Why You Should Share Facebook Privacy Settings with Friends

A true friend does more than just post updates about their conquests on your wall. They share information with you that makes your life better, even if it isn’t exactly what you want to hear. And you do the same for them. But are your friends unwittingly sharing too much information about you with others (strangers, advertisers, app developers, scammers)? Probably. For example, if they (or you) haven’t customized your privacy settings lately, you are giving Facebook permission to:

• Publish your name, photo, birth date, hometown and friend list to everyone?
• Indirectly share your restricted data with outsiders through your friends?
• Let your friends check you in to embarrassing locations where you aren’t?
• Post your Likes as advertisements on friends’ walls using your name?
• Authorize Google to index, access and share your information on the web?

Taking simple steps will make a significant difference. Start with the 7 Facebook Privacy Settings below and ask your friends to do the same. It benefits their privacy and yours. The video to the left quickly walks you through how to get to each level of privacy setting. If the video is too small for you to see the pointer, simply click on the four arrows in the bottom right-hand corner of the video viewer (to the right of the YouTube logo) to view in full-screen mode. For better resolution, use the drop down menu to switch to 720 HD.

7 Facebook Privacy Settings to Share with Your Friends

1. Hide Your Hometown, Friends & Interests from Strangers. You may want every last soul on Facebook to know who your friends are, but your friends might not appreciate being part of your popularity contest. And believe me, you don’t want outsiders knowing where you live, where you were born and what interests you. To block people other than your friends from seeing your these items, in the upper right hand corner of your home Facebook screen once you are logged in, click Account>>Privacy Settings. Then go to View Settings (under Connecting on Facebook). Set See your friend list, See your current city and hometown, See your education & work and See your likes, activities and other connections to Friends Only. You can even block everyone, including friends, from seeing these personal tidbits by clicking on the Everyone button, selecting Customize and choosing Only Me.
   
2. Restrict (or alter) Your Personally Identifying Information (PII). Facebook PII includes your Birthday, Address, Email, IM Screen Name and Phone Numbers. With just your name, birthdate and hometown, a scammer can easily recreate your Social Security number, steal your identity, or rob your home while you’re on vacation. My recommendation is to leave these fields blank in the first place (where possible) or fill them with partial or inaccurate information (make up a birthdate that is close to yours but not exact. Please note this may be in violation of Facebook’s user policy.). Either way, you should also limit others from accessing your PII. Click on Account>>Privacy Settings and then Customize Settings (towards the bottom of the sharing grid – look for the tiny pencil). Each drop down box to the right allows you to Customize your setting for that item. Using the Customize option, set Birthday (under Things I share) and Address, IM Screen Name, Email, Phone Numbers (under Contact information) to Only Me. Consider setting Religious and political views and Interested in to Only Me or Friends Only as well. The primary way a social engineer (information con artist) exploits you is by understanding what interests you. 
3. Stop Broadcasting Your Whereabouts in Places. Like the popular application Foursquare, Facebook Places allows you to check in to real-world locations and share your whereabouts with friends (so that burglars know exactly when to rob you). There are two relevant settings regarding Places. First of all, you should limit which users can see which places you can check in to. Click on Account>>Privacy Settings and then Customize Settings (see the first video for direction). Set Places you check in to (under Things I share) to Only Me (using the Customize feature) if you want to disable Places or to Friends Only if you want your friends to know your location. In a very strange default setting, Facebook allows your friends to check you in to places (e.g., a friend checks you in to a strip club while you are at the library). To turn this off, on the same screen, click on Edit Settings next to Friends can check me in to Places (under Things others share). In the drop down menu, choose Disabled and click Okay.
4. Limit How Your Photos & Videos are Shared. If you allow everyone to see photos or videos in which you are tagged (the default), anyone can post a compromising photo of you (friend or otherwise) and then share it with the world by tagging you in the photo. This can lead to some very embarrassing situations (you’d never post the pictures taken at the bachelorette party, but the scorned bridesmaid just might). There are two settings you need to change to fix this. First, click on Account>>Privacy Settings and then Customize Settings (find the pencil). Click on Edit Settings next to Photos and videos you are tagged in (under Things others share). Change the drop down menu to Customize and change the setting to Only Me if you don’t want others to see your tagged photos or to Friends Only if you want your friends to see the tagged photos. Click Save Settings. Then, in respect for your friends, make sure you aren’t accidentally allowing their friends to see photos in which you tag them. To do this, go to Account>>Privacy Settings. Towards the bottom of the page (above the pencil) is a check box that says Let friends of people tagged in my photos and posts see them. Uncheck this box. 
5. Restrict Google and Apps from Mining Your Identity. By default, Facebook allows search engines like Google and applications (apps) like Farmville access to certain personal information. After all, Facebook is in the business of inventorying your identity and then selling it to vendors and advertisers. To regulate how much is shared, click Account>>Privacy Settings and then Edit your settings (under Apps and Websites in the bottom left-hand corner). First, go to Public search and Edit Settings. Unclick the Enable public search check box to keep the search engines out of your profile. If you use your Facebook profile for business and want to be searchable, leave public search enabled. Next, go to Apps you use and click Edit Settings. Review and Edit every app that has access to your private information or delete the access entirely. Having all of your social networking profiles connected and using Facebook as a centralized login for convenience is a recipe for privacy disaster.
6. Limit What’s Accessible Through Your Friends. No matter how tightly you lock your privacy down in Facebook, if you don’t restrict what strangers, vendors, advertisers and Friends of Friends can see through your friends, you have done very little to actually protect yourself. Here’s how to limit what your friends can share (knowingly or unknowingly). First, click Account>>Privacy Settings and then Edit your settings (under Apps and Websites in the bottom left-hand corner). Next to Info accessible through your friends, click Edit Settings. You will see an entire list of data that can be accessed through your friends Facebook page, EVEN IF THE SAME INFORMATION ISN’T ACCESSIBLE THROUGH YOUR PAGE (because you customized your privacy settings in steps 1-5). This is quite possibly the most devious aspect of Facebook. I only have two or three items checked here – those pieces of information that I wouldn’t mind seeing on the front cover of USA Today. That is how public these bits of data become if you allow your friends to share them. 
7. Turn On Your Account Security Features. Facebook has several built-in security features (turned off by default) that make your social networking a safer virtual world. Click on Account>>Account Settings and then Security (left column). First, under Secure Browsing (https), check the box next to Browse Facebook on a secure connection (https) whenever possible. The gives you bank-like security when accessing your Facebook pages. Under Login Notifications: When an unrecognized computer or device tries to access my account, check the box next to Send me an email. That way, if someone gains unauthorized access to your Facebook account on a non-registered computer (your computers and phones will be registered), Facebook automatically locks the user out. If you don’t mind sharing your mobile phone number with Facebook (I don’t share my # with them), you can implement a third security feature. Under Login Approvals: When an unrecognized computer or device tries to access my account, check the box next to Require me to enter a security code sent to my phone.

