this on for your social media and email accounts by going to Settings > Security and then following the instructions.
   
    
4. Make sure your phone is protected by a password as well. Since all your social media apps and others are usually always logged in on your devices, if your device is lost or stolen, anyone will be able to access your accounts if your device is not password protected.
   
    
5. Click links with caution! Be very, very careful about what sort of links you open, even if they are sent to you from a friend. This could be through WhatsApp, Messenger or emails. Even if you receive a link from a friend, it could be possible that they have already been hacked, and that the attackers are sending the same malicious links to further contacts, in order to hack more accounts. Malicious links will always look very innocent, but clicking on these links and entering personal information, you are giving scammers access to your accounts. Sometimes, these links will even look like authentic log in pages but will not belong to the official social media apps. By entering your username and password here, scammers will immediately have your information. Always check the URL of the websites you are visiting. It should ALWAYS say ‘Facebook.com’ or ‘Instagram.com’ or ‘Gmail.com’. Something like ‘FacebookSecurity.Com’ or ‘InstagramHelp.com’ IS NOT an official website. If it was really from these platforms, the URL will look like this: “Facebook.com/security” or ‘Instagram.com/help”. Further, none of these platforms will ever send you a message to your inbox, telling you that you need to change your password immediately, or that you have infringed copyright. The social media platforms you use will ALWAYS contact you per email. Even then, make sure you always check which email address the mail comes from. “[email protected]’ is not official. The official email address will be [email protected]. 
   
    
6. Don’t play games on Facebook that have names like, ‘What will I look like in 10 years?’ or ‘What fruit am I?’ or something along these lines. While these seem fun, and are especially popular with the older generations on Facebook, they are usually a data collecting scam, which includes saving your personal information to databases, and selling these to third parties. Be very careful what sort of applications you give your information to through Facebook. If there is a pop-up on Facebook saying ‘X app is requesting your information,’ it is always better to double check, or avoid it completely.
   
    
7. Be careful when sharing personal information online. Sensitive information like home addresses, phone numbers, or even the name of your bank, do not need to be shared on social media platforms. If you are posting pictures of where you had lunch or any outing, make sure you post the pictures after you have left the said location. Recounting a personal experience, I once posted a picture of the hotel I was at, while I was at the pool. Twenty minutes later, I had a random man send me a message, because he guessed what hotel I was at by what the pool looked like and asked me if he could come by! Since then, I have always posted pictures online after I have left the location. Be especially careful with posting pictures of children and minors online. There are scary people out there, even on your friends list. It is not unheard of, that innocent pictures of children get saved, and are then sent around in paedophilic WhatsApp groups or websites.
   
    
8. Know what actions to take! If someone is bothering you online, report their profile and block them completely. A new feature on social media is the “block this person and other accounts they may make” feature, which means that if someone harassing you makes a new account, they won’t be able to message you from the new account either. Be wary of strangers’ friend requests and messages in your inbox. Children and adolescents are commonly targeted online, so make sure you are checking your children’s messages often. If someone is harassing, threatening you or blackmailing you and you feel unsafe, report it to the Police and the Cybercrimes Division as soon as possible.

The above are just a few simple things you can do to protect yourself, your family and your children online. It’s always better to be safe than sorry! Anyone can be a target online, regardless of how private their pages are, or how small their friends lists are. Be vigilant, be safe!

(Christine Abayasekara is a social media consultant and cyber security policy specialist. A graduate of Elizabeth Moir School in Colombo, she now has two Masters, one in International Development Management, and one in Cyber Security. You can find her on social media under the handle @rebelkids or you can contact her on [email protected] with any questions.)