News Social Media Your Terrible Social Media Security Habits Could Ruin Everything Follow these simple rules and get your cyber security in order By Lance Ulanoff Editor-in-Chief, Lifewire.com Lance Ulanoff is Lifewire's EIC and a veteran technology journalist (formerly EIC of Mashable and PC Magazine). He's on TV a lot, too. our editorial process Facebook Twitter LinkedIn Lance Ulanoff Updated October 25, 2019 Illustration by Daniel Fishel. Lifewire /Daniel Fishel Social Media Phones Internet & Security Computers Smart & Connected Life Home Theater Software & Apps Social Media Streaming Gaming View More Tweet Share Email How is it possible after all these decades of virus, malware, and phishing attacks that we’re still having this discussion? Too many of you still don’t know how to properly protect yourselves online. You’ve literally had decades to learn and adjust. Viruses, malware, phishing, even ransomware became a part of our digital lexicon long before the age of the Internet and social media. Digital adults are already raising children—young cyber citizens—who know no other life, and yet few seem to understand or think they need to focus on cybersecurity, especially in social media, the digital arena where they spend the majority of their time. I get it. You all have better things to do and good reasons to not take what some nervous nellies might consider necessary precautions. You’re probably right. Why worry so much about cyber security? Do not use these passwords. Lifewire / Lance Ulanoff You have one password for everything. We all have better things to do than memorize dozens of different passwords. I know, right now you’re looking around like, “Is he talking to me?” Yes, I have it on good authority that some 60% of you reuse passwords. Don’t worry. Hackers will happily learn, memorize and use your password on all of your accounts. This is possible because most cyber criminals already have your emails thanks to years of massive data breaches and untold stolen emails. So, you go ahead and reuse that password over and over again. Somewhere, a cyber criminal is thanking you. Your data and social media aren’t really that important. Don’t worry. Cyber criminals value ALL of your data. Every bit is another piece of the puzzle, the puzzle of you and your identity. They even prize the most innocuous details like that photo of you holding up the key to your brand-new home. That high-resolution image could come in real handy when cybercriminals want to make a copy of that key. Being nice online is cool. Don’t worry. Hackers and cyber criminals appreciate your accommodation, especially when they send you emails, posts, and direct messages that request your help, or to help you, and politely ask for your personal information. Your courtesy makes their criminal enterprises possible. The digital landscape is a minefield detonated by your carelessness and disregard You’re too busy to be bothered with password managers and good social media security. Don’t worry. Hackers and cyber criminals have nothing but time. In fact, this is their job. Identity theft is big business for criminals. So, they have people working on it full time. The less time you spend worrying about it, the easier you make their jobs. Cyber security is too technical. Don’t worry. Hackers basically have ones and zeros running through their veins. They rely on you being overwhelmed and confused by the assumed complexities of managing your cyber security. Everyone overstates the problem. Don’t worry. Ransomware attacks are only predicted to cost companies and organizations $11.5 billion in 2019. Start Worrying The digital landscape is a minefield detonated by your carelessness and disregard. Assuming that cyber security is someone else’s problem or responsibility is the kerosene and match cyber criminals need to set your digital world on fire. As a first line of defense, let’s look at your social media. No, I’m not here to criticize your cat pics. I just think there are a handful of rules you can apply across most social media platforms that will get you more than 75 percent down the road to true cyber security. Never Assume Privacy This is something I tell people every single day. Social Media is a communal thing. It’s not called “private media“ for a reason. Anything you share, even with a small group of online friends, has the potential to get away from you and your control. Shut down your DMs True story, when Jennifer Aniston first joined and nearly blew up Instagram, I noticed that her DMs were still open. Of course, I sent her a totally innocuous message welcoming her to Instagram and asking if she might join Twitter next. She has yet to respond, but what I hope she did is shut down her DMs, the open door for personal data predators. This goes for Twitter, as well. These exciting direct-to-you messages are, unless from a trusted contact, poison pen letters, attractively packaged, skillfully written, and deadly to your personal identity. Yup, Facebook has 2-factor authentication. Lifewire / Lance Ulanoff Don't Believe Everything You Read Social media is full of weird scams and hucksters insisting that the only way to get to Valhalla is by copying and pasting this message. Train yourself to just say no because the more you fall for those nonsense pitches, the more susceptible you are to more dangerous scams that ask you to follow links and enter private details. Go Private Facebook has tons of tools to help you shut down access to much of your content and personal data. Instagram will let you make your account invite only. If you truly cherish personal information, you might want to steer clear of platforms that don’t offer a private option. Share LessNot everything is fodder for your social media feed. Remember, hackers probably already have your email address and name, and are just waiting for you to share more. They use bits and pieces of your digital debris to triangulate a fuller picture of you. Give them enough and they’ll have no trouble stealing your identity or generating a digital duplicate of you that they can use to create new accounts, open credit cards, and spend money in your name. So What Cyber security is a personal issue, but it’s also a business and national security issue. Every weak link in the security chain is an open invitation to attack companies. Ransomware comes not, at least initially, through malware, but polite emails arriving at your corporate email account requesting you update your business password. That mistake could bring down a business, a local government, or your school district. This is your problem. I do, however, have one piece of security advice and, if you learn nothing else from me, I hope you at least do this: turn on two-factor authentication on all your social media and, yes, your email accounts too. You will thank me later. Like this column? Get more like it delivered directly to your inbox.Sign-up for Untangled, a more sensible approach to technology.