If you just took these first 7 Steps to protect your Facebook privacy – congratulations – your profile and data are more secure than 99% of the Facebook population. Now it’s your turn to be a good friend – pass this on to someone you care about, and ask them to spend a few minutes protecting themselves. It’s a win-win for everyone.

John Sileo is the award-winning author of Privacy Means Profit and a keynote speaker on social media privacy, identity theft prevention and manipulation jujitsu. His clients include the Department of Defense, Blue Cross, Pfizer and Homeland Security. Learn more at www.ThinkLikeASpy.com or contact him directly on 800.258.8076.

Related posts:

1. 5 Steps to Avoid Facebook Destruction in Business
2. 5 Steps to Good Privacy Habits
3. Facebook Reveals the End of Privacy

In their report, Symantec wrote:

We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.

These “access tokens” help apps interact with your profile.They are most often used to post updates from the application to your wall. When you add the applications to your profile you, as the Facebook user, is giving the apps access to your information by accepting their conditions.  According to the investigation, these tokens were included in URLs sent to the application host and were then sent to advertisers and analytics platforms. If the recipient recognized the codes (meaning they have to be qualified to read and write HTML code), they could gain access to the user’s wall’s and profile.

It was announced on Tuesday that the flaw has been fixed by Facebook, but I still recommend that you change your password. And don’t just change it every time Facebook experiences a breach, but every few months. By keeping all of your passwords current and original, you are decreasing the chances that you will be hacked and that your accounts (financial, social, and otherwise) will be compromised.

John Sileo is one of America’s leading Social Networking Security Speakers. You can learn more about Facebook Safety and how to protect yourself online here. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Related posts:

1. Facebook, Cigarettes and Information Addiction
2. Your Apps Are Watching You
3. Facebook Safety: New HTTPS Facebook Settings

What happens when that same scam is used on Facebook by one of your friends, by someone you trust? The results can be disastrous. One woman was scammed out of $366,000 because she felt sorry for the scammer’s sob story. The woman contacted the local authorities after realizing she had been conned by her Facebook “friend”. Police arrested six male suspects in Kepong, all allegedly connected to the Facebook scam: two Nigerians, two Bangladeshis, and two Malaysians. Investigators only managed to recover $5,000 in cash of the victim’s money, although they also seized 18 ATM cards, seven cell phones, and a laptop.

