Facebook Business – Phishing

How safe is your Facebook Business account?

Facebook business accounts provide companies with a great way to reach potential customers and stay in touch with their network of followers. But recently this platform has become a major target for cybercriminals.

An onslaught of phishing attempts against Facebook business users has prompted Meta to release a new framework of safety guidelines to prevent further attacks. 

Let’s take a look at the cybersecurity situation around Facebook commercial accounts and what you can do to keep yours safe.

Cybercriminals target Facebook business users

Recently, headlines about compromised Facebook business accounts have been causing concern in the commercial sector, both  internationally and in South Africa.

The potential risks involved in a compromised Facebook business account include financial and reputational losses arising from impersonation and takeover attempts. In this scenario, cybercriminals could gain access to your account and use it to defraud your customers.

  • Cybercriminals gain access to your account, change the associated bank account, and request payment from customers which would be channelled into their account and may never be recovered. 
  • In addition, the damage to your company’s reputation in the wake of an incident like this could be massive, with disgruntled and aggrieved customers taking to Facebook itself to spread the news, about fraudulent activity carried out in your company’s name.

How to spot the signs of a Facebook Business phishing attempt

Like many cybersecurity breaches, Facebook Business account takeovers begin with innocent seeming emails and Facebook messages, particularly in the form of business partner requests.

Emails purporting to be from Facebook are another popular method that hackers used to carry out phishing attacks. 

According to Meta, it’s essential for users to be on the lookout for email addresses with domains which are almost the same as the official ones used by Facebook but vary in terms of a single letter or word. The following domains are the only official ones used by Facebook:

  • fb.com
  • facebook.com
  • facebookmail.com
  • instagram.com
  • meta.com
  • metamail.com
  • support.facebook.com

In general, any email or electronic message that asks you to click on a link or enter account details should be treated with a high degree of suspicion. 

This is especially true if the message refers to an account action that Facebook supposedly wants you to take but doesn’t come up as a request on the Facebook app or website itself.

If you find yourself unable to access your account, receive complaints from customers who have received strange messages from your Facebook Business account, or suddenly notice that your account is following strange accounts, it’s highly likely that you’re a victim of phishing. 

It’s essential to report your account as compromised immediately to avoid serious losses. 

Protect your online business with secure cloud storage 

Considering that Facebook business accounts are used to process payments and interact with valuable customers, the last thing you want is for yours to be compromised and used to carry out criminal acts. 

Securing your Facebook business account is an essential step if you’re doing business online today – and it’s just one part of an effective cybersecurity strategy.

Secure cloud storage is an excellent way to keep your confidential files safe in the cloud and out of the wrong hands. To learn more about our range of cloud storage solutions for businesses of all sizes, visit our product page today.

Facebook Data Breach – Is Our Data Protected?

Is Facebook protecting our data as users?

The question begs to be answered; what is Facebook really doing to protect the data of its more than 2,7 billion users? The simple answer is; not a whole lot. The most recent Facebook data breach to threaten the platform in April of 2021, is the third major security scandal to make the headlines (involving Facebook) since 2018. The latest incident makes one wonder what happened to the data, why cybercriminals are so fixated on getting it, and what we can do to prevent our data from being stolen in the future.

what happened in the 2021 facebook data breach?

An estimated 533 million Facebook profiles had their information leaked over the long weekend of the 2nd – 5th of April 2021. Let’s think about that for a minute. Half a billion people in more than 100 countries were left vulnerable and wondering whether their data had been compromised and stolen.  And while we know that millions of people were affected, it’s hard to say precisely who because Facebook’s current social media cybersecurity measures don’t have any feedback function to alert users.

The attack was discovered on an underground website used by cybercriminals who are seeking the data of innocent users online. This is not the first time a cyber leak of such magnitude has occurred on the platform. So, what happened? All eyes are on Facebook to share further information!

why are cybercriminals after our data?

It is a well-known fact that data is extremely valuable in today’s times. It allows companies to tap into their target markets and maximise their profits. It also allows social media platforms to ensure that adverts on their platforms reach the most likely people interested in the product or service advertised.

Facebook has been a little slack recently with its social media cybersecurity measures; thus, the platform has become an excellent opportunity for cybercriminals to tap into our data and sell it for large amounts of money. However, this may be the least of our worries as cybercriminals may also be looking to make attempts at identity theft which is a serious concern for all parties involved.

how to protect yourself online

While cybercriminals spend a vast amount of their time looking for opportunities to steal data, users have to become more vigilant. It’s up to users to ensure that they know how to protect themselves when online. Here are a few tips to help:

1) Minimise the amount of personal information that you post online
2) Create unique passwords for every site you wish to register on
3) Utilise encrypted data backup storage methods
4) Avoid having Unkown users as ‘friends’ on your account

These methods are the best form of defence against this sort of data attack as it ensures that hacking and data theft is minimised and guarantees peace of mind over your cybersecurity.

Conclusion

With cyber-attacks and data breaches on the rise, it is more important than ever to be cautious about sharing data on platforms such as Facebook. It is about time that Facebook steps up to the page and instils a sense of security for its users.

Tracking the Facebook activities of potential employees

Present-day laws and regulations make it particularly difficult for an employer to fire an employee once the contracts have been signed and the first few months of employment have passed. But what do you, as an employer, do when you end up hiring the wrong person? Some would say that ‘prevention is better than cure’ and this is the very reason why so many recruitment teams and business owners spend time tracking the Facebook and other social media platform activities of potential employees before taking the plunge and making an offer to hire/employ.

What to look for and what to overlook

It’s one thing to say that you should be tracking the Facebook activities of potential employees, but what are you actually looking for? It all really depends on the type of position you are trying to fill and what type of person you would like in that specific role.

It’s an accepted fact that some personalities just aren’t good fits with the culture of certain teams and it is, therefore, a good idea to weed those personalities out of the running as early on as possible. Checking (or trawling) the social media accounts of potential employees will often give a good indication of their ‘fit’.

Here’s what to look for:

  • What is the candidate known for online?
  • What type of content is the candidate posting, ie. do the posts appear to be positive or disruptive?
  • Does the candidate appear to have any particular themes?
  • Do the candidate’s online activities show them to check or uncheck boxes when it comes to the job requirements?
  • Are their online activities in conflict of interest for your business?

Protection of Personal Information

As an employee, you need to take care when screening candidates that you remain neutral and that if you turn down a candidate after a social screening, that your decision could not be seen as unfair discrimination.

For example, if you are looking for a new integral member for an animal rescue team and you notice that a potential employee consistently writes posts in support of animal cruelty, it would not be unfair or unreasonable to offer the post to another applicant, based on the screening.

However, you cannot discriminate against applicants based on personal agendas or preferences.

Last Word

Undertaking “snooping or screening” activity should shine a light on just how easy it is to gather personal information on a person or entity. That being said; carry out your online investigations on potential employees responsibly and with the professionalism that you would expect yourself. This will ensure that you use the intel ethically and that you don’t create an unnecessary media storm! Good luck in finding the right new employee for your team.