Skip to main content
  • Cybersecurity

How to stay safe on social media

By Erin Hutchison
Content Marketing and Social Media Specialist

Social media can put you at risk of threats like identity theft, malware or phishing.

Social media is a great way to stay in touch with family and friends, follow the news and share photos of your meals from pleasing angles.

But social media can also put you at risk for cyber crime, such as your account being hacked, receiving phishing messages or becoming a victim of identity theft. Here are some common cyber risks people encounter while using social media and how to avoid them.


Three risks of social media


You may receive links or fake messages on your social media accounts aimed at getting you to share personal details or financial data; a scammer can use this info to commit identity theft. Malicious links could also pop up in posts on your social media feed. These are examples of phishing, which is when a cyber criminal tries to extract information or money from you by impersonating real people or companies. A criminal may also hack into your account and create posts to convince your friends and followers to click on a link or share personal information. Beware also of emails that claim to come from social media sites that ask you to click on a link, make a payment or share your login credentials—these are all signs of phishing.



Malware is spread on social media through links, often with catchy headlines. Once malware is in your device, it could send spam messages to your friends, steal your information or damage your device with a virus. Another example of malware is ransomware, which locks all your files and demands a large payment to get them back.


Identity theft

While getting birthday messages from people you barely remember from high school is part of the fun of social media, sharing your birthdate or other information, like where you work or live, leaves a trail for hackers to follow. That trail could lead to your banking information or social insurance number, which they can use to take out loans, open credit card accounts or make purchases. Think twice before you share certain details or be sure to keep your account private.


How to protect yourself on social media

Use strong passwords

It is important to use strong, long, unique passwords for your social media accounts. While it is never a good idea to use your dog’s name or your birthdate, this is especially true on social media. Because you share these details with your followers, it makes it easy for a hacker to guess your password. A strong password has numbers, special characters and letters. It should also be long, with ideally at least 15 characters—it can even be a full phrase. Use a different password for each account, so if one gets hacked, a cyber criminal can’t use it to access all of your accounts.

A word about single sign-on: Many people use their social media password to sign on to multiple accounts. Known as single sign-on or SSO, this can save you time and means you don’t have to remember yet another password. But we recommend avoiding this. With single sign-on, if a hacker breaches a single site or service, they can use the same username and password to log on to any of your other accounts.

For an extra layer of security, use multi‑factor authentication. This means you need an additional code to log in to an account, which is sent to you through text message, email or a token-based application, such as Google Authenticator.


Don’t overshare

You may be tempted to post photos of you relaxing on a Caribbean beach during a blizzard back home. But letting your followers know you are away is also helpful for thieves. Using social media to check-in at your location or sharing photos of a big-ticket purchase could also make you a target. When posting photos, make sure the background doesn’t share details like licence plate numbers or addresses. Think before you post a photo, comment or video.


Check privacy policies

Social media sites know so much about your interests and habits. It’s important to understand what information they collect, how they use this information and if they are selling it to advertisers or other third parties. Check these policies periodically to see if anything has changed. If anything in the privacy policy makes you uncomfortable, give up your account.


Customize your privacy settings

Privacy settings allow you to control who sees what information about you. Some privacy settings enable you to approve who can view your feed and others allow you to choose which posts are shared, even among your followers. They can also limit what comes up in search results so that only specific groups can see your photos, posts or likes. Don’t just set it and forget it. Many sites regularly change their privacy setting options, so review them often.

About the author
Erin Hutchison

Erin brings to CIRA a background of marketing experience in higher education and the not-for-profit sector. In 2015, she participated in ISOC’s Youth@IGF Programme and traveled to Guadalajara, Mexico to attend the IGF. She has a Bachelor of International Business from Carleton University.