Did you know that social media accounts are one of the favorite targets for cybercriminals? You may think cybercriminals would prefer to hack online banking accounts or shopping accounts, but that does not seem to be the case. Here is why. Social media accounts hold A LOT of personal information including name, email ID, date of birth, place of birth, place of work (your business!) high school attended, names of family, friends and pets, anniversaries, and more…which means, they are basically gold mines of Personally Identifiable Data (PII). Plus, if you play games and have your credit card details saved, there is more information and better the chances for the cybercriminal to commit fraud. All this data can then be used to hack into other accounts of the user, including financials. So, hacking into someone’s social media account can help cybercriminals enter other, more ‘useful’ and secure accounts.

But, how does it matter to you, as a business? If your employee’s personal social media account is hacked, it should not affect you, as a company, right? Wrong…here is how it can affect you.

  • If the employee whose social media account is hacked is the administrator of your company’s official social media handles, you are in big trouble as hackers will gain access to your company account and consequently to customer information, because you may be having clients who follow your business account on social media. The whole situation can result in a lot of damage to your business and brand reputation and result in penalties and possible lawsuits.
  • Even if your employee does not handle your company’s social handles, the hackers may have enough of their PII to try, and pry open a small entryway into your IT network.


You can avoid such mishaps by:


  • Training your staff on social media and cybersecurity best practices including advanced privacy and permission settings for social media accounts
  • Ensuring your employees can identify and steer clear of phishing and social media frauds.
  • Helping your employees understand the importance of practicing good password hygiene across all their online accounts–social, work, or personal.
  • Ensuring they realize that their Facebook or LinkedIn account is not ‘just another online socializing platform’, but an actual gold mine of information and only those who they really trust should be able to access them.
  • Sharing regular Day Zero Alerts and relevant news articles with your staff that keeps them updated on the latest modus operandi and happenings related to cybercrime.

As your managed IT services provider we will be able to help you in organizing and conducting these kinds of training and awareness sessions at regular intervals for your staff.