BE SECURITY CONSCIOUS: Tips for Using Social Networks and staying safe

There are many ways that information on social networks can be used for purposes other than what the user intended. Below are some practical tips to help users minimize the privacy risks when using social networks.  Be aware that these tips are not 100% effective.  Any time you choose to engage with social networking sites, you are taking certain risks.  Common sense, caution and skepticism are some of the strongest tools you have to protect yourself.

Registering an Account

·        Use a strong password different from the passwords you use to access other sites.

·        If you are asked to provide security questions, use information that others would not know about you. 

·        Never provide a work-associated email to a social network, especially when signing up.  Consider creating a new email address strictly to connect with your social networking profile(s).

·        Consider not using your real name, especially your last name. Be aware that this may violate the terms of service of some social networks. 

·        Review the privacy policy and terms of service before signing up for an account.   

·        Be sure to keep strong antivirus and spyware protection on your computer.

·        Provide only information that is necessary or that you feel comfortable providing.  When in doubt, err on the side of providing less information.  Remember, you can always provide more information to a social network, but you can’t always remove information once it’s been posted.

·        During the registration process, social networks often solicit a new user to provide an email account password so the social network can access the user’s email address book.  The social network promises to connect the new user with others they may already know on the network. To be safe, don’t provide this information at all.  There are some social networks that capture all of a user’s email contacts and then solicit them – often repeatedly – to join.  These messages may even appear to be from the original user.  If you consider providing an email address and account password to a social network, read all agreements very carefully before clicking on them. 

Using an Account

·        Become familiar with the privacy settings available on any social network you use.  On Facebook, make sure that your default privacy setting is "Friends Only".  Alternatively, use the "Custom" setting and configure the setting to achieve maximum privacy.

·        Don’t share your birthday, age, or place of birth. This information could be useful to identity thieves and to data mining companies.

·        Stay aware of changes to a social network’s terms of service and privacy policy. You may be able to keep track of this by connecting to an official site profile, for example Facebook’s Site Governance. 

·        Be careful when you click on shortened links.  Consider using a URL expander (as an application added to your browser or a website you visit) to examine short URLs before clicking on them.   Example of URL expanders include LongURL, Clybs URL Expander and Long URL.

·        Be very cautious of pop-up windows, especially any that state your security software is out of date or that security threats and/or viruses have been detected on your computer.  Use your task manager to navigate away from these without clicking on them, then run your spyware and virus protection software. 

·        Delete cookies, including flash cookies, every time you leave a social networking site.

·        Remember that whatever goes on a network might eventually be seen by people not in the intended audience. Think about whether you would want a stranger, your mother or a potential boss to see certain information or pictures. Unless they are glowing, don't post opinions about your company, clients, products and services. Be especially cautious about photos of you on social networks, even if someone else placed them there.  Don’t be afraid to untag photos of yourself and ask to have content removed.  

·        Don’t publicize vacation plans, especially the dates you’ll be traveling. Burglars can use this information to rob your house while you are out of town.

·        If you use a location-aware social network, don’t make public where your home is because people will know when you are not there.  In fact, you should be careful when posting any sort of location or using geotagging features because criminals may use it to secretly track your location. For the same reason, be careful not to share your daily routine. Posting about walking to work, where you go on your lunch break, or when you head home is risky because it may allow a criminal to track you.

·        Be aware that your full birth date, especially the year, may be useful to identity thieves.  Don’t post it, or at a minimum restrict who has access to it.

·        Don’t post your address, phone number or email address on a social network.  Remember scam artists as well as marketing companies may be looking for this kind of information. If you do choose to post any portion of this, use privacy settings to restrict it to approved contacts. 

·        Use caution when using third-party applications.  For the highest level of safety and privacy, avoid them completely.  If you consider using one, review the privacy policy and terms of service for the application.

·        If you receive a request to connect with someone and recognize the name, verify the account holder’s identity before accepting the request.  Consider calling the individual, sending an email to his or her personal account or even asking a question only your contact would be able to answer.  

·        If you receive a connection request from a stranger, the safest thing to do is to reject the request. If you decide to accept the request, use privacy settings to limit what information is viewable to the stranger and be cautious of posting personal information to your account, such as your current location as well as personally identifiable information.

·        Be wary of requests for money, even if they are from contacts you know and trust. If a contact’s account is compromised, a scam artist may use his or her name and account to attempt to defraud others through bogus money requests. 

·        Take additional precautions if you are the victim of stalking, harassment or domestic violence. 

·        In the event that your social networking account is compromised, report it to the site immediately and alert your contacts.  You will need to change passwords, but proceed with caution because your computer security may have been compromised.  Malware, including key-logging software, may have been installed on your computer.  If you use online banking, do not log on from the computer that may have been compromised until you have ensured your computer security is intact. 

·        Prune your "friends" list on a regular basis. It's easy to forget who you've friended over time, and therefore who you are sharing information with.

·        If you are using a social networking site that offers video chatting, pay attention to the light on your computer that indicates whether or not your webcam is in use. This will help you avoid being "caught on camera" by accident.

·        Be sure to log off from social networking sites when you no longer need to be connected.  This may reduce the amount of tracking of your web surfing and will help prevent strangers from infiltrating your account.

·        Remember that nothing that you post online is temporary.  Anything you post can be cached, stored, or copied and can follow you forever.

·        Check your privacy settings often.  Privacy policies and default settings may change, particularly on Facebook.