7 Steps to Stem Facebook Privacy Bleeding

Why You Should Share Facebook Privacy Settings with Friends

A true friend does more than just post updates about their conquests on your wall. They share information with you that makes your life better, even if it isn’t exactly what you want to hear. And you do the same for them. But are your friends unwittingly sharing too much information about you with others (strangers, advertisers, app developers, scammers)? Probably. For example, if they (or you) haven’t customized your privacy settings lately, you are giving Facebook permission to:

  • Publish your name, photo, birth date, hometown and friend list to everyone?
  • Indirectly share your restricted data with outsiders through your friends?
  • Let your friends check you in to embarrassing locations where you aren’t?
  • Post your Likes as advertisements on friends’ walls using your name?
  • Authorize Google to index, access and share your information on the web?

Taking simple steps will make a significant difference. Start with the 7 Facebook Privacy Settings below and ask your friends to do the same. It benefits their privacy and yours. The video to the left quickly walks you through how to get to each level of privacy setting. If the video is too small for you to see the pointer, simply click on the four arrows in the bottom right-hand corner of the video viewer (to the right of the YouTube logo) to view in full-screen mode. For better resolution, use the drop down menu to switch to 720 HD.

Facebook Apps Leaking Your Information

A report was recently published claiming that nearly 100,000 Facebook apps have been leaking  access codes belonging to millions of users’ profiles. Symantec released the report and said that an app security flaw may have given apps and other third parties access to users’  profiles. Facebook maintains that they have no evidence of this occurring.

In their report, Symantec wrote:

We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.

These “access tokens” help apps interact with your profile.They are most often used to post updates from the application to your wall. When you add the applications to your profile you, as the Facebook user, is giving the apps access to your information by accepting their conditions.  According to the investigation, these tokens were included in URLs sent to the application host and were then sent to advertisers and analytics platforms. If the recipient recognized the codes (meaning they have to be qualified to read and write HTML code), they could gain access to the user’s wall’s and profile.

Facebook Nigerian Scam Costs Victim $300,000+

At this point, we are all pretty used to the classic Nigerian Scam. Someone who is recently wealthy needs your help to gain access to the funds. They will let you keep $1 million if you will simply send them your bank account number so he can transfer $30 million to you. Its a dream come true to most!

What happens when that same scam is used on Facebook by one of your friends, by someone you trust? The results can be disastrous. One woman was scammed out of $366,000 because she felt sorry for the scammer’s sob story. The woman contacted the local authorities after realizing she had been conned by her Facebook “friend”. Police arrested six male suspects in Kepong, all allegedly connected to the Facebook scam: two Nigerians, two Bangladeshis, and two Malaysians. Investigators only managed to recover $5,000 in cash of the victim’s money, although they also seized 18 ATM cards, seven cell phones, and a laptop.

At least in this case the men were apprehended. In most scams of this nature there is no chance of finding the scammers and the money is long gone. Even when one of your Facebook friends asks you for something (money, help, information), your first reaction should be healthy skepticism. Verify that what they are saying is true (call them before sending money). Often times, a thief will take over a friend’s account or create a false account in order to gain your trust and eventually, your money.

Facebook Can Use Your Photos in Their Ads Without Permission

Did you know that Facebook can use photos you post on the site in advertisements targeted on the right (advertising) side of your contact’s profile?

Unless you customize your privacy settings, Facebook can share just about anything you post with just about everyone. Using your intellectual property for their financial gain is not a new Facebook issue, but one that should be revisited due to recent Facebook Privacy changes. Here’s the funny part: you gave Facebook the right to use any of your content in any way they see fit when you signed up for your account and didn’t read the user agreement. If you visit the Facebook Statement of Rights page you will see the following:

You own all of the content and information you post on Facebook, and you can control how it is shared through your privacy and application settings. In addition:

  1. For content that is covered by intellectual property rights, like photos and videos (“IP content”), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (“IP License”). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it.

Facebook Safety: New HTTPS Facebook Settings

Facebook has announced that they will be rolling out a new security feature that will add full HTTPS support to the site. The new secure site uses the same underlying technology that banks use to keep your communications out of the reach of potential hackers. While many people don’t have this feature yet and mine just showed up today, eventually all users should have the capability.

To enable HTTPS, log into your Facebook account and at the top right go into Account -> Account Settings.

Once there, scroll all the way to the bottom and click “change” next to Account Security.

The following screen should pop up. Check the box under Secure Browsing. You can also check “send me an email” (or a text message to your cell phone, which I don’t advise giving to Facebook) so that if someone tries to log into your account from a new computer, Facebook will immediately alert you. This is a good way to find out fast if your account has been hacked.

How to Keep Your Facebook Secure by Enabling HTTPS

Facebook rolled out these secure settings to make Facebook seem safer, but like many of their security changes, they are turned off by default. You must go in and manually change the feature to gain the added security.

Identity Theft of Social Security Numbers Using Facebook

This recent video from Yahoo shows how easy it is for identity thieves to steal Social Security numbers just by using the information you share online. If you share your birthdate, name, and hometown in your Facebook profile, you are already at risk.

Click Here to learn more about protecting yourself online and on Facebook.

John Sileo is an information survival expert whose clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. He is the author of Privacy Means Profit and earns his keep delivering highly motivational identity theft speeches.

Facebook Boiling the Privacy Frog (You)

Facebook is preparing to give away your phone number and address to app developers and advertisers.

The frog is officially beginning to boil. Just check out all of the articles swirling around on the internet about Facebook’s latest attempt to release more of your information without your consent. This time they want to give out your phone number and address. They were pretty clear that the reason they want this information is to pass it on to developers of apps such as Farmville and advertisers that want to bolster their profile on you. They released the post late Friday afternoon – so late in fact that many news outlets didn’t pick it up until Monday. Many are accusing Facebook of trying to bury the news.

Here is what was posted:

User Address and Mobile Phone Number
We are now making a user’s address and mobile phone number accessible as part of the User Graph object. Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions. These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.

Although users currently have to give applications permission to access their information, there is a slight addition above to the type of information being shared. Look for  “Access my contact information”, with the subtitle “Current Address and Mobile Phone Number” (see image above). If Facebook were actually interested in making their data sharing strategy noticeable, at least they could have bolded the warning rather than the hey-don’t-pay-attention-to-me-faded-gray they used.

WSJ Article Quotes Identity Theft Expert, John Sileo

How To Beat The Online Scammers

(A Wall Street Journal Excerpt by Jennifer Waters)

Your pet’s name is a fraudster’s best friend.

You may think you’re giving up precious little when you tell your Facebook friends that you’re dressing your pooch, Puddles, in your favorite color, red, for brunch at Grandma’s on Sunday. But you’ve actually just opened a Pandora’s box of risks.

The information consumers willingly, and oftentimes unwittingly, unleash on social-media websites sets off a feeding frenzy among fraudsters looking to steal everything from your flat-screen TV to your identity…

Too much information can hurt you in other ways. John Sileo, a Denver-based identify-theft expert, says your online chatter could equip an ex-spouse with ammunition for a court challenge. Future or current employers could have a problem with information about your personal life that they deem inappropriate for a member of their staff, he says. You also could be furnishing a would-be stalker with information about your whereabouts. Click Here to Continue Reading….

Web Design & SEO by Prime Concepts Group, Inc.