With the holidays fast approaching, there is always exciting trips and get-togethers to post to social media. Newsfeeds are chock full of family pictures, travel plans, and evidence of ugly sweater parties. Everyone is celebrating, as they should, and sharing their joy and laughter with those they love. Great! What could go wrong?
Unfortunately, a lot. Most people have heard about the dangers of not understanding social media privacy settings. But, in case you haven’t taken the proactive steps (and yes, they need to be proactive. The default settings are like throwing open the doors on your life and having a free-for-all.) here’s a beginners guide to why and how you should protect yourself online.
“Football and Thanksgiving leftovers, doesn't get much better than that!”
“If you know of anyone having a sale on wrapping paper, let me know.”
“Count down! Five days until we start our Christmas cruise!”
“Normally I love my job, but working through the holidays is the worst. :(”
These are pretty normal status updates, however one of the biggest threats on the internet lay within the list above.
Did you find it?
The key is knowing the line of sharing and over-sharing information. The third update in the list should be a red flag. It looks simple enough, but when you take a deeper look you may find something disturbing.
The person that wrote the update in question willingly and voluntarily told anyone who gets their status updates that they will be away from home for an entire week, starting in five days. They may as well put a sign in their yard saying, ‘Empty house for a whole week! Come rob me!’ To add insult to injury, a short scroll through this feed mentions that they also just bought a new TV for themselves, because, “What’s better than a 50in TV? A 60in TV!” Oh nice, a brand new TV and an empty house.
Yep, that'll do.
Immediately, people’s response to the above is, “Well, so what if my friends know about our holiday travel plans? They wouldn’t use that sort of info to do me harm”. Hopefully this is the case, but did you know that oftentimes friends of your friends can see what you post? This obviously presents a problem. (We aren’t even going to mention those random people from high school that you accepted as “friends” just to be nice.)
Now people you don't know - or trust - can see that you will be gone. Take the time to know and understand the privacy policies and controls for the websites you use. Here are some helpful links:
Another issue with social media is your privacy. Some may argue it isn’t reasonable to expect any privacy when using social media. One of the other hand, everyone’s privacy is worthy of respect. Unfortunately, even platforms that are committed to privacy aren’t impenetrable from hackers. Some reports have even shown a rise in the popularity of good old fashioned Polaroids, because anything you upload to a remote server can (and eventually will) be hacked.
The double edged sword of social media is the way it is monetized. We are relying on a third party, which profits from the mining of our data, to protect us. No matter how good their intentions are, they make money from the information we share. Have you ever set up a Facebook ad? The amount of demographic data that they know about you and can sell to advertisers is bone chilling.
That cat is just waiting to steal your identity. And your high score.
Remember when you installed Candy Crush or Farmville (you know you did it) and you had to accept permissions? Most users don’t know, but assume these permissions are necessary and harmless. In fact, these permissions are handing over your data to yet another company.
Most people use their social media services from their mobile devices, without thinking through the effect it may have your online security. The majority of social media sites use some form of geo-location tagging when you update your status, tweet, or upload a picture.
This information can be used by hackers (or just big data companies) to create a map of where you have been, the frequency in which you go to that place, but also where you are at this very moment. How is this legal? Last time we heard, cyber stalking was a third degree felony.
Remember those “20 things about me” lists that sometimes go around social media? Twenty seemingly random questions may seem innocent, but a few can reveal more about a person than they realize. Let’s play another game:
- What was your most embarrassing moment?
- Have you ever played hooky?
- What was the name of your first elementary school?
- What was your childhood pet’s name?
Looking at this list of questions, you should quickly see one that is familiar. If you have ever set up an online account with security questions, like at a bank or credit company, you have most certainly seen the 3rd question.
Companies use security questions to validate your account in the result of being locked out for a forgotten password. Imagine if this information is sitting out there on social media. Yikes.
Till Death Do Us Part
It is a very common practice for married women to use their maiden names in their profiles, so that childhood friends can find them. It’s also common to tag relatives like parents, aunts, uncles, and cousins.
Of course, if your name starts with "King" or "Queen" you might want to reconsider social media altogether.
Unfortunately, it just doesn't take a lot of digging to get to your mother’s maiden name. This is one doozy of a security question, which is often used by banks, governmental agencies, and other financial institutions.
The Real Issue
The real problem is not with social media and its privacy policies, but rather that we as users are so willing to trust someone with our most personal information. Whether it is social media or passwords, we as users are the biggest threat to our online security. We are social and predictable creatures, full of faults.
Information gathered on social media sites are used everyday against people. Be very careful about what you choose to share. You may not ever realize why you became a target for physical or cyber crime. But, just like you would take precautions in the real world, it is smart to take a few steps online as well.
Here are a few things to remember:
- Assume no privacy. Don’t give away ownership of information that you wouldn’t want shared with the world.
- Don’t take part in chain mail. If you do, or have in the past, come up with a second set of answers that you use consistently for security questions and don't’ share them.
- Check your settings. Don’t assume anything and check them regularly (when you reset your passwords is a good time.)
- Keep it light. Feel free to share on social media, but don’t give away the keys to the kingdom. The bad guys are looking for an opportunity.