Posts

Some Simple Steps to Social Media Privacy

When was the last time you checked your privacy settings on your social media profiles? Being aware of the information you share is a critical step in securing your online identity. Below we’ve outlined some of the top social media sites and what you can do today to help keep your personal information safe.

FACEBOOK Social Media Privacy

Click the padlock icon in the upper right corner of Facebook, and run a Privacy
Checkup. This will walk you through three simple steps:

  • Who you share status updates with
  • A list of the apps that are connected to your Facebook page
  • How personal information from your profile is shared.

As a rule of thumb, we recommend your Facebook Privacy setting be set to “Friends Only” to avoid sharing your information with strangers. You can confirm that all of your future posts will be visible to “Friends Only” by reselecting the padlock and clicking “Who can see my stuff?” then select “What do other people see on my timeline” and review the differences between your public and friends only profile. Oh, and don’t post anything stupid!

TWITTER Social Media Privacy

Click on your profile picture. Select settings. From here you will see about 15 areas on the left-hand side. It’s worth it to take the time to go through each of them and select what works for you. We especially recommend spending time in the “Security and Privacy” section where you should:

  • Enable login verification. Yes, it’s an extra step to access your account, but it provides increased protection against unauthorized access of your account.
  • Require personal information whenever a password reset request is made. It’s not foolproof, but this setting will at least force a hacker to find out your associated email address or phone number if they attempt to reset your password.
  • Determine how private you want your tweets to be. You can limit who (if anybody) is allowed to tag you in photos and limit your posts to just those you follow.
  • Turn off the option called “Add a location to my Tweets”.
  • Uncheck the options that allow others to find you via email address or phone number.
  • Finally, go to the Apps section and check out which third-party apps you’ve allowed access to your Twitter account (and in some cases, post on your behalf) and revoke access to anything that seems unfamiliar or anything that you know you don’t use anymore.

Oh, and don’t post anything stupid!

INSTAGRAM Social Media Privacy

The default setting on Instagram is public, which means that anyone can see the pictures you post. If you don’t want to share your private photos with everyone, you can easily make your Instagram account private by following the steps below. NOTE: you must use your smartphone to change your profile settings; it does not work from the website.

  • Tap on your profile icon (picture of person), then the gear icon* to the right of your name.
  • Select Private Account. Now only people you approve can see your photos and videos.
  • Spend some time considering which linked accounts you want to keep and who can push notifications to you.

*Icons differ slightly depending on your smartphone. Visit the Instagram site for specifics and for more in depth controls.

Oh, and don’t post anything stupid!

SNAPCHAT Social Media Privacy

Snapchat’s settings are really basic, but there’s one setting that can help a lot: If you don’t want just anybody sending you photos or videos, make sure you’re using the default setting to only accept incoming pictures from “My Friends.”  By default, only users you add to your friends list can send you Snaps. If a Snapchatter you haven’t added as a friend tries to send you a Snap, you’ll receive a notification that they added you, but you will not receive the Snap they sent unless you add them to your friends list.  Here are some other easy tips for this site:

  • If you want to change who can send you snaps or view your story, click the snapchat icon and then the gear (settings) icon in the top right hand corner. Scroll down to the “Who can…” section and make your selections.
  • Like all services, make sure you have a strong and unique password.
  • Remember, there are ways to do a screen capture to save and recover images, so no one should develop a false sense of “security” about that.

In other words, (all together now) don’t post anything stupid!

A Final Tip: The privacy settings for social media sites change frequently. Check in at least once a month to ensure your privacy settings are still as secure as possible and no changes have been made.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Facebook Privacy and Security Info Graphic

Thanks to Naomi Paton from BestComputerScienceSchools.net for sharing this Facebook Privacy Infographic!

Facebook_Privacy

 

Share this infographic on your site!
According to an early 2013 report from ComScore.com, Facebook still maintains the lead for American user engagement for a single web site — averaging a minute short of 6.75 hours per user in the month of Mar 2013. While this number is a decline from the same period in 2012 (with an average of nearly 7.25 hours per user), it’s obvious that American Facebook users spend a considerable amount of time on the site — more than any other social media site — revealing facts both mundane and interesting about their lives — facts that might be of interest to other people and companies, including those with ill intent.

