I recently read an article that the Securities and Exchange Commission (SEC) charged an Illinois-based investment adviser with offering to sell fictitious securities on LinkedIn. The SEC issued two alerts in an agency-wide effort to highlight the risks investors and advisory firms face when using social media.
The SEC’s Division of Enforcement alleges that Anthony Fields offered more than $500 billion in fictitious securities through various social media websites. He used LinkedIn discussions to promote fictitious “bank guarantees” and “medium-term notes.”
The SEC provided this .pdf with items to keep in mind while using social media accounts.
The entire .pdf is a great resource, and while it is targeted towards investors and advisory firms, I believe the tips can apply to any organization. Here are a few items I want to highlight:
1. Be sure to check your account’s privacy settings. All your social media accounts have different default privacy settings. I know in Facebook, you can monitor who is able to view your wall posts and even select “friends” to disable them from viewing specific photos or posts you do not want them to see. Make sure you go through your settings and are comfortable with their security level.
2. Pick and choose biographical visibility. Even though you need to fill out specific personal information to create an account, you can set your account so that the information is not visible to your community. Whether it be your birthday, email address or your phone number, make sure you understand which information you have submitted is open for public viewing.
Additional information from my perspective:
3. Make sure you set your account so that you have to approve who you connect with on your sites. While it may seem bothersome to go through and approve everyone individually, it will only benefit you in the long-run. When you approve everyone automatically, a hacker or fraud can easily connect with you and have instant access to your information that you have made public, and you also expose your contacts to fraud as well. Everything you say can be used against you.. so be careful what you say.
4. Be careful what you say. I touched on this in #3, but I need to re-iterate it; everything you say can be used against you. Whether you are struggling financially or are recently out of a job; think before you post that information. An attacker can use any vulnerable information you publish to try to get information out of you.
Learn from others, and don’t fall into these traps. Here is one example of a LinkedIn message I received that can shed light as to some of the scams that are out there. I changed the sender’s name because he could just have been attacked as the sender, but I receive emails like these several times a week.
Since I use LinkedIn often to connect professionally, I need to be extra careful not to fall into traps because it is not only my information that is at risk but also my organization’s. I knew this was a scam because I do not know the person sending the message, and he was three times removed from me. I am not saying every message you receive from an unknown person is a scam, but that is a starting point to stay cautious. Then I thought it odd that all the message said was to click on a link that I am not familiar with.
If you receive these messages, be weary to click. If you really want to click, look the person up in the search bar and send him or her a separate message asking why the link was sent to you. If the link then seems legitimate, copy and paste it in a search engine search bar. When I did so with this link, nothing came up.
There are many others out there, so while connecting with professionals in your industry that you may not know is a great way to network over LinkedIn, you do need to be weary and smart when connecting and acting on requests from LinkedIn senders.