Too much information. Online as well as offline there is such a thing as “too much information”. While social media is a powerful trend that plays various roles – from meeting the need to socialize to acting as a broad communication and organizing tool – users should be aware of the quality and quantity of information they share. Generally, for example, never post your vacation times on Facebook – it is a giveaway informing potential thieves that your house is vacant. Never give out sensitive information and limit yourself to the details you are comfortable to share with people you do not know well or not at all (location, work history). Ill intended people could use that information to impersonate you (for a loan application for example) or even steal your account (by guessing your security question based on information you give for anyone to see – like for example “what is your maiden name” or “what is your pet’s name”). Fraudsters can also use social engineering to work their way into your company’s network. Remember that online social networking is much more disseminated and uncontrollable than offline social interaction. To understand this think about how many friends a person has in real life compared to Facebook. Then think about how many of your real life acquaintances you really trust.
Verify identity. Many scammers use fake/stolen online identities in order to achieve their goals. If someone you know suddenly acts out of place – that’s to say their online avatar does – use the phone to verify their account wasn’t hacked. Online, anyone can simulate to be whoever he or she wants to be – even a celebrity, but that does not necessarily mean they actually are that person. Make a habit of looking out for anything out of the ordinary: Would this person say/post that (including typos and grammar)? Would he/she act this way? Think twice and verify links you are invited to click – many scammers use a fake identity to play the same trick they do with e-mails – and ultimately direct unsuspecting people to malicious websites. Be wary with invitations from people you do not know, also if they appear to be friends of your friends.
Learn to customize your privacy/security options. Apart from changing your password regularly and never using the same password for multiple accounts, learn not to take the default privacy options for granted. Social networks offer users multiple options of customizing privacy – go to your account settings and tweak these options to achieve a stronger level of control over who and what they see on your public account. Think about the balance between the need to be popular and your privacy and data security – and decide which is stronger.
Use tags with caution. Tagging is an easy way to identify people in a picture or a post, but the downside is that the tagged person can interpret this as a privacy violation or it can backfire as a privacy violation. Usually you can manually un-tag yourself or approve the tag before it is published – if you set up your privacy options accordingly. Remember not only your friend have access to your tagged information, but also the friends of their friends. While you cannot control your friends’ settings, you can decide who sees your activity (from privacy settings of your account). You can also ask your friend to take down a tagged photo.
Click responsibly. Same as with e-mail links, use caution when deciding to click on a link served to you via a social network. Online identity theft and fake identities make it difficult to be sure who is behind an online action. Even if a friend sent you the suspicious link in good faith, be aware that he or she can be misinformed. Use the link double-checking tips discussed in E-mail Security. In addition, the same as with online banking, when logging in manually type the social network address in the browser’s address bar instead of clicking a link to do it – to make sure that your account will stay yours. Moreover, always log off and clear browser cache after using your social network account on a public computer.
Do you personally know all your social network friends? Always keep in mind that you most probably do not personally know every person in your friends list. The larger the number of friends, the less control you have over who’s who. Act accordingly. If possible, use selectivity when accepting/rejecting friends’ requests. If someone is molesting you via a social networking service, the service usually provides a blocking feature along with the possibility of reporting that person for inappropriate behaviour.
Third party applications. Social networks such as Facebook abound in third party applications (games, causes and many more). Nevertheless, cyber-criminals can sometimes use applications like these in order to steal your personal information. Use the same guidelines as you would do with any other file download.