Global social media use has grown exponentially. Social media users are estimated at 3.196 billion, up 13 percent year-on-year. Unfortunately, as more and more information is published online, there is more danger in ways that undermine your privacy, and in some cases, your data is stolen instantly.
Why does privacy matter in social media?
Social media privacy refers to the sensitive and personal information people can discover about you from your account. This information can be intentionally shared in a post or public profile or unknowingly shared, for example, information sharing sites with other companies and social media marketing agencies.
But while most people may worry about what the company will know about them, The more significant danger is what scammers know and how they can use that information.
Research from the Thai Bankers’ Association (TBA)
Revealed that losses from fraudulent online activities amounted to roughly 500 million baht in 2022.
Fraudsters have been employing scams that are more technical and difficult to discern, leading more people to fall victim to fraud. Losses totaled about 500 million baht in 2022 – Head of TBA’s Payment System Office.
(Pattaya Mail, 2023)
Does social media threaten privacy?
Criminals specialize in tricking social media users into sending sensitive information, stealing personal information, and accessing accounts that users consider private. Here are some common social media threats.
Everyone leaves traces of information on the Internet whenever a new social media account is created. They provide personal information, including name, date of birth, geographic location, and interests. In addition, companies collect information about user behavior, and all of this information is stored to be utilized by companies for better target advertising to users. Companies sometimes share user information with third parties without their knowledge or consent.
Malware (malicious software) is designed to gain access to your computer and the data it contains. Once the malware has infiltrated, the user’s computer can be used to steal sensitive information, extort money, or profit from forced advertising. Social media platforms are ideal delivery systems for malware distributors when the account is compromised. Cybercriminals can then distribute malware to the user’s friends or contacts.
Phishing is one of the most common ways criminals attempt to access sensitive personal information. Often in the form of a text message, email, or phone call, a phishing attack presents itself as a message from a legitimate organization. These messages deceive others by revealing sensitive information, including passwords, bank information, or credit card details.
In August 2019, a massive phishing campaign targeted Instagram users disguised as a two-factor authentication system to encourage users to sign in to fake Instagram pages.
A botnet attack occurs when a group of internet-connected devices becomes infected with malware under the control of a malicious hacker. A large group of bots can form a network known as a botnet. Botnet attacks often involve sending spam and data theft to exploit sensitive Information or launch a vicious DDoS attack.
Social media threatens privacy
Facebook and Instagram
Facebook provides its business partners with tracking software they embed in apps, websites, and loyalty programs. So any business or group needing digital advertising has little choice but to feed your activities into Facebook’s vacuum: your grocer, politicians, even the paywall page for this newspaper’s website. Behind the scenes, Facebook takes in this data and tries matching it to your account. It sits under your name in a part of your profile your friends can’t see, but Facebook uses it to shape your experience online.
Data privacy issues of Facebook/Meta began in 2018 with revelations that a data marketing company had illegally collected the personal details of more than 80 million Facebook users.
However, despite the promise to improve and change the company’s policy, Meta’s battle for data privacy continues today.
Twitter doesn’t collect as much personally identifiable information as other social media sites, but that doesn’t mean its data isn’t valuable to criminals. That includes the harm caused by revealing the identity of anonymous users, he said.
While many users only use the app to follow public figures, retweet, and occasionally tweet thoughts of their own publicly, there are others for whom losing anonymity on the site could be dangerous. Musk and others have criticized Twitter’s lack of use of end-to-end encryption.
That capability means the sender and recipient can only see communications like direct messages without platform employees being able to see them.
TikTok
Security concerns have grown regarding how users’ data is used and are even more amplified by the fact that TikTok is developed and based in China.
FBI Director Christopher Wray warned that TikTok’s privacy and data collection policies could lead to the collection of sensitive and personally identifiable information. The Chinese government can access that information beyond the permissions granted by users. The FBI identified TikTok as a national security risk in testimony before the Homeland Security Board in November 2022.
What is Cybercrime?
