The events which occur during the last days about social media security have revealed that this aspect of the Internet use shall be processed like a priority by all the users.

The huge amount of personal data stored on server is, from one hand, a sufficient reason for hackers for obtaining the access to this data, and, from the other side, an hard challenge for administrator and security Dep of portals in order to protect those data by keeping the availability.

It is not enough. The data security of users that are using internet resources depend on the level of awareness of threats represented by internet during the usage.

We remember you some rules that shall be followed in order to reduce the risks connected with the usage of social media:

• use a complex password: you can also you a password generator for this aim;
• use a two steps access: sign in firstly with the username and the password, and then confirm the access with a external token. The usage of this hardware will definitely protect from hackers’ attacks (phishing, session hijacking or extortion). In addition, the token will not work if the website is false.
• do not access to unknown devices;
• use different passwords and system, this can be helped by the usage of a password management;
• do not used a internet connection which is not safe (public hot spot)
• limit the permission of the application for the access by using your account of social network.

What you can do if you are suspecting that our data can be a part of a breach?

• It is absolutely necessary change the password as soon as possible, by being in compliance with the rules of the creation of a complex password;
• Pay particular attention to phishing attacks. Those attacks can get worse your contacts loss (email). In any cases we shall use connection included into the received email, in particular into the junk emails;
• It is important to pay attention against social engineering attacks carried out by using the phone. A potential hacker could use our data intercepted by a social network, for example during a phone call with a victim of an attack, in order to perform the authentication an obtain further information, including the access to systems or user’s disposals.

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA POLONIA – UODO