Phishing attacks aren’t limited to emails–social media platforms represent a serious threat as well. This ebook offers tips for both users and IT to help combat such attacks.

From the ebook:

Be wary of bots
Keep an eye out for bot accounts and block them, since they aren’t likely to promote honest or legitimate content. Be cautious of any Twitter and Facebook accounts where something doesn’t look quite right, or they seem especially aggressive. Telltale signs of a bot include accounts with random names/numbers, accounts that frequently repost items, accounts posting material that doesn’t seem relevant to the context of a discussion or thread, and accounts that contribute no actual content but just share/retweet other accounts.

Investigate details behind questionable ads
Use Facebook’s “Info and Ads” to determine the motivations behind ads. For instance, when you see a political ad on Facebook that seems suspect or sensational, click the ad and then click the page associated with it. Facebook’s goal is provide “increased accountability for bad actors, which will help to prevent abuse on Facebook” and to “bring additional transparency to Pages and the ads they’re running.”

If the ad comes from a less-than-reputable source, disregard future content from this page or entity, as phishing attempts are more likely from these types of accounts.

Use a quality filter
If it is not already on, activate your quality Twitter filter. This tool (which is enabled by default) helps you locate the quality tweets amongst the noise generated by bots and other low-value entities.

To check your settings, click your profile picture at the top right of the Twitter site and then choose Settings. At the Settings screen, select Notifications from the left column. Check the Quality Filter box to enable the filter.