At least in this case the men were apprehended. In most scams of this nature there is no chance of finding the scammers and the money is long gone. Even when one of your Facebook friends asks you for something (money, help, information), your first reaction should be healthy skepticism. Verify that what they are saying is true (call them before sending money). Often times, a thief will take over a friend’s account or create a false account in order to gain your trust and eventually, your money.

John Sileo trains organizations on how to keep employees from falling for fraud based on data they have posted on Facebook. His clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. Learn more about his high-content financial speeches.

Related posts:

1. Nigerian Scam Takes a New Form
2. Facebook ‘Dislike Button’ is a Scam!
3. Identity Theft Scam Stole Millions – Pennies at a Time

On a site like Facebook that houses so much of your personal reputation and information, it is good to keep passwords new and difficult to hack. We see people’s Facebook profiles get hacked every day from clicking on malware and phishing schemes – and once they have your Facebook password, they probably have the same password you use on other accounts. Changing your password frequently, as simple as it sounds, is an easy way to avoid some of the privacy problems posed by Facebook. Once you are logged in, visit your Account Settings Page. On the first page next to Password click change.

Now that you are in your Account Settings, spend a minute clicking around to explore some of your other settings. While changing your password doesn’t solve all of your security issues, it will help you feel a bit safer on the social networking giant!

Related posts:

1. Facebook Safety: New HTTPS Facebook Settings
2. Facebook Privacy Settings Update
3. Facebook Reveals the End of Privacy

Did you know that Facebook can use photos you post on the site in advertisements targeted on the right (advertising) side of your contact’s profile?

Unless you customize your privacy settings, Facebook can share just about anything you post with just about everyone. Using your intellectual property for their financial gain is not a new Facebook issue, but one that should be revisited due to recent Facebook Privacy changes. Here’s the funny part: you gave Facebook the right to use any of your content in any way they see fit when you signed up for your account and didn’t read the user agreement. If you visit the Facebook Statement of Rights page you will see the following:

You own all of the content and information you post on Facebook, and you can control how it is shared through your privacy and application settings. In addition:

1. For content that is covered by intellectual property rights, like photos and videos (“IP content”), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (“IP License”). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it.
2. When you delete IP content, it is deleted in a manner similar to emptying the recycle bin on a computer. However, you understand that removed content may persist in backup copies for a reasonable period of time (but will not be available to others).
3. When you use an application, your content and information is shared with the application.  We require applications to respect your privacy, and your agreement with that application will control how the application can use, store, and transfer that content and information.  (To learn more about Platform, read our Privacy Policy and Platform Page.)
4. When you publish content or information using the “everyone” setting, it means that you are allowing everyone, including people off of Facebook, to access and use that information, and to associate it with you (i.e., your name and profile picture).
5. We always appreciate your feedback or other suggestions about Facebook, but you understand that we may use them without any obligation to compensate you for them (just as you have no obligation to offer them).

Make sure you customize your privacy settings so that you are sharing your data at a level comfortable to you. One place you may not realize you need to check is Facebook Ads. When you visit your Account Settings page the last tab on the right is Facebook Ads. By clicking on it you can adjust your settings  — after you read their pop up on not selling your information. Where is says “Allow ads on platform pages to show my information to” and “Show my social actions in Facebook Ads to” Check No One. This gives you just a bit more control over what Facebook can share about you and your profile.

As it states above,  information you delete from your Facebook may not be permanently deleted. Just know that once something hits the internet it is there for good. Posts, pictures, videos and comments on social networking site are public, permanent and exploitable.

Related posts:

1. Facebook Privacy: Videos, Photos and Status Updates
2. Facebook Safety: New HTTPS Facebook Settings
3. Facebook Boiling the Privacy Frog (You)

To enable HTTPS, log into your Facebook account and at the top right go into Account -> Account Settings.

Once there, scroll all the way to the bottom and click “change” next to Account Security.

The following screen should pop up. Check the box under Secure Browsing. You can also check “send me an email” (or a text message to your cell phone, which I don’t advise giving to Facebook) so that if someone tries to log into your account from a new computer, Facebook will immediately alert you. This is a good way to find out fast if your account has been hacked.

