Social Media Security Tips

There are various ways you can get scammed or, at the least, embarrassed if you don’t follow general security practices when using social networking sites such as Facebook and Twitter. Don’t worry, if it happened to you, you’re not the only one. The Associated Press, Burger King and The Onion have all recently had their Twitter accounts hacked. Various celebrities have had their Facebook accounts hijacked. They are then used to spread misinformation or to post links that lead to malware.

Twitter recently implemented two-factor authentication to crack down on the problem. No word yet on whether Facebook will follow suit. Facebook does offer something called Login Approvals, its version of two-factor authentication, to protect users from takeover attempts of their account.

To learn more on protecting accounts and preventing scams, go to the companies’ security guidelines pages:

Tips for Facebook’s Timeline Feature

Some of my friends on Facebook have been worried about the Timeline feature. As good cyber citizens they are wary whenever a new feature is introduced that might reveal more personal information than they would prefer.

The most worrisome part of Timeline is that friends can view a digital comprehensive history of your life. As an article at http://netsecurity.about.com states: “Law enforcement, potent employers, stalkers, and others who review Facebook profiles will love the timeline as they can navigate life histories with ease.”

If you are using the Facebook Timeline (you must enable it to have it), or you wish to use it in the future, I suggest reading the full http://netsecurity.about.com article to see how you can secure your personal information. It explains what the security and privacy implications are when you enable the new feature and provides some tips to ensure that what should be private remains private.

Social Networking Safety Tips

This month’s “OUCH!” newsletter by the SANS Institute covers social networking sites such as Google+, Facebook, Twitter and LinkedIn. The newsletter covers the risks and how to use these sites safely.

Download the English version here (pdf).

Can Social Media Cause You Harm?

When using such social media communication tools as Twitter or Facebook, we may not always think about who will be able to see our comments and posts. As far as we know, only our friends and followers can see them. But is this true?

In two recent articles on the Boston Globe I found several examples listed of when posts made to Facebook led to job termination or other problems with employers. The lesson it teaches is that what for you might be a mechanism for venting or sharing your working situation with your trusted friends, is for others a reason to see you as unsuitable in your job.

In a perfect world, our online conversations are protected by the privacy settings on Facebook and in some cases the First Amendment protects us as well, but common sense tells us that these “protections” are not iron-clad. The internet, and social media by design, is a public forum for conversations. A secret is not a secret if it is conveyed to more than one person.

Best rule of thumb: If you don’t want even one other person knowing about something you think or feel, it’s best not to use the Internet to share those feelings and thoughts.

Read the stories at Boston.com:
Facebook comments bring firing and a fight
Teacher fired over ‘friending’

Facebook, AOL, Email Communications Intercepted by Law Enforcement

Christopher Soghoian, a doctoral candidate at the School of Informatics and Computing at Indiana University, recently published a paper on the reporting gap of electronic surveillance by law enforcement agencies.

While US law requires reporting of requests to intercept communications data in real-time, no such requirement exists for requests for stored communication data. As a result, most modern surveillance now takes place entirely off the books and the true scale of such activities, which vastly outnumber traditional wiretaps and pen registers, remains unknown. Law enforcement agencies have already made tens of thousands of requests for stored data from companies like Facebook and AOL, and you may never know about it.

This is another good reason to keep your communications via the Internet legal and “clean,” as you never know who might be watching or reading!

Read the story at Techworld.com.

Facebook Goes to HTTPS

Facebook is getting a little more serious about security after the CEO’s fan page got hacked. Facebook wrote on their blog that they are rolling out the option for users to access Facebook via a secure SSL (https) connection. According to the blog article, users need to go to their account settings and choose “secure browsing” from the account security section of the page.

This change is being rolled out over the next few weeks so not everyone will see the new option right away. The blog post does warn that the browsing experience may be slower (due to the encryption overhead) and that not all 3rd party applications are compatible with secure SSL at this time.

Read the full story on CNet.com.

What Not to Post to Facebook

According to an article by About.com on Internet Security, there are 5 things you should never post on Facebook. I want to share them with you here:

  1. Your or your family members’ full birth date (if you must, you can put in the day and month but leave out the year). Identity thieves use this information as one of the 3 to 4 pieces of information they need to steal your identity.
  2. Your relationship status, especially when you are single. Stalkers may use this information to go after you.
  3. Your current location.The problem with this is that you are telling everyone that you’re on vacation or not at your house.
  4. The fact that you’re home alone. Again, you wouldn’t walk into a building and tell everyone there you are going to be all alone at your house.
  5. Pictures of your kids tagged with their names. This kind of information could be used by predators to lure your child. They could use the child’s name and the name of their relatives to build trust. Your real friends already know your children’s names. Just leave any identifying information off.

Removing all this information if you’ve already divulged it on Facebook may be a daunting task. You may feel safe enough because you’ve set your privacy setting so that your information is only visible to your friends. However, you don’t know if your friend had their account hacked or someone may be reading over their shoulder at the library. This may be the best solution for the sake of safety for you and your family.