Reporting Elections, Safety and Security of Journalists 1.Think before you share What is posted on social media is not necessarily only seen by the friends and family with whom you are directly connected. Depending on your account settings, what you post could be seen by anyone and everyone. And this isn’t limited to what you post, but also what posts or photos you are tagged in, groups you are part of or interests you follow. Cybercriminals frequently leverage publicly accessible social media information to tailor their attacks. The process, which is one aspect of Open Source Intelligence (OSINT), allows them to target specific individuals for an attack, or profile broad groups of people to attack. You may be thinking, “I’m not interesting, so that wouldn’t happen to me.” But that is not a safe way to think about social media security. Any employee can be targeted as a point of entry for a corporate level attack. Your profile tells a lot about you and might inspire a targeted phishing email or vishing call or text that results in an organisation network compromise. 1.1 Common social media sharing mishaps include: Workplace photos that expose details about your employer: First day of work photos with an ID badge can allow an attacker to create their own badge to walk through your workplace without question. Passwords or account details can be seen on sticky notes 44 https://zimbabwe.misa.org