In fact, according to a study by Alessandro Acquisti discussed in a TED Talk, American employers often judge job candidates who post to social media more harshly than equally skilled candidates who did not post — regardless of whether posts were negative or positive or not even relevant to the potential employer. How potential employers find your Facebook information about you is beyond  the scope of this article, but we do cover some relevant security and privacy statistics and offer some tips to guard yourself.

The Facebook Facts
Please note: All statistics below refer to U.S. Facebook users unless specifically indicated.

  • 1.26 — Number in billions of monthly active worldwide Facebook users  (as of  Oct 2013).
  • 83 — Number in millions of fake profiles (worldwide; as of late Jun 2013).
  • 7.5 — Approximate percentage of fake profiles (worldwide).
  • 128 — Number in millions of daily active Facebook users (mid Aug 2013)
  • 6 3/4 hours — Approximate average amount of time Facebook users spent on the site in Mar 2013.
  • 101 — Approximate number in millions of Facebook users on mobile devices (app and mobile web browsers).
  • 128 — Approximate total number in millions of Facebook users on both desktop computers and mobile devices.
  • 78 — Approximate percentage of Facebook users who access the site on a mobile device.
  • 76 — Percentage of smartphone market that Facebook reaches with their app (primarily) or via mobile web browsers.
  • 23 — Percentage of time spent on mobile apps that is attributed to Facebook use.
  • 303 — Approximate number of “friends” a Facebook user (12+ years old; worldwide) has in their network. This number varies significantly by age group. Research estimates have suggested numbers of 500+ for Facebook users in the 12-24 age range, but much less (low hundreds) for those in older age ranges.
  • 245 — The average number of friends that U.S. users have in their Facebook network, according to a Pew Research study in early 2012.
  • 600 — The approximate number of people that the average person knows overall (Facebook or otherwise), according to a New York Times report in early 2013. Note that other studies suggest a figure of 290.
  • 25 — Percentage of Facebook users (worldwide) who do not look at or ignore their Facebook privacy settings (according to a 2012 Velocity Digital report).
  • 71 — The number of countries whose individual governments made requests for user data to Facebook in the first six months of 2013.
  • 25.6 — The approximate total number in thousands (actual: 25,607) of requests for data made to Facebook by various world governments in that six-month period.
  • 11 — The number in thousands of data requests (minimum) that were made just by the U.S. government.  (U.S. data is reported as a range: 11,000-12,000.)
  • 43 — The approximate percentage (actual: 42.96) of all data requests made just by the U.S. government.
  • 38 — The approximate total number in thousands (actual: 37,954) of Facebook user accounts covered in those requests by all governments.
  • 20 — The number in thousands of Facebook account data requests (minimum) made just by the U.S. government.  (U.S. data is reported as a range: 20,000-21,000.)
  • 53 — The approximate percentage (actual: 52.70) of total account data requests made just by the U.S. government.
  • 2.5 — Number in billions of photos uploaded to Facebook in a single month in 2010
  • 30 — Percentage of photos in a study by Alessandro Aquisti in 2010 (taken of students on a college campus) that were identifiable by off-the-shelf facial recognition software. (Using data mining techniques, the researchers were also able to determine part of identified students’ Social Security numbers.)
  • 10 — Percentage of anonymous online dating profiles identified via facial recognition software in another study by Aquisti.
  • 43 — Percentage of employers (in a study of 2,100 hiring managers) who did not hire a job candidate after researching the latter’s social media profile.
  • 600 — Number in thousands of Facebook logins (worldwide) that are compromised daily (late Oct 2011).
  • 25 — Percentage of consumers whose online data has been breached who later become a victim of identity fraud.
  • 2.78 — Percentage of homes in the U.S. (1 in 36) that will likely be burgled in 2013, according to an FBI 2012 crime report — with or without the help of social media tracking.
  • 1,657 — Average loss in dollars per break-in.
  • 25 — Percentage of teens who claim to have been stalked on Facebook.
  • 55 — Percentage of teens who have given out personal info to strangers on Facebook.
  • 24 — Percentage of teens who have had compromising information made public without their permission.
  • 2.5 — Number of billions of new daily Facebook posts (worldwide).
  • 67 — Percentage of teen users who know how to hide their online activity from parents.
  • 10 — Percentage of children worldwide who experience cyberbullying.
  • 52 — Percentage of teens not telling parents about being cyberbullied.
  • 34 — Percentage of parents who check their children’s social network sites.

