September 26, 2016 By Neil Jones 5 min read

It was a birthday I’ll never forget. I know what you’re thinking: close friends, colorful streamers, a big birthday cake and Katy Perry’s “Birthday” softly playing the background.

Nothing could be further from the truth. My quiet birthday dinner at a casual restaurant was interrupted by the rapid buzz of numerous emails being sent to my mobile device. After hearing more than five messages come in, I began to suspect an IT security emergency and sheepishly pulled out my phone to check.

I was shocked and horrified to see a series of brand new messages from LinkedIn, all containing negative comments about me regarding professional posts that I’d made over the past few weeks. One comment, for example, visible to all my professional contacts, read, “Why would you want to do business with a liar like Neil?”

A Not-So-Happy Birthday

As I excused myself from the table to review the content more closely, I realized that the comments had come from one of my Facebook friends. A couple days prior to my birthday, that friend sent me a message. He accused me of having him removed from a Facebook group of which we were both members. I explained to him that I was not an administrator of the group, so I didn’t have the authority to take such action. It was clear that he was experiencing mental duress, so I chalked his accusation up to whatever personal situation he was going through at the time.

Clearly, he didn’t believe me. As I prepared for my quiet birthday gathering, he reached out to some of my other Facebook friends. He told them, “Our friend Neil is having a medical emergency. I need to get in touch with his family right away. Do you have his phone number?” Eventually, one of my friends believed him and capitulated. As a result, I received death threats via voice mail and text messages on the afternoon of my birthday. This persisted until my mobile provider blocked his communications entirely later that day.

10 Social Media Tips to Protect Your Personal and Professional Reputation

At this point, I’ve virtually assured that none of you will invite me to your next birthday party! So here’s my early birthday present to you: 10 ways to leverage IT security best practices to protect your personal and professional reputation on social media.

1. Use Different Account Names for Personal and Professional Social Media Accounts

Your professional reputation is of utmost importance, and it’s available globally on a 24/7 basis to anyone who wants to see it. Be very careful not to use the same social media handles for your personal and professional accounts. Instead, maintain a professional distance between the two.

2. Use Different Profile Photos Across Social Media Accounts

Remember that images can easily be found using search engines, making it easy for potential troublemakers to dig up all your accounts in one fell swoop. Utilize unique profile photos to differentiate between your personal and professional accounts and change them on a regular basis. This is especially important if you have a unique name, since you’re easier to track down in search engines to begin with.

3. Differentiate Between Personal and Professional Contacts

Looking back, I should never have accepted the Facebook friend’s LinkedIn contact request. Only a small percentage of your contacts should be considered both professional colleagues and personal friends. Otherwise, you risk having your professional reputation damaged by a potentially unstable personal acquaintance. Similarly, allowing your professional contacts to view your over-the-top bachelor or bachelorette party photos might not be in your best interest.

4. Limit Visibility of Personal Accounts in Search Engines

I’ve noticed that certain social media sites permit you to decide whether you want your account details to be made available in major search engines. Since social media sites are so good at generating potential contacts for you nowadays, you probably won’t miss out much by suppressing your personal information on search engines.

5. Limit the Amount of Personal Information You Provide

Social media providers encourage you to include as much information as possible to present you with compelling content and targeted advertising efforts. However, you should be judicious about doing so. My stalker capitalized on my interest in American playwrights like Tennessee Williams to break down social barriers to information sharing and encourage me to share even more detailed information about myself.

6. Use Social Media Privacy Settings

This was a tough lesson for me at the time. I must confess that prior to the incident, my Facebook account probably operated with the default settings that were recommended by the social media provider. This permitted my stalker to methodically comb my Facebook friends list for a weak link who would reveal privileged information to him. He was also able to see photos of my family members so he could reach out to them, knowing that they would be more concerned if I’d experienced a supposed emergency.

After reading this, invest 10 minutes to adjust the privacy settings for your favorite social media accounts. I promise it’ll be time well-spent. While doing so, pay particular attention to the GPS tracking capabilities in your social media accounts. Do you really want a potential cyber stalker to know that you’re only 50 feet away from him or her?

7. Use Different Passwords Across Social Media Accounts

Admittedly, I also made this mistake and reused passwords across accounts. I shudder to think what might have happened if the stalker had been able to compromise my password and hijack multiple social media accounts with fraudulent content updates.

8. Perform Routine Contact Cleanings

I’ve been a social media proponent for more than a decade. But it’s important to remember that everyone you’re connected to is privy to everything you make available about yourself. If one of your contacts becomes unstable or his/her own account is compromised, this data could be a gold mine for a malicious actor.

9. Report IT Security Incidents to Law Enforcement

Cyberstalking was such a new phenomenon at the time of my incident that local law enforcement simply took my report and advised me to block the contact on all my personal and professional accounts. This seemed like a light touch considering the fact that cyberstalking was a felony in the state in which I lived at the time. Furthermore, I had written proof of multiple death threats. However, the only way to force law enforcement to take these incidents seriously is to ensure that they’re properly documented and tracked.

10. Educate Contacts on Best Practices

I’m personally supporting #StompOutBullying Day on Oct. 7, 2019, and there are many additional resources available on the internet to help you learn more about protecting yourself. For example, you can check out our companion article about how you can use dating applications more safely.

Cyberstalking is the most severe form of bullying. So please share these tips with your children, friends and less experienced professional contacts who might be unaware of the potential dark side of public information sharing. Simply click on the links to Twitter, Facebook and LinkedIn that appear below.

Conclusion

Despite my experience, it is my belief that 99 percent of people in the world have good intentions, but society pays more attention to the negative 1 percent. However, as the line dividing the professional and the personal increasingly blurs, you need to be more vigilant than ever.

Learn how Hacker Highschool is helping teens develop safe online habits

More from Risk Management

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

How I got started: Ransomware negotiator

4 min read - Specialized roles in cybersecurity are proliferating, which isn’t surprising given the evolving threat landscape and the devastating impact of ransomware on many businesses.Among these roles, ransomware negotiators are becoming more and more crucial. These negotiators operate on the front lines of cyber defense, engaging directly with cyber criminals to mitigate the impact of ransomware attacks on organizations.Ransomware negotiators possess a unique blend of technical expertise, psychological insight and negotiation skills that allow them to navigate the high-stakes environment of ransomware…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today