8 June 2022
Stay Safe on Social Media

Social media has become an integral part of our personal and professional lives. For over ten years or more, social networking platforms have been gaining momentum and popularity, attracting over 3.5 billion active users worldwide.

With the unstoppable rise of social media, whether at the social or professional level, comes the risks of potential privacy breaches, personal or customer data theft, and sometimes even business and profit loss. On a personal level, risks may be as serious as private photos and data being stolen and circulated.

In recent years, social media has become a hotbed for cybercriminal activity. One may feel safe scrolling through their social media feed, feeling unthreatened. Truth is: nothing online is 100% hack-proof!

On average, one, out of four personal accounts, is hacked, according to HighSpeedInternet.com. Social media accounts contain personal data such as contact details, credit card numbers, and even home addresses. Digital security, therefore, is a crucial topic for everyone to be well aware of.

In view of that, the Ministry of Communications and Information Technology (MCIT) has been exerting unremitting efforts to promote online safety and safeguard and secure the cyberspace. Among those efforts was the launch of an awareness campaign through the Egyptian Computer Emergency Readiness Team (EG-CERT) of the National Telecom Regulatory Authority (NTRA). Under the theme “Secure yourself on social networking sites,” the campaign raises awareness about online safety and security precautions when using social media. The campaign involves a series of videos and digital handouts featuring instructions and steps to secure personal accounts.

To protect your Facebook account, you should follow the steps below:
- Activate the Login Alerts feature. It sends alerts about unrecognized logins, notifying the user of any time someone logs in to their account from a new device. To activate that feature, tap Settings > Security and Login > Get alerts about unrecognized logins, then choose how you would like to receive your alert – through Facebook notifications, Messenger, or email.

- There is also the Two-factor Authentication method, a surefire way to keep your account safe and secure. When that feature is turned on, every time a login is attempted from a device or browser that the user has not used before, Facebook notifies and asks them to approve it with a login approval code sent in a text message or through the Facebook mobile application. To turn on two-factor authentication, go to More and tap Settings > Security and Login > Use two-factor authentication, then turn on the feature.

- We also recommend that you follow the security instructions on Facebook. Facebook will only ask you to provide sensitive data through its official website and your personal account. Your name on Facebook has to match your National ID, because should you wish to recover a locked account, you will be asked to verify your identity.

You can secure your WhatsApp account by following the steps below:
- Activate the Two-Step Verification feature. Open WhatsApp Settings, then tap Account > Two-Step Verification > Enable. Enter a six-digit PIN of your choice and confirm it. Provide an email address you can access or tap Skip if you don’t want to add an email address. WhatsApp recommends adding an email address as this allows you to reset two-step verification and helps safeguard your account.

- For privacy, one can follow some simple steps. Features like Last Seen, Profile Photo, About, Groups, and Status can be set to Nobody or My Contacts. This will help you make sure people not in your contact list do not bother you.

- Additional options you can opt for is to block spammers and harassers; check someone’s identity before sending them personal information; ignore messages where passwords, sensitive information, or money is requested, or rather block the sender; and beware of clickbait and make sure you do not fall for it.

To secure your account on Twitter, you can follow the steps below:
- Two-factor authentication is an extra layer of security for your Twitter account. Instead of only entering a password to log in, you will also enter a code or use a security key. This additional step helps make sure that only you can access your account.

- To activate the feature, go to the side menu, click More > Settings and privacy > Security and account access > Security > Two-factor authentication. There are three methods to choose from: Text message, Authentication app, or Security key. To sign up via text message, click the checkbox next to Text message, read the overview instructions, then click Next. Enter your password, then click Verify. Enter the phone number associated with your account. You will be asked to enter the confirmation code sent to you via text message. Type in the code. You will see a confirmation screen with a backup code.

- Another factor to watch out for when trying to protect your information on Twitter is third-party applications. When you connect a third-party app to your Twitter account, you are granting that app access to use your account. Depending on its permissions, an authorized app may be able to obtain information and use your account in various ways. To prevent that, click More > Settings and privacy > Security and account access > Apps and sessions > Connected apps. Choose the application that you want to disconnect from your account, then click Revoke app permissions.

