However, with all these capabilities come risks; not to just you, but your family, friends and employer.
In this blog entry I will discuss what these dangers are and how to use these sites more safely.
A common concern about social networking sites is privacy.
- Potential dangers include:
- Impacting Your Future: Many organizations search social networking sites as part of background checks. Embarrassing or incriminating posts, no matter how old, can prevent you from getting hired or promoted.
- Attacks against You: Cyber criminals can harvest your personal information and use it for attacks against you. For example, they can use your information to guess the answers to your “secret questions” to reset your online passwords, create targeted email attacks or apply for a credit card using your name. These attacks can also spill into the real world, such as identifying where you work or live.
- Harming Your Employer: Criminals or competitors can use any sensitive information you post about your organization against your employer. In addition, your posts can potentially cause reputational harm for your organization. Be sure to check with your organization’s policies before posting anything about your employer.
- Harming others: We have to always remember that the things we post on social networking sites is very public and others may be offended by what we post. Sometimes this may be what we call Bullying; at other times it is more innocuous, however it may still be negatively received.
- Limit the information you post. Don’t post anything personal. Yes, privacy options can provide some protection; however, keep in mind that privacy options are often confusing and can change frequently without you knowing. Facebook is notorious for doing this.
In Facebook, the default is to give you minimum security. In fact, currently, when a new Facebook account is created the user’s posts will be public. This is not a good idea. In fact it is recommended that users change their default settings so that ONLY FRIENDS see their postings.
- The privacy of your information is only as secure as the people you share it with. Limit your friends. In fact if someone is a stranger to you, then do not become friends with them.
- Be aware of what information friends are posting about you. It can be just as damaging if they post private information or embarrassing photos of you. Make sure your friends understand what they can or cannot post about you.
- You may change your settings so that posts and photos where you have been tagged are only seen by you and are hidden from your friends. If one of your friends posts something you are not comfortable with, ask them to take it down. At the same time, be respectful of what you post about others.
In addition to privacy concerns, social networking sites can be used by cyber criminals to attack you, your workstation or your device (Smart Phone). Here are some steps to protect yourself:
- Login: Protect your social networking account with a strong password and do not share this password with anyone or re-use it for other sites. In addition, some social networking sites support stronger authentication, such as two-step verification. Enable stronger authentication methods whenever possible.
- Variety of Passwords: Try not to use the same password for all your sites. Try to vary the password in some way. When one site gets hacked, then the hackers may try to use the same password to break into your other accounts. Don’t use the same password for banking as you do for facebook!
- Encryption: Many social networking sites allow you to use encryption called HTTPS to secure your connection to the site. Some sites like Twitter and Google+ have this enabled by default, while other sites require you to manually enabled HTTPS via account settings. Whenever possible use HTTPS.
- Email: Be suspicious of emails that claim to come from a social networking site; these can easily be spoofed attacks sent by cyber criminals. The safest way to reply to such messages is to never click the link in an email, but to go to the website directly, perhaps from a saved bookmark, and check any messages or notifications using the website.
Look out for certain types of scams:
- Twitter Scams:
- Users sending you a direct message such as “Did you see this picture someone posted of you”. This is a scam. Don’t click the link! The user may even be a colleague or friend. The reason they are sending you these messages is because they have been scammed.
- If you click something and then you are asked to login to Twitter, be careful. Check the address bar of your browser and make sure you are actually providing your username and password to the real twitter.com web site.For example if you see something like the picture below you will know that you are not giving your information to the REAL twitter.com: (look carefully at the address!)
- Facebook Scams:
- Malicious Links/Scams: Be cautious of suspicious links or potential scams posted on Facebook. Cyber criminals can post malicious links and if you click on them, they take you to websites that attempt to infect your computer. In addition, just because a message is posted by a friend does not mean it is from them, as their account may have been compromised. If a family member or friend has posted an odd message you cannot verify (such as they have been robbed and need you to send money), call them to confirm the message.
- Apps: Facebook give you the ability to add or install third-party applications, such as games. Keep in mind there is little or no quality control or review of these applications; they may have full access to your account and private information. Only install apps that you need, that are from well-known, trusted sites and remove them when you no longer need them.
Confusing Ads that are scams: You may see an ad that tells you that your computer is at risk, however clicking on the ad will prompt you to download and install malware. Don’t click it. Ignore it!
- Like and Share Scams: Did you know that these viral Facebook photos and posts that implore you to Like or Share them are often posted on Facebook for one single purpose? …to make scammers money? Just ignore them.
Social networking sites are a powerful and fun way to communicate with the world. If you follow the tips outlined here, you should be able to enjoy a much safer online experience. For more information on how to use social networking sites safely or report unauthorized activity, be sure to review the security pages of the sites you are using.
- Securing the Human http://www.securingthehuman.org/
OTHER RECOMMENDED LINKS
- 11 Security Tips for Online Social Networking: http://preview.tinyurl.com/b28a525
- FB Security: https://www.facebook.com/safety
- Your FB Security Settings: https://www.facebook.com/settings?tab=security
- SANS Security Tip of the Day: https://www.sans.org/tip_of_the_day.php
- Facebook Like and Share Scams http://thatsnonsense.com/blog/facebook-like-share-photo-scams-dont-make-scammers-rich/