by The Computing Australia Group | Avoid Suspicious Quizzes and Apps
Social media has transformed from a simple communication tool into a powerful business, marketing, and networking platform. Today, platforms like Facebook, Instagram, LinkedIn, TikTok, and X (formerly Twitter) are used not only for connecting with friends and family but also for building brands, running healthcare practices, recruiting staff, and engaging with communities.
However, as social media usage has grown, so have the associated cyber risks. Cybercriminals actively target individuals, businesses, and especially healthcare providers, using sophisticated phishing schemes, identity theft tactics, account takeovers, and social engineering attacks.
For medical practices and healthcare professionals in particular, a compromised social account can mean more than reputational damage-it can lead to patient data exposure, regulatory issues, and financial loss.
Our cybersecurity experts in Perth have compiled eight comprehensive, practical tips to help you stay safe on social media networks in 2026 and beyond.
1. Take Control of Your Privacy Settings
Most users assume default privacy settings are secure. Unfortunately, that’s rarely the case. Social platforms often prioritise visibility and engagement-not privacy.
Unsecured privacy settings can allow:
- Strangers to view your posts
- Scammers to scrape your data
- Hackers to gather personal information for phishing attempts
- Fraudsters to impersonate you
Cybercriminals use publicly available data to:
- Strangers to view your posts
- Scammers to scrape your data
- Hackers to gather personal information for phishing attempts
- Fraudsters to impersonate you
Even seemingly harmless details like your workplace, family members’ names, or recent travel plans can be exploited.
Platform-Specific Recommendations
- Set post visibility to Friends or Friends of Friends.
- Review your Timeline and Tagging settings.
- Limit who can look you up using your email address or phone number.
- Turn off public profile indexing by search engines.
- Set personal accounts to Private.
- Review tagged photos before they appear on your profile.
- Restrict message requests from non-followers.
- Disable activity status if privacy is a concern.
- Enable Protect Your Posts if the account is personal.
- Disable discoverability via phone number and email.
- Restrict direct messages from unknown users.
- Limit visibility of your connections.
- Control profile viewing options.
- Turn off profile data sharing with third-party apps.
- Avoid displaying personal contact details publicly.
Conduct a privacy audit every six months. Social platforms frequently update their policies and settings, which can reset or change your preferences.
2. Avoid Quizzes, Games, and Third-Party Apps That Request Profile Access
Find out your celebrity twin!
Which city should you live in?
Tag three friends to reveal your soulmate!
These quizzes may seem harmless — but many request access to:
- Your friend list
- Email address
- Birthday
- Profile information
- Photos
Third-party apps can:
Conduct a privacy audit every six months. Social platforms frequently update their policies and settings, which can reset or change your preferences.
- Harvest personal data
- Build marketing profiles
- Sell information to data brokers
- Expose your account to vulnerabilities
- Deploy phishing attacks
- Access connected accounts
- Launch identity theft campaigns
- Avoid granting unnecessary permissions.
- Review connected apps regularly.
- Remove unused or suspicious integrations.
- Use official apps only from trusted sources
3. Limit the Personal Information You Share
Oversharing is one of the leading causes of identity theft and targeted cyberattacks.
Cybercriminals analyse:
- Birthdays
- Anniversaries
- Travel updates
- Workplace announcements
- Children’s names
- Pet names
- Guess passwords
- Answer security questions
- Create convincing phishing emails
- Build fake accounts
High-Risk Information to Avoid Posting
- Full date of birth
- Home address
- Phone number
- Personal email address
- Upcoming travel plans
- Daily routines
- Financial details
- Post patient information
- Share photos without consent
- Discuss clinical cases online
- Reveal internal operational details
Implement a social media policy for your clinic to protect both staff and patients.
4. Remember: Once Online, Always Online
Deleting a post does not mean it’s gone.
Screenshots, screen recordings, and archived copies mean your content can be preserved permanently — even if removed later.
Think Before You Post
- Would I be comfortable if this appeared on the news?
- Could this damage my professional reputation?
- Could this be misinterpreted?
- Does this reveal sensitive information?
- Damage patient trust
- Violate professional codes
- Affect licensing
Adopt a “Pause Before Posting” mindset.
5. Block and Report Suspicious Accounts
Fake accounts and impersonation profiles are increasingly common.
