Social Media Is a Threat – Is Your Credit Union Safe?

by NAFCU Services

By 

Back in college, Facebook was so much more than a social networking site—it was the center of social life. So, imagine my horror when I woke up one morning to find out the worst—my Facebook account had been hacked, and my online profile was no longer under my control.

If I had known then what I know now about social media security, all of this could have been prevented. My password was ridiculously easy to guess—it was my childhood pet’s name, whose picture and name were all over my profile. I also failed to thoroughly vet who I became “friends” with on Facebook. It was all too easy to blindly accept everyone who asked to be a friend. Fast forward to today: Social media is not just for high schoolers and college students anymore. As of December 2012, Facebook reported over a billion active users. These users represent all age groups and even businesses (including credit unions!). It is more important now than ever to be sure your credit union employees and members learn safe practices for using social networking sites.

Most of us are familiar with some of the more “traditional” online security threats. Don’t click a link in an email if you don’t know the sender. Don’t give out any personal information via email unless you are sure you know who you are talking to. Have an IT security professional set up password protections and firewalls for your credit union. Social networking, however, creates a very interesting, and new, security challenge.

Social media is essentially a “trusted” online community. But how do you know you can really trust that community? Do your members and credit union employees add people they don’t know on Facebook or LinkedIn? This is dangerous because unless you know the individual behind a profile or alias, you can never be 100% sure that profile is not there to gain access to personal information. Do your members and credit union employees know the danger of using the same password for all of their accounts? This is a bad idea because it increases the odds of multiple security breaches if one account is compromised.

continue reading »