Securing your Facebook account from unwanted data leaks and phishing attacks

Securing your Facebook account from unwanted data leaks and phishing attacks

WELCOME TO SOLUTIONS SQUAD!

We understand that your focus is to drive business growth and stay ahead of the competition. That’s why our Expertly Managed IT services are curated to streamline your operations, help secure your business, and ensure your technology scales with your ambition. We bring a proactive approach to IT management, offering tailored solutions that keep you connected and protected. With services ranging from real-time monitoring to cutting-edge cybersecurity and disaster recovery planning, we’re here to empower your strategic decisions with our Virtual CIO and co-managed IT support. We stand by a security-first ethos, reinforced by our dedicated helpdesk, ensuring clear assistance in plain English, anytime you need it. We are your partner in building a resilient, efficient, and innovative IT infrastructure, freeing you to focus on what you do best: running your business.

Empower Your Business with Expert IT Support

Unlock efficiency and secure your digital assets with our Expertly Managed IT services—where peace of mind meets innovation.

It’s no secret that when it comes to free services, our personal information and habits is the preferred method of payment.
Facebook of course can be considered the leader in monetizing user data and there’s a well-hidden setting that can be disabled to help protect your information from third parties, which if left in the open, can leave you vulnerable and exposed.

The setting, which is enabled by default, is called Off-Facebook activity. Facebook describes it as “Off-Facebook activity is a summary of activity that businesses and organizations share with us about your interactions, such as visiting their apps or websites. They use our Business Tools, like Facebook Login or Facebook Pixel, to share this information with us.”
What this feature essentially means is that when you select to log into third party sites with your Facebook account, there is now a link between your Facebook account, and the information exchanged with and retained by that third party.

While Facebook has a virtually unlimited cyber security budget, the third parties with whom this data could be shared, may not.
This can leave you, or your employees data exposed, if a breach were to occur on the third party servers.
This data can then be sold on the dark web, and weaponized against the user, and company.
A bad actor can weaponize the information to launch a targeted phishing campaign, gain access to a corporate account, launch Ransomware or get away with a successful wire transfer scam.

A targeted Phishing attack campaign is one where users are targeted by e-mails that are made to appear as if they are legitimate based on social engineering. These e-mail often either carry a payload with Ransomware, or a link to a Phishing site.
Once the user visits the site, they are asked to “log in” to view the information, only to be redirected to a file with a Ransomware payload. If the user opens the Ransomware on an unsecured workstation or network, all the files are locked and held for a ransom payment, commonly made in bitcoin. Meanwhile, their user credentials have just been provided to the hacker(s) so they can gain access to their e-mail account.

They can also attempt to brute force and breach unsecured accounts, using the information to guess possible passwords. This is why Multi Factor Authentication is critical and must be enabled, always and everywhere.
If they gain access to a user’s corporate e-mail account, they can begin to listen in on the user’s e-mail conversations with their family, co-workers, and even the CEO. And after they feel comfortable, they begin to impersonate the user and e-mail others in order to have them execute a wire transfer, or target the user with spoofed e-mails from the CEO, requesting a wire transfer.
By the time the target realizes they have been scammed, the money is long gone and often irrecoverable.

Which brings us to the Off-Facebook activity feature. One that is enabled on your account by default.
Facebook describes it as “Off-Facebook activity is a summary of activity that businesses and organizations share with us about your interactions, such as visiting their apps or websites. They use our Business Tools, like Facebook Login or Facebook Pixel, to share this information with us.”
What this feature essentially means is that when you select to log into third party sites with your Facebook account, there is now a link between your Facebook account, and the information exchanged with and retained by that third party.

You can follow the below steps to disable this feature on your account and stop the data sharing that can lead to disaster:

New Facebook

  1. Click  in the top right.
  2. Select Settings & Privacy > Settings.
  3. Click Your Facebook Information at the left column.
  4. Click Off-Facebook Activity to review. From here, you can also click Manage Your Off-Facebook Activity for more information. You’ll be asked to re-enter your password.
  5. Click Clear History.
  6. Click Manage Future Activity.
  7. Review the prompts and switch off Future Off-Facebook Activity.

Classic Facebook

  1. Click  at the top right of Facebook and click Settings.
  2. Click Your Facebook Information at the left column.
  3. Click Off-Facebook Activity to review. From here, you can also click Manage Your Off-Facebook Activity for more information. You’ll be asked to re-enter your password.
  4. Click Clear History.
  5. Click Manage Future Activity.
  6. Review the prompts and switch off Future Off-Facebook Activity.

This will change your browsing experiences a bit less personal, but that is exactly the point.

If this information is giving you nightmares and making you feel less than secure, that’s OK!
We dream of these nightmares so we can best help secure our clients’ networks, so they can spend less time managing their technology and more time benefiting from I.T.
Schedule a quick session with us today, to see how we can help you be secured.

Don’t forget to [newsletter_button id=5 label=”Subscribe” design=”wp”] to our newsletter to get tips like this and more.

Don’t miss out on all the benefits – subscribe now and take your business to the next level!

  • Get exclusive access to expert insights and tips for leveraging technology to grow your business.
  • Stay up to date on the latest tech trends and advancements that can help you stay ahead of the competition.
  • Join a network of business leaders who are committed to using technology to drive success and innovation.
  • Receive personalized support and guidance from our team of IT experts.
  • Enjoy a more streamlined and secure digital experience with our insider tips and tricks.
Free password login sign vector

What is Password Spraying?

Password spraying is a complex type of cyberattack that uses weak passwords to get into multiple user accounts without permission. Using the same password or a list of passwords that are often used on multiple accounts is what this method…
person using Windows 11 computer beside white ceramic mug on white table

10 Tips to Get the Most Out of Your Microsoft 365 Apps

Microsoft 365 is a strong set of tools created to make working together and staying safe easier on many devices and systems. It has well-known programs like Word, Excel, PowerPoint, and Outlook, as well as new ones like Teams and…
Free security pattern lock vector

Complete Guide to Strong Passwords and Authentication

Cyber risks are smarter than ever in today’s digital world. People and companies can lose money, have their data stolen, or have their identities stolen if they use weak passwords or old authentication methods. A strong password is the first…