Cybercrime is a growing problem every day due to the advancement of technology. However, security measures to protect this technology and its users must advance quickly to accommodate this, making cybercrime more frequent.
It involves computers and networks to an illegal end, such as fraud, identity theft, or violation of privacy. A virus is a form called malware that covers all types of malicious software. Any code or program written and distributed to damage, steal data and make money for the owner of the virus includes ransomware that can lock the files until you pay a ransom to decrypt them.
Types of Cybercrime
- Phishing, such as sending fake emails to steal personal and sensitive information
- Identity theft involves the misuse of your personal information.
- Theft and sale of corporate data.
- Hacking or disabling, or misuse of any website or computer network.
- Cyber extortion or monetary demands to prevent threatening attacks
- Cyber espionage (where hackers access government or company data)
Cybercrime in Thailand
The users in Thailand were attacked by cybercrimes around 21% in 2021, which is lower than the global average of 29%.
()
So how is the cybercrime situation in Thailand? Let’s find interesting information.
The statistical trend of cybercrime in Thailand since 2018 tends to decrease, but the number of incidents is still high. The average loss from cybercrime in 2021 has increased by 144% or $2.2 million, or approximately 72.6 million Thai baht. The most affected industries are legal services, construction, wholesale and retail trade. Health care and industrial estates Thailand ranks 6th among countries in the Asia-Pacific region. And Japan was affected mainly by ransomware.
Thailand launches two new cybersecurity laws
Financial cybercrime can now destroy a business entirely. Getting information into the wrong hands can have serious consequences. Brand value, financial loss, and intellectual property are only part of it, not to mention “Invisible damage,” including loss of performance. Therefore, having legislative support is very important.
Entered two new cybersecurity laws of Thailand: the Personal Data Protection Act and the Cybersecurity Act.
Personal Data Protection Act (PDPA)
PDPA is the Personal Data Protection Act introduced in 2019. This law was created to prevent the breach of everyone’s personal information, including storage and use, without notice and without prior consent from the data owner.
The Cybersecurity Act
The Cyber Security Act has been criticized for giving the government “sweeping powers” to Thailand’s digital economy. With this Act, Governments can monitor, track and access all online traffic on behalf of emergencies or as a precautionary measure.
Note that private organizations are not exempt from this. You may be asked to provide your name. Contact details of your key stakeholders, etc., mainly if your company uses or provides computer systems for national security work, financial services, and publicly targeted services.
How to protect your social media privacy?
It is essential that you know how to protect your privacy on social media. Here are a few tips for you.
1. Don’t share your live location or daily routine.
It can be fun to share pictures while you’re on vacation. But those pictures will instantly alert everyone that you’re away from home. Take photos during your trip and only share them when you return.
Also, avoid posting your routine daily story about Your “going to the market at 7 am,” telling stalkers where they can find you every morning, and letting thieves know when you’re away.
2. Do not disclose your national identification number
because your identity may be stolen
Identity and financial information such as social security number (SSN), driver’s license number, bank account number, and passport number should not be posted on social media.
Instantly available for identity theft and more. (according to the further warning, You can’t always change your Social Security number. Even if your identity has been stolen)
3. Share less in the “About” section
Social media platforms allow you to share all kinds of personal information online. But all this information will increase the online footprint. Just because a field that offered doesn’t mean that you need to fill it out.
Consider leaving information on your social media profiles blank or providing only broad answers, for example, into your industry instead of a specific employer, even seemingly innocuous information, such as your maiden name or hometown. It can help hackers decrypt your security questions.
4. Only accept connection requests from people you know.
Even if you’re careful about what you post, your friends can see what others post about you with a small deduction. Your friends can quickly find your date of birth and search your friends list to learn about you.
5. Use two-factor authentication (Avoid SMS)
Two-factor authentication is a security measure that needs a one-time code from an app on your phone or a text message. In addition to your password, most social media accounts nowadays have this feature.
Because these codes only work for a few minutes. Therefore more secure, But they are more robust as they require anyone trying to log in to have the proper password and device. This is unlikely in most hacking situations.