The link to the IT Security Awareness Quiz is at the end of the article. Complete the quiz for an entry in a drawing for one of five $50 Amazon gift cards.

Social media keeps us connected with colleagues, family, and friends – especially valuable during the holiday season when we’re sharing updates from conferences, celebrating milestones, or simply staying in touch with our extended networks. However, this connectivity comes with significant risks that affect all of us in the UCSF community.

Recent data from StationX reveals that 1.4 billion social media accounts are compromised monthly, a staggering number that continues to climb. Beyond account takeovers, users face social engineering attacks, brand impersonation, malware distribution, and data breaches. Adding to these concerns, fraudulent advertisements dominate many platforms, while emerging technologies like deepfakes and AI-generated content make deception increasingly sophisticated.

Recognizing Digital Deception

Fraud detection requires both vigilance and healthy skepticism. Red flags include unsolicited messages demanding urgent action: Clicking suspicious links, sharing personal details, or making immediate payments are a few examples. Fraudulent websites often mirror legitimate ones with subtle URL variations, so always verify web addresses carefully.

Be particularly wary of “too good to be true” offers: Massive discounts, free money promises, or exclusive opportunities that create artificial urgency. If a seller refuses secure payment methods or pressures quick decisions, step away, it’s likely a scam.

UCSF-Specific Guidelines: Protecting Our Community

As members of a healthcare and research institution, we have additional responsibilities:

• Never share patient information or photos on any social platform
• Separate personal opinions from UCSF’s official positions—make it clear when you’re speaking personally
• Don’t use UCSF branding on personal profiles or blogs
• Keep proprietary UCSF information confidential—this includes unpublished research, internal processes, and institutional data

For comprehensive guidance, consult UCSF’s Social Media Policies and Best Practices, developed by UCSF Communications in response to current global events.

Your Digital Defense Strategy

Financial Safety:

• Avoid donating through social media requests. Legitimate charities rarely solicit via social platforms or unsolicited calls.
• Use strong, unique passwords for each account. Consider a reputable password manager like Keeper rather than browser auto-save features.
• Enable two-factor authentication wherever available. FBI data shows 99.99% of compromised accounts lacked this protection.
• Monitor financial statements promptly and contact institutions if statements are delayed.

Privacy Protection:

• Think before posting: Remember that “deleted” content can often be retrieved.
• Curate your connections carefully. Even trusted contacts can inadvertently compromise your information.
• Maximize privacy settings on all platforms. Look for “Settings,” “Privacy,” or “Account Details” sections.
• Disable location services and avoid posting travel plans or current whereabouts.

Technical Security:

• Maintain updated antivirus software and network security controls.
• Download apps only from official sources and keep them updated.
• Exercise caution on public Wi-Fi: look for “https” connections and heed browser warnings.
• Turn off file and printer sharing when using unfamiliar and public networks.

Account Management:

• Log into accounts regularly to detect unauthorized access.
• Close unused accounts: Dormant profiles are easier targets.
• Check if your information appears in data breaches at haveibeenpwned.com.
• Use unique strong passwords across platforms so one breach doesn’t compromise multiple accounts. 

Test Your Knowledge

Ready to put your social media security awareness to the test? Complete our Safe and Secure Social Networking Quiz. Everyone who passes receives one entry in our drawing for one of five $50 Amazon gift cards.

Additional Resources:

• UCSF’s Social Media Policies and Best Practices
• FTC: Social media: a golden goose for scammers
• Facebook Flooded with Ads and Pages for Fake ChatGPT, Google Bard and other AI services, Tricking Users into downloading Malware
• National Security Agency | Keeping Safe on Social Media
• Homeland Security Personal Safety & Security Social Media Privacy Settings
• StationX - Top Social Media Hacking Statistics & Trends for 2025