- Additional security steps include creating a strong password, always making sure to use the Twitter official website before entering any personal information, and avoiding clicking URLs in tweets by unverified accounts. You can also choose to show or hide tweets, based on your preference.

For enhanced account security on LinkedIn, you can follow the steps below:
- Activate the two-step verification feature. It gives you additional security by requiring a verification code whenever you sign in on new device. To turn on this feature, go to the drop-down menu next to your profile picture. Choose Settings and Privacy > Sign in and Security > Two-step verification, then tap Turn on. Choose your verification method: Authenticator App or Phone Number (SMS). LinkedIn will send a verification code to your phone number. Enter the verification code then click Verify.

- Setting your syncing options is another powerful tool to protect your account. Syncing simply means to collect and store all your contacts from Google or phone device in one place to keep them up to date. To remove synced sources, go to the drop-down menu next to your profile picture, tap Settings and Privacy > Syncing options > Change Sync contacts, and choose Remove all.

- An additional security option is to set your advertising preferences. You can change the setting for each feature in the list by turning it on or off based on your preference. We recommend that you turn off the following features: Audience insights for websites you visit, Ads outside of LinkedIn, and Profile data for personalizing ads.

Protecting your account on Instagram requires the following step:
- Activate the two-factor authentication feature. Go to your profile, tap More > Settings > Two-factor authentication > Get Started. Turn on the “Text message” option. You will be sent a text message (SMS) with a special six-digit security code each time someone tries logging in to your Instagram account from a new device.

- After you have turned on two-factor authentication, you will be able to see login requests, remove trusted devices and access backup codes for your account if you have issues with receiving a recovery code.

To secure your account on TikTok, follow the steps below:
- To prevent unauthorized logins, start by enabling two-step verification for your TikTok account. Two-step verification gives you extra security by requiring a code each time you, or someone else, tries to log in to your account. It also protects your account from unrecognized and unauthorized devices or third-party apps.

- To set up two-step verification, open the TikTok app on your mobile phone. Tap Profile, then the menu button in the top-right corner of your screen. Tap Security and login. This will open a new screen showing several options to secure your TikTok account, such as Security alerts, Manage devices, Manage app permissions, 2-step verification, and a Save login info toggle button. Tap 2-step verification.

- There are three ways to set up two-step verification in TikTok: via SMS, email, or password. You will need to select at least two of these verification methods. Once set up, if you or anyone logs in from an unrecognized device or third-party app, TikTok will choose the most secure method to verify your identity, based on your current method of logging in. If you select SMS and e-mail, TikTok will send a verification code to you via SMS (4-digit code) and e-mail (6-digit code) each time there is a login attempt from an unrecognized device or third-party app.

- Now, tap Turn on, enter your TikTok password in the space provided and tap Next. Enter your e-mail address and tap Send code. TikTok will send you a code to confirm your e-mail address. You will receive an e-mail with a 6-digit code. Enter the code in the space provided. This will automatically enable two-step verification. You will then receive a new account email push notification, informing you that a new e-mail has been added to your account.

There are some additional options that you can consider to further secure your social media accounts and surf the web safely. These include creating a strong password, not using the same password for different accounts, changing your passwords regularly, avoiding logging into your accounts from public computers or someone else’s phone device, and being careful when using open Wi-Fi networks. For enhanced security, you can use a virtual private network (VPN) application on your PC, and avoid clicking on suspicious links.

EG-CERT provides the necessary support for protecting the national critical information infrastructure, especially in the ICT and financial sectors. Its team consists of highly specialized members who work around-the-clock to maintain cybersecurity, handle incidents, analyze digital forensics and malware, and do reverse engineering.

EG-CERT mission is to secure the Egyptian ICT infrastructure by taking proactive measures, collecting and analyzing information on cybercriminal activity, coordinating and mediating between involved parties to handle incidents, and collaborating with CERTs in different countries.

Copyright Ministry of Communications and Information Technology 1999-2023. All rights reserved