- Recently created profiles
- Few followers but high engagement
- Generic profile photos
- Misspelled usernames
- Duplicate accounts of people you know
- Prevents viewing your content
- Stops direct messages
- Limits future contact
Reporting suspicious accounts also helps platforms remove malicious actors more quickly.
For Businesses and Medical Clinics
- Fake clinic pages
- Impersonation of doctors
- Fraudulent advertising using your name
6. Use Strong, Unique Passwords — and a Password Manager
Weak passwords remain one of the most common causes of data breaches.
- Pet names
- Birthdates
- “Password123”
- Reused passwords
- At least 12–16 characters
- Combination of upper/lowercase letters
- Numbers
- Symbols
- Completely unique per account
Example of strong password format:
- Generate strong passwords
- Store credentials securely
- Autofill login fields
- Alert you to compromised passwords
- 1Password
- LastPass
- Bitwarden
- Dashlane
For medical practices, enterprise password management is highly recommended.
7. Be Cautious of Duplicate Friend Requests
- Real photos
- Stolen personal information
- Copied biographies
They target your existing contacts to build credibility.
1) A criminal clones someone’s profile.
2) They send friend requests to that person’s network.
3) They send phishing links or money requests.
4) Victims assume legitimacy due to mutual connections.
- Verify unexpected friend requests via another channel.
- Ignore duplicate profiles.
- Inform the real person if their identity is being misused.
- Report fake accounts immediately.
8. Activate Two-Factor Authentication (2FA)
Two-Factor Authentication adds an extra layer of protection beyond your password.
Even if your password is compromised, attackers cannot access your account without the second verification factor.
1) SMS code
2) They send friend requests to that person’s network.
3) Biometric verification
4) Security keys
Use an authenticator app instead of SMS where possible. SMS can be vulnerable to SIM-swapping attacks.
For medical organisations, enable multi-factor authentication across:
- Email accounts
- Social media platforms
- Cloud storage
- Practice management software
Additional Modern Threats to Be Aware Of
In 2026, social media risks go beyond traditional hacking.
Deepfake Scams
AI-generated videos and voice cloning are increasingly used to impersonate executives or medical professionals.
AI-Powered Phishing
Attackers now use AI to craft highly personalised phishing messages that mimic real communication styles.
Social media reconnaissance is often used to launch targeted email fraud campaigns.
Cybercriminals gather personal details to manipulate victims psychologically.
Awareness is your strongest defence.
Building a Safer Digital Culture
Cybersecurity is not just an IT issue-it’s a cultural responsibility.
- Stay informed about evolving threats
- Update apps regularly
- Educate family members
- Conduct regular cybersecurity training
- Implement access controls
- Develop incident response plans
- Partner with professional IT support providers
Cybersecurity is not just an IT issue-it’s a cultural responsibility.
These are the 8 tips to stay safe on social media platforms. Since everything is going online, cybersecurity is a growing necessity now. Like to know more about cybersecurity or other related queries? Contact our cybersecurity experts or email at cybersecurity@computingaustralia.group. Our cybersecurity team is 24/7 ready to help you protect your business and data.
Jargon Buster
Password Manager – A software used to create, store and manage passwords in an encryption form.
Phishing – A social engineering attack intended to steal private information such as login credentials, credit card details or passwords.
Chris Karapetcoff
FAQ
How does penetration testing simulate real-world cyberattacks?
Social media security is critical because cybercriminals increasingly use advanced tactics like AI-powered phishing, identity theft, and account takeovers. Both individuals and businesses—especially healthcare providers—can face financial loss, reputational damage, and data breaches if accounts are compromised.
What is the safest way to protect my social media accounts?
The safest approach includes using strong, unique passwords, enabling two-factor authentication (2FA), reviewing privacy settings regularly, and limiting the amount of personal information you share online.
How does two-factor authentication (2FA) improve security?
Two-factor authentication adds an extra layer of protection by requiring a second verification step—such as a code from an authenticator app—before access is granted. Even if your password is stolen, attackers cannot log in without the second factor.
How can I identify a fake or duplicate social media profile?
Fake accounts often have few followers, recently created profiles, limited content history, or slightly altered usernames. If you receive a duplicate friend request, verify the person through another communication method before accepting.
Are privacy settings enough to keep my account secure?
Privacy settings are important but not sufficient on their own. You should also use strong passwords, enable 2FA, avoid suspicious links or apps, and stay informed about evolving cybersecurity threats.