Facebook rolled out these secure settings to make Facebook seem safer, but like many of their security changes, they are turned off by default. You must go in and manually change the feature to gain the added security.

But HTTPS isn’t a cure-all for Facebook Safety. The real trouble arrives when you click on an App or quiz  that contains malware. Since you are giving permission for the App to install, you have just let the enemy in the back door. Stay away from Apps, Quizzes and Questionnaires from unknown sources. The malware allows a hacker to transport you off of the secure HTTPS site and onto a page where they can hack into your account. The higher your Privacy Settings are, the safer you are.

Two New Facebook Scams:

1. An email is sent to users saying that their Facebook account is being used to send spam, and that their password has been changed. They are told to open the attachment to find their new password. The attachment includes a Microsoft Word icon and even opens Word when you click to make you think its legitimate. In addition, the attachment opens all of the computer system’s communication ports and connects to mail services in an attempt to send spam.
2. Users are sent an instant message that contains a link, that when clicked, takes over the person’s Facebook account and locks them out. A message is displayed when they try to log in saying that their account has been suspended. In order to reactivate the account, they must complete a questionnaire (it even promises prizes for doing so).

Even  with the latest security changes in Facebook, users will always be the targets for spam, viruses and malware. Pass this onto friends and family so that everyone can be a little bit safer while online.

Click Here to learn more about protecting yourself online and on Facebook.

John Sileo is an information survival expert whose clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. He is the author of Privacy Means Profit and earns his keep delivering highly motivational identity theft speeches.

Related posts:

1. Facebook Safety Survival Guide
2. Facebook Privacy Settings Update
3. Facebook Changing Privacy Settings – Again!

This recent video from Yahoo shows how easy it is for identity thieves to steal Social Security numbers just by using the information you share online. If you share your birthdate, name, and hometown in your Facebook profile, you are already at risk.

Click Here to learn more about protecting yourself online and on Facebook.

John Sileo is an information survival expert whose clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. He is the author of Privacy Means Profit and earns his keep delivering highly motivational identity theft speeches.

Related posts:

1. Online Safety: The Truth About Social Media Identity Theft
2. Cyber-Bullying and Social Networking Identity Theft
3. Facebook Launches New Security Feature

The frog is officially beginning to boil. Just check out all of the articles swirling around on the internet about Facebook’s latest attempt to release more of your information without your consent. This time they want to give out your phone number and address. They were pretty clear that the reason they want this information is to pass it on to developers of apps such as Farmville and advertisers that want to bolster their profile on you. They released the post late Friday afternoon – so late in fact that many news outlets didn’t pick it up until Monday. Many are accusing Facebook of trying to bury the news.

Here is what was posted:

User Address and Mobile Phone Number
We are now making a user’s address and mobile phone number accessible as part of the User Graph object. Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions. These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.

Although users currently have to give applications permission to access their information, there is a slight addition above to the type of information being shared. Look for  “Access my contact information”, with the subtitle “Current Address and Mobile Phone Number” (see image above). If Facebook were actually interested in making their data sharing strategy noticeable, at least they could have bolded the warning rather than the hey-don’t-pay-attention-to-me-faded-gray they used.

Of course, Facebook and their faithful application developers are banking on the assumption that most users are willing to give up their privacy in order to access Facebook and all it has to offer. But, what they fail to remember is that a phone number and address are much more sensitive pieces of your identity than your picture and email address.

When do the slowly growing invasions of our privacy by Facebook become too much to handle? When has the privacy temperature in the Facebook Database been raised to the point that users are boiling? Will users ever leave the site in order to protect their identities? Facebook is making these changes so slowly (and late in the weekly newscycle) that the average user doesn’t realize that this invasion of our privacy has gone one degree to far.

I guess the simple way to resolve the issue for now is to remove your phone number and home address from your Facebook profile so that there is nothing to share. The larger question is what will Facebook do next? You never know – such information leakage may be a requirement to use the social networking site.

John Sileo is an information survival expert whose clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. He earns his keep delivering highly motivational identity theft speeches.

The Facebook Safety Survival Guide gives you extensive background knowledge on many of the safety and privacy issues that plague social networking sites, including Facebook, LinkedIn, Twitter, MySpace, and others. Social networking, texting, instant messaging, video messaging, blogging – these are all amazing tools that the American workforce uses natively (and naively), as part of their everyday lives. This Guide’s purpose is to make their online vigilance and discretion just as native, so that they learn to protect the personal information they put on the web before it becomes a problem. Social networking is immensely powerful and is here for the long run, but we must learn to harness and control it.