Top Five World Governments Requesting Facebook User Data
The following five countries made the most requests to Facebook in the first six months of 2013. (Note: United States data is reported in ranges. In the table below, only the minimum value of U.S. ranges is reported.)

Country Minimum Requests Minimum Accts Requested
United States 11000 20000
India 3245 4144
United Kingdom 1975 2337
Germany 1886 2068
Italy 1705 2306

6 Threats to Your Privacy and Security
Using Facebook incorrectly can expose you to a number of threats. Here’s an incomplete list:

  1. Bullying — You think that your kids are safe at home from bullies? Unfortunately not, and some reports suggest that cyberbullied kids are 2-9 times more likely to commit suicide.
  2. Stalking — Let’s face it; there are lots of creeps out there and one of them may be  stalking you or your children — which is made easier by the fact that more than half of teens give up personal info to strangers on Facebook.
  3. Burglary — While the U.S. Bureau of Justice Statistics suggests home burglaries have declined since the 1970s, while make their efforts easier? Some burglars do monitor social media to determine which homes will be unoccupied for a long enough period for them to get what they want. Sometimes they do this by hacking accounts; other times they simple make friend requests to people who don’t know them. From there, it could be a simple matter of monitoring posts for location data and extended and absence.
  4. Identity theft — Are you revealing too much info in your Facebook profile? Potential victimizers can combine your Facebook profile info with your other social media profiles to get the data they need. Note that identity theft can happen to your children, too, and this might not be noticed until they’re 18 or older.
  5. Career compromise  – Given two equally qualified candidates, new research shows that if a potential employer checks social media profiles, they tend to have a bias against those who post anything to social media – regardless of the topic or tone; even worse if you say something compromising or have photos of questionable behavior. This may not be surprising given that while most U.S. universities and charities are on Facebook, the percentage of Fortune 500 companies with a Facebook page is considerably less (60% as of Jan 2012).
  6. Reputation damage — It might only take one tagged picture of you cutting loose, doing something one time that you wouldn’t normally do. If an acquaintance not in your Facebook network posts the picture, you might not even know about it — a potential problem if they’ve identified you in text.

Privacy and Security Features
Facebook founder Mark Zuckerberg — who in late 2013 spent an extra $30M buying four extra nearby homes to maintain his real-life privacy — has in the past openly indicated that “privacy is over” and that if he were starting Facebook anew that user information would be public by default. That was nearly three years ago and the company doesn’t seem to have swayed much from that goal. He has also made comments suggesting that Facebook users don’t care about privacy.  Despite this attitude, there are legitimate reasons to maintain your privacy on Facebook and there are ways to do so.
This is not a comprehensive list, but possibly two of the most under-utilized features are “private profile” and friend lists. New Facebook accounts used to be private by default but have since switched to public by default. You need to manually change that setting. As for friend lists, they’re the digital equivalent of social circles. Friends can fall into multiple lists or just one.

15 Things You Should Do To Maintain Privacy on Facebook
According to various reports, teens and adults are being turned down for work due to certain things they’ve posted on their social profiles. To see how potentially embarrassing indiscriminate posting can be, visit weknowwhatyouredoing.com.
Younger children are at risk, too, given the growing number of underage Facebook users. According to figures by the Crimes Against Children Research Center, children in the 10-13 age range are at most risk from online predators — that age group makes for 22% of targets.
Here are some tips for maintaining your privacy and keeping your profile socially acceptable, as well as for protecting your children if they use Facebook.

