A Spotlight on Protecting Employees Who Are Active on Social Media

It is important to teach your employees to protect their online identities, as their online personas can introduce another attack vector that could put them and your organisation at risk.

While we are usually focused on protecting work identities, there are many ways we can keep these high-risk social media users safe and prevent attackers from finding a gap to infiltrate:

‍

Multi-factor authentication (MFA)

As part of your broader cyber security communication strategy, you should ensure your social media users have strong MFA authentication on all their social media accounts like LinkedIn, Facebook, TikTok, etc.

Take a look at these resources about MFA Authentication:

• About Two-Step Verification | TikTok For Business
• Login alerts and two-factor authentication | Facebook Help Centre
• Turn two-step verification on and off | LinkedIn Help
• Securing your Instagram account with two-factor authentication | Instagram Help Center

‍

Padlock accounts with stronger passwords

It may seem obvious at this point, but you’d be surprised how common weak passwords still are.

Ensure your public-facing users lock down all their accounts with unique, long, strong passwords so that if they are compromised, the impact is limited. It’s especially important that they are not using the same passwords on their social media accounts as their bank accounts, email and work accounts.

KnowBe4 offers some good examples to follow: Complex Password Guide (knowbe4.com)

‍

Check your impersonation protection settings

Impersonation is when the sender or the sender's email domain in an email message looks similar to a real sender or domain. An adversary could use this tactic to send emails that look like they are from your employee’s email address but actually from an address they control.

Microsoft offers Impersonation Protection settings in Exchange Online, which prevent specific internal or external email addresses from being impersonated as message senders. You can add risky users' internal and external sender email addresses to protect them from impersonation.

You can read more about these Impersonation Protection Settings here: Anti-phishing policies in Microsoft 365

‍

Consider identity protection

Falcon Identity protection from CrowdStrike is another tool that can provide increased visibility of malicious or misuse of accounts for users that are highly active online. You can then configure condition-based MFA when suspicious activity is detected.

You can read more about CrowdStrike Falcon Identity Protection here: Identity Protection Services | CrowdStrike Services

‍

Tag sensitive accounts

If you are using Microsoft Defender for Identity, you can tag users as ‘sensitive’, enabling additional alerting on these accounts. This additional layer of precaution is another mechanism for keeping an eye on those high-risk users to make sure you are notified if there are suspicious activities related to their accounts.

You can read more about tagging sensitive users here: Entity tags in Microsoft Defender for Identity - Microsoft Defender for Identity | Microsoft Learn

‍

Beware of the deep fake

There is growing concern around AI, voice cloning and deepfakes for people who have video content of themselves online, e.g., in webinars or marketing videos.  

If you are making videos that include senior members of staff talking, they might become targets; the content could be used to generate deep fakes or voice clones, which are then used to trick other staff members into making ‘urgent’ payment transfers or undertaking other fraudulent activities.

Leading Cyber Security Awareness Training provider KnowBe4 offers ‘deep fake awareness’ content to help users be aware of what ‘red flags’ to look out for in this new world of artificial intelligence. They also have great content on how to use AI securely.