Related posts:

1. Boil the Frog Slowly: A Facebook Privacy Map
2. 7 Steps to Stem Facebook Privacy Bleeding
3. Facebook Reveals the End of Privacy

1. Setting up a weak password to get into your Facebook account, making account takeover an easy and attractive proposition for hackers. Not only does account takeover allow criminals to run Friends in Distress scams on your contact list, it also allows them to conduct illegal activity as you (generally child pornography or, ironically, the sale of stolen identities), so that you are liable for their crimes (unless you can prove otherwise).
2. Sharing too much personal identity information when you set up your initial profile (e.g., full name, birth date and hometown – small pieces of data that when added together, give a thief every thing he needs to determine your Social Security number and control your credit profile).
3. Failing to customize your privacy settings. This mistake could have a top 20 list all of it’s own, as it is such a significant risk if you do nothing. For example, if you take the default privacy settings in Facebook (most users do this without thinking), you are: allowing everyone in the network to see all of your wall posts and a great deal of personal profile information; allowing applications to access, aggregate and sell your data; giving outsiders access to your private photo and video albums; allowing your contacts and networks to share your information (unknowingly) with outside users, vendors, and non-friends; allowing others to publish your current location in Places (even if you aren’t there) and allowing Facebook to copy, store, print and utilize your data footprint in any way they see fit.
4. Posting travel plans or location data allows thieves to know exactly when to rob you, unhealthy ex-spouses where to stalk you and law enforcement how to deliver your subpoena.
5. Accepting friend requests from people that aren’t actually friends, extending your network to a group of people who could potentially take advantage of you or your contacts. If you don’t know them in person, don’t befriend them digitally.
6. Posting photos or videos that put your children, friends or self at risk. 99% of Facebook users are there for the right reasons – to connect in a healthy way. Unfortunately, the other 1% are made up of pedophiles, stalkers, burglars, identity thieves and sick individuals who use photos and videos in your albums to identify you in person. Don’t even get me started on all of the disheartening stories I hear on this topic.
7. Failing to monitor your child’s online presence for bullying, inappropriate content, conversations or contact. In my experience, an uninvolved parent ends up being a sorry parent.

Don’t fall prey to the 7 Deadly Mistakes (and there are many more). Take steps before it is too late to protect yourself, your family, your business and your reputation. For more information, learn more about The Facebook Safety Survival Guide.

John Sileo is an information survival expert whose clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. He earns his keep delivering highly motivational identity theft speeches.

The Facebook Safety Survival Guide gives you extensive background knowledge on many of the safety and privacy issues that plague social networking sites, inlcuding Facebook, LinkedIn, Twitter, MySpace, etc. Social networking, texting, instant messaging, video messaging, blogging – these are all amazing tools that the American workforce uses natively, as part of their everyday lives. This Guide’s purpose is to make their online vigilance and discretion just as native, so that they learn to protect the personal information they put on the web before it becomes a problem. Social networking is immensely powerful and is here for the long run, but we must learn to harness and control it.

Related posts:

1. The 7 Deadly Sins of Privacy Leadership: How CEOs Enable Data Breach
2. Facebook Safety Survival Guide
3. Facebook Safety: New HTTPS Facebook Settings

(A Wall Street Journal Excerpt by Jennifer Waters)

Your pet’s name is a fraudster’s best friend.

You may think you’re giving up precious little when you tell your Facebook friends that you’re dressing your pooch, Puddles, in your favorite color, red, for brunch at Grandma’s on Sunday. But you’ve actually just opened a Pandora’s box of risks.

The information consumers willingly, and oftentimes unwittingly, unleash on social-media websites sets off a feeding frenzy among fraudsters looking to steal everything from your flat-screen TV to your identity…

Too much information can hurt you in other ways. John Sileo, a Denver-based identify-theft expert, says your online chatter could equip an ex-spouse with ammunition for a court challenge. Future or current employers could have a problem with information about your personal life that they deem inappropriate for a member of their staff, he says. You also could be furnishing a would-be stalker with information about your whereabouts. Click Here to Continue Reading….

Related posts:

1. Identity Theft Expert John Sileo on 60 Minutes
2. Social Networking Expert, John Sileo Interviewed on Tech Night Owl
3. Read CreditCards.com Article featuring John!