  1. Review your Facebook profile information to make sure that if you do have email addresses, employment history and phone numbers listed, that the information is only accessible by friends. Keep in mind that Facebook had a bug in June 2013 that caused the leak of email addresses and/or phone numbers of 6M users — not a large percentage of all users, but enough to potentially cause problems for those compromised. (If you have specific need to prevent someone from finding you, use an alias in your profile — and don’t post any photos of people associated with you. Better still, use a social media service that’s truly private.)
  2. Create friend lists. Name them according to social circles such as family, friends, friends of friends, colleagues, college-chums, teammates, etc. Put everyone in your network on one or more lists. Every time you add someone, assign them to one or more lists. Hide your friend lists to protect your friends, so that strangers cannot see to whom you are connected.
  3. When you post, use friend lists to control who sees your information. Set a default setting (e.g., Friends or Friends of Friends). If you want, you can change the viewability setting for a specific post either before (best practice) or after posting.
  4. Pay careful attention not only to what you are revealing about yourself in something you are about to post, but also look at the icon indicating who can see the post once it’s published. If you see a “globe” icon, that means your post will be public. Make a habit of checking this before posting.
  5. Review your recent posts and consider removing personal details in case you’ve over-shared.
  6. Make sure that your location is not being broadcast. This is especially important if you’re using Facebook on a mobile device. Turn off the location feature.
  7. If you use Facebook for work purposes, split your posts between your personal profile only available to friends and a “Personality/ Business” Page accessible publicly.
  8. Review your friends’ posts if they tag you. Review your comments on friends posts that might be controversial, in case they change their post’s status to Public. Cover your bases by using Google Alerts [http://www.google.com/alerts] to get email updates for your Facebook profile name, and then take action if necessary.
  9. Even if you keep your Facebook profile private, if you are using Facebook on a mobile device, be absolutely sure that you are using legitimate wi-fi networks and not “honey pots”. If you get on such a network by accident, change your password immediately. If your Facebook profile includes your email address, change your email password.
  10. Change your password regularly — once a month or more often — and don’t repeat any previous password for at least a few months — preferably never.
  11. Use different passwords for different websites and services. Try not to reuse your Facebook password anywhere else — especially for email addresses listed in your Facebook profile.
  12. Pay attention to any privacy setting changes that Facebook announces. You never know when they will affect you or your children.
  13. Make sure your profile name is unique. If there are other people with the same name as you, don’t take chances that your profiles might be confused by someone.
  14. Check your overall privacy settings on the Facebook Privacy Settings and Tools web page [https://www.facebook.com/settings/?tab=privacy].
  15. Check the settings on your photo albums. Each album and photo can have custom settings.

Check the Facebook Privacy page [https://www.facebook.com/help/445588775451827] for more details on privacy settings.

6 Additional Tips For Protecting Your Children
If you think your child will not join Facebook until they’re older, consider that an Oct 2013 study by Commonsense Media shows that 38% of children under 2 have used a mobile device (smartphone or tablet). By the age of 8, that number jumps to 72%. Kids are comfortable with mobile devices, so the chances of them joining a social media site such as Facebook as a mobile user increases. When you then consider that, as mentioned above, 10-13 year-olds make up 22% of the targets of online predators, and that there are millions of underage users, it’s better to guide your children into proper use of Facebook and other social media than to hope they’ll “be good” and not use such services.
In addition to the general tips above, here are some additional tips for protecting your Facebook-using children.

  1. If your children are not on Facebook, agree to show them how at an agreed-upon age. Let them know early on what you will expect from them in terms of usage behavior. Better you introduce them and know they’re more likely to trust you as a “friend” if you teach them early and trust them.
  2. Implement usage schedules and rules for your children. E.g., can only post to Facebook between 7pm-9pm, from home, when a parent is home to monitor, if necessary.
  3. Discuss privacy and security with your kids and make sure that they understand what dangers lurk online. With underage Facebook profiles increasing in number, have this discussion as soon as possible.
  4. Require at least your under-age children to friend you (possibly using a joint family profile that one or more adults can use to monitor posts.) If you are not on Facebook and your children are, that’s a very good idea to join. Just don’t embarrass your kids with awkward comments on all of their posts.
  5. Review recent posts by your children and teach them to understand what is acceptable and what is not. Ask them to edit out any personal info as necessary. E.g., they may not realize they’re revealing too much when they post about an upcoming family vacation and how long you’ll be away.
  6. Ask your children to regularly submit a list of Facebook groups they’d like to join so you can review the groups.

Also make sure that your children are not doing any of the things in the following list.

