The number of cyber attacks in the UK has increased significantly due to coronavirus restrictions and the move to a remote working environment. It is not just large companies that are being targeted by cybercriminals but also a range of small to mid-sized companies that are generally less equipped to recognise and prevent these types of attacks.
Nowadays, many businesses rely on social media platforms like Facebook to increase their brand awareness and gain more clients. Simultaneously, cybercriminals have started seeing a high potential in using this window to enter.
In the article below we are discussing the ways cybercriminals are abusing tools such as Facebook and how you can protect yourself from them.
1. What Makes Facebook the Perfect Tool for Cyber-Criminals?
When cybercriminals are selecting businesses to target for their cyber attack, Facebook is one of the first places they will look. Cybercriminals do not only target business pages, but they are also interested in the personal page of you and your employer.
Unless you have selected very secure privacy settings, cybercriminals are able to gain access to a large variety of important information about who works at your business and what job title they have. This provides them with a good idea of who to target within their cyber attack as it provides them with information on employees that may have access to sensitive information. In some cases, cybercriminals are even able to find your phone number and email address through social media platforms like Facebook.
2. How Are Cybercriminals Using Facebook to Achieve Their Goals?
If a cybercriminal was planning a cyber attack on your small business this is what their approach could look like:
– The cybercriminal will look up your most recent financial statements and determine whether you would make a good and beneficial target.
– If they think your business is worth their time, they will then look up your directors and officers. With the help of social media sources and your company website, cybercriminals can find out who has access to your business’ finances or data to target them individually.
– Once the cybercriminal has chosen their target, they can find out further personal details through platforms such as Facebook. With that in mind, the cybercriminal can create an email imitating to be someone trustworthy, such as a family friend, and trick the employee into opening malware in the disguise of a regular picture attachment.
3. How Can I Protect My Business Against These Types of Cyber Attacks?
Change Your Facebook Privacy
If you have not already, make changes to the privacy setting on your business Facebook page and personal page to prevent cybercriminals from collecting a large amount of private data that can be used for phishing scams. In order to do so, visit your privacy settings on Facebook and select the button “privacy check-up”. Within this section, you are, for example, able to select who can see your post, which data is shared with third parties, and which apps are connected to your account.
Train Your Staff
Many employees assume that a phishing email will be obvious and never think that they could fall for such a scam. What most do not know; however, many phishing emails are highly convincing and well-researched. For example, a hacker might find an email address of a business, employee, or even friend that you or your employees are likely to communicate with. By creating an email address that only differs by one letter or extra space, no one would realise unless they scrutinised every email that was sent to them. Due to that, it is important to educate your staff and train them to pick up on suspicious emails and activities.
If you are interested in finding out more cyber attacks and ways to protect your business or you are looking to take on an IT provider, contact us here. We currently offer a free IT consultation, so don’t forget to fill out our IT Workplace Assessment, so we can come back to you with our recommendations.