10 Things You Shouldn’t Do on Facebook
It can be easy to forget how your security and privacy gets compromised on social media. Of course, if you’re doing “bad” things and posting about them, don’t expect to have your privacy maintained. Even if you’re just under suspicion of having done something illegal, Facebook and other social media sites give access to profiles to crime fighting and government agents in certain circumstances — which you cannot prevent. However, to keep other people from knowing your social business, here are tips for what not to do on Facebook

  1. Don’t use Klout.com and similar services if you want to maintain a private profile. It’s not clear in the Klout.com UI who can or cannot see your “Klout moments”, but given that your private FB posts do appear in Klout (because you had to have given permission in the first place), it’s probably not a good idea.
  2. Don’t use FB apps or mobile apps that “want to post for you” if you’re concerned.
  3. Don’t publicly post that you are away for an extended period of time or imply such — especially if your address is easy to find online or in the white pages.  Some U.S. insurance companies are changing policy rules to exclude claims if they can prove you revealed too much on social media and were burgled as a result.
  4. Don’t give away too much info about your current whereabouts. Turn off “location,” don’t mention you’re away and for how long. This includes multi-day conferences, even if you’re near by.
  5. Don’t publish your full home address contact details anywhere online, including your Facebook profile. If you have a home business, use a P.O. Box or use a service that gives you the equivalent of a physical suite number and signs for packages for you.
  6. Don’t post photos of your children, or at the least do not identify and tag them — especially under-age children.
  7. Don’t post or tag photos of your friends doing “questionable” things. Ask them to check with you as well before posting. Similarly, don’t post pictures of your bad habits. Make sure your friends are not doing so either. You would think all this would be commonsense, but friends of friends might be posting photos of you.
  8. Don’t post “insider information”, especially for publicly-traded companies. You might have family, friends or acquaintances that become sources of such information for you. Carefully consider what you’re revealing before posting about any company or the legal repercussions might be worse than losing a job.
  9. Don’t accept friend requests from people you don’t know – especially if they have very few friends in their profile. At least with LinkedIn, you know how they’re connected to you.
  10. Don’t use short, simple passwords. Use longer passwords, some uppercase letters mixed with lowercase letters, numbers and punctuation. Use multiple unrelated words if it makes it easier for you to remember. It’s particularly important to protect your account if re-use this password for other online services — especially common ones such as email addresses, banking, etc.

References :
Information for this article was collected from the following pages and web sites:

  1. http://arxiv.org/pdf/1111.4503v1.pdf
  2. http://www.asecurelife.com/burglary-statistics/
  3. http://www.bjs.gov/index.cfm?ty=tp&tid=321
  4. http://blog.bufferapp.com/10-surprising-social-media-statistics-that-will-make-you-rethink-your-strategy
  5. http://www.careerbuilder.com/share/aboutus/pressreleasesdetail.aspx?sd=6%2f26%2f2013&siteid=cbpr&sc_cmp1=cb_pr766_&id=pr766&ed=12%2f31%2f2013
  6. http://cola.unh.edu/ccrc
  7. http://www.commonsensemedia.org/
  8. http://www2.comscore.com/l/1552/gital-Future-in-Focus-2013-pdf/3dplfc [PDF; requires free signup]
  9. http://www.cooldailyinfographics.com/post/hashtag-etiquette
  10. http://www.cooldailyinfographics.com/post/how-burglars-are-using-social-media
  11. http://www.dazeinfo.com/2012/01/07/social-media-facts-figures-and-statistics-2012-infographic/
  12. http://dotcomplicated.co/content/2013/06/online_reputation/
  13. http://expandedramblings.com/index.php/by-the-numbers-17-amazing-facebook-stats/
  14. https://www.facebook.com/about/government_requests
  15. https://www.facebook.com/bookmarks/lists
  16. https://www.facebook.com/settings/?tab=privacy
  17. http://www.fbi.gov/about-us/cjis/ucr/crime-in-the-u.s/2012/crime-in-the-u.s.-2012
  18. http://www.go-gulf.com/blog/cyber-crime/
  19. http://www.heinz.cmu.edu/~acquisti/face-recognition-study-FAQ/
  20. http://www.huffingtonpost.com/2013/06/21/facebook-bug_n_3480739.html
  21. http://www.identitytheftassistance.org/pageview.php?cateid=47
  22. http://www.jonloomer.com/2012/01/06/facebook-timeline-privacy/
  23. http://www.marketingcharts.com/wp/direct/18-24-year-olds-on-facebook-boast-an-average-of-510-friends-28353/
  24. http://mashable.com/2011/10/28/facebook-600000-accounts-compromised/
  25. http://mashable.com/2013/10/28/children-under-2-mobile-media-study/
  26. http://www.michaelzimmer.org/2012/05/07/how-to-adjust-your-facebook-privacy-settings-2012/
  27. http://www.pewinternet.org/Reports/2012/Facebook-users.aspx
  28. http://readwrite.com/2010/01/09/facebooks_zuckerberg_says_the_age_of_privacy_is_ov#awesm=~olwXxqKGlnb9Ed
  29. http://sociallyactive.com/facebook-and-kids-a-parents-guide-to-facebook-privacy-and-security/
  30. http://www.statisticbrain.com/facebook-statistics/
  31. http://techcrunch.com/2013/08/13/facebook-mobile-user-count/
  32. http://blog.ted.com/2012/07/24/what-data-is-being-collected-on-you-some-shocking-info/
  33. http://blog.ted.com/2013/09/16/6-basic-tips-for-better-online-security-from-ted-speaker-james-lyne/
  34. http://blog.ted.com/2013/10/17/the-future-of-facial-recognition-7-fascinating-facts/
  35. http://www.ted.com/talks/alessandro_acquisti_why_privacy_matters.html
  36. http://www.ted.com/talks/james_lyne_everyday_cybercrime_and_what_you_can_do_about_it.html
  37. http://www.theatlanticwire.com/technology/2013/02/real-friends-vs-facebook-friends/62310/
  38. http://www.theparentszone.com/parenting/why-parents-hate-social-networking-sites/
  39. http://www.theverge.com/2013/9/29/4783702/the-faces-of-facebook-natalie-rojas
  40. http://www.wired.com/business/2010/04/report-facebook-ceo-mark-zuckerberg-doesnt-believe-in-privacy/

 

Facebook_Privacy_thumb

 

John Sileo is an author and highly engaging speaker on internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

6 Ways Your Facebook Privacy Is Compromised | Sileo Group

One billion people worldwide use Facebook to share the details of their lives with their friends and may be unaware their Facebook Privacy could be compromised. Trouble is, they also might be unintentionally divulging matters they consider private to co-workers, clients and employers.

Worse yet, they may be sharing their privacy with marketing companies and even scammers, competitors and identity thieves. Luckily, with some Facebook privacy tips, you can help protect your account online.

Here are six ways Facebook could be compromising your private information and how to protect yourself:

Facebook Privacy

1.  The new Timeline format brings old lapses in judgment back to light. Timeline, introduced in late 2011, makes it easy for people to search back through your old Facebook posts, something that was very difficult to do in the past. That could expose private matters and embarrassing photos that you’ve long since forgotten posting.

What to do: Review every entry on your Facebook timeline. To hide those you do not wish to be public, hold the cursor over the post, click the pencil icon that appears in the upper right corner, select “Edit or remove” then “Hide from timeline.” Being able to “revise” your history gives you a second chance to eliminate over-sharing or posts made in poor taste.

Facebook Privacy2.  Facebook third-party app providers can harvest personal details about you—even those you specifically told Facebook you wished to be private. Third-party apps are software applications available through Facebook but actually created by other companies. These include games and quizzes popular on Facebook like FarmVille and Words with Friends, plus applications like Skype, TripAdvisor and Yelp. Most Facebook apps are free—the companies that produce them make their money by harvesting personal details about users from their Facebook pages, then selling that information to advertisers. In other words, you are paying for the right to use Facebook using the currency of your personal information.

Many apps collect only fairly innocuous information—things like age, hometown and gender that are probably not secret. But others dig deep into Facebook data, even accessing information specifically designated as private.

Example: A recent study found that several Facebook quiz game apps collected religious affiliations, political leanings and sexual orientations. Many Facebook apps also dig up personal info from our friends’ Facebook pages—even if those friends don’t use the apps. There’s no guarantee that the app providers will sufficiently safeguard our personal information and there are numerous instances where they have done just the opposite.

What to do: Read user agreements and privacy policies carefully to understand what information you are agreeing to share before signing up for any app. The free Internet tool Privacyscore is one way to evaluate the privacy policies of the apps you currently use (www.facebook.com/privacyscore), but remember that it is provided by the very company that is collecting all of your data. You also can tighten privacy settings. In “Facebook Privacy Settings,” scroll down to “Ads, Apps and Websites,” then click “Edit Settings.” Find “Apps You Use” and click “Edit Settings” again to see your privacy options. And be sure to delete any apps you don’t use. While you are in the privacy settings, take a spin around to find out other data you are sharing that might compromise your privacy.

Facebook Privacy3.  Facebook “like” buttons are spying on you—even when you don’t click them. Each time you click a “like” button on a Web site, you broadcast your interest in a subject not just to your Facebook friends but also to Facebook and its advertising partners.

Example: Repeatedly “like” articles in a publication with a specific political viewpoint, and Facebook advertisers might figure out how you vote.

Not clicking “like” buttons won’t free you from this invasion of privacy. If you’re a Facebook user and you visit a Webpage that has a “like” button, Facebook will record that you visited even if you don’t click “like.” Facebook claims to keep Web browsing habits private, but once information is collected, there’s no guarantee that it won’t get out.

Example: If an insurance company purchases this data, it might discover that someone applying for health coverage has visited Web pages about an expensive-to-treat medical disorder. The insurer might then find an excuse to deny this person coverage, or to raise their rates substantially.

What to do: One way to prevent Facebook from knowing where you go online is to set your Web browser to block all cookies. Each browser has a different procedure for doing this, and it will mean that you will have to re-enter your user ID and password each time you visit certain Web sites.

Another option is to browse the web in “InPrivate Browsing” mode (Internet Explorer), “Incognito” mode (Google Chrome) or “Private Browsing” mode (Firefox and Safari), which seems to be a less intrusive way to raise your privacy levels.

Less conveniently, you could log out of Facebook and select “delete all cookies” from your browser’s privacy settings before visiting Web sites you don’t want Facebook to know about. There are also free plug-ins available to prevent Facebook from tracking you around the Internet, such as Facebook Blocker (webgraph.com/resources/facebookblocker).

Facebook Privacy4.  Social readers” tell your Facebook friends too much about your reading habits. Some sites, including the Washington Post and England’s The Guardian, offer “Social Reader” Facebook tools. If you sign up for one, it will tell your Facebook friends what articles you read on the site, sparking interesting discussions.

The problem: excessive sharing. The tools don’t share articles with your Facebook friends only when you click a “like” button, they share everything you read on the site. Your Facebook friends likely will feel buried under a flood of shared articles, and you might be embarrassed by what the social reader tells your friends about your reading habits.

What to do: If you’ve signed up for a social reader app, delete it. In Facebook privacy settings, choose “Apps you use,” click “Edit Settings,” locate the social reader app, then click the “X” and follow the directions to delete.

Facebook Privacy5.  Photo and video tags let others see you in unflattering and unprofessional situations. If you work for a straight-laced employer, work with conservative clients or are in the job market, you may already realize that it’s unwise to post pictures of yourself in unprofessional and possibly embarrassing situations.

But you may fail to consider that pictures other people post of you can also hurt you.

A Facebook feature called photo tags has dramatically increased this risk. The tags make it easy for Facebook users to identify by name the people in photos they post—Facebook even helps make the IDs—then link these photos to the Facebook pages of all Facebook users pictured.

What to do: Untag yourself from unflattering photos by using the “remove” option on these posts. Arrange to review all future photos you’re tagged in before they appear on your Facebook Timeline by selecting “Timeline and Tagging” in Facebook’s Privacy Settings menu, clicking “Edit settings,” then enabling “Review posts friends tag you in before they appear on your timeline”. Better yet, ask your friends and family not to post pictures of you without your permission. Be sure to extend the same courtesy to them by asking whether or not they mind you tagging them in a photo.

Facebook Privacy6.  Our Facebook friends—and those friends’ friends—offer clues to our own interests and activities. Even if you’re careful not to provide sensitive information about yourself on Facebook, those details could be exposed by the company you keep.

Example: A 2009 MIT study found it was possible to determine with great accuracy whether a man was gay based on factors including the percentage of his Facebook friends who were openly gay—even if this man did not disclose his sexual orientation himself.

Sexual orientation isn’t the only potential privacy issue. If several of your Facebook friends list a potentially risky or unhealthy activity, such as motorcycling, cigar smoking or bar hopping among their interests—or include posts or pictures of themselves pursuing this interest—an insurer, college admissions officer, employer or potential employer might conclude that you likely enjoy this pursuit yourself.

What to do: Take a close look at the interests and activities mentioned by your Facebook friends on their pages. If more than a few of them discuss a dangerous hobby, glory in unprofessional behavior, or are open about matters of sexual orientation or political or religious belief that you consider private, it might be wise to either remove most or all of these people from your friends list, or at least make your friends list private. Click the “Friends” unit under the cover photo on your Facebook page, click “Edit,” then select “Only Me” from the drop-down menu.

Most of all, remember that Facebook and other social networking sites are social by nature, which means that they are designed to share information with others. The responsibility to protect your personal and private information doesn’t just fall on the social networks; it is also up to you.  Following these Facebook privacy tips can help you succeed in keeping your most personal information safe. 

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Identity Theft & Fraud Keynote Speaker John Sileo

, , , ,

America’s top Privacy & Identity Theft Speaker John Sileo has appeared on 60 Minutes, Anderson Cooper, Fox & in front of audiences including the Department of Defense, Pfizer, Homeland Security and hundreds of corporations and associations of all sizes. His high-content, humorous, audience-interactive style delivers all of the expertise with lots of entertainment. Come ready to laugh and learn about this mission-critical, bottom-line enhancing topic.

John Sileo is an award-winning author and keynote speaker on the dark art of deception (identity theft, fraud training, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust.

7 Steps to Stem Facebook Privacy Bleeding

, , ,

Why You Should Share Facebook Privacy Settings with Friends

A true friend does more than just post updates about their conquests on your wall. They share information with you that makes your life better, even if it isn’t exactly what you want to hear. And you do the same for them. But are your friends unwittingly sharing too much information about you with others (strangers, advertisers, app developers, scammers)? Probably. For example, if they (or you) haven’t customized your privacy settings lately, you are giving Facebook permission to:

  • Publish your name, photo, birth date, hometown and friend list to everyone?
  • Indirectly share your restricted data with outsiders through your friends?
  • Let your friends check you in to embarrassing locations where you aren’t?
  • Post your Likes as advertisements on friends’ walls using your name?
  • Authorize Google to index, access and share your information on the web?

Taking simple steps will make a significant difference. Start with the 7 Facebook Privacy Settings below and ask your friends to do the same. It benefits their privacy and yours. The video to the left quickly walks you through how to get to each level of privacy setting. If the video is too small for you to see the pointer, simply click on the four arrows in the bottom right-hand corner of the video viewer (to the right of the YouTube logo) to view in full-screen mode. For better resolution, use the drop down menu to switch to 720 HD.

7 Facebook Privacy Settings to Share with Your Friends

  1. Hide Your Hometown, Friends & Interests from Strangers. You may want every last soul on Facebook to know who your friends are, but your friends might not appreciate being part of your popularity contest. And believe me, you don’t want outsiders knowing where you live, where you were born and what interests you. To block people other than your friends from seeing your these items, in the upper right hand corner of your home Facebook screen once you are logged in, click Account>>Privacy Settings. Then go to View Settings (under Connecting on Facebook). Set See your friend list, See your current city and hometown, See your education & work and See your likes, activities and other connections to Friends Only. You can even block everyone, including friends, from seeing these personal tidbits by clicking on the Everyone button, selecting Customize and choosing Only Me.
  2. Restrict (or alter) Your Personally Identifying Information (PII). Facebook PII includes your Birthday, Address, Email, IM Screen Name and Phone Numbers. With just your name, birthdate and hometown, a scammer can easily recreate your Social Security number, steal your identity, or rob your home while you’re on vacation. My recommendation is to leave these fields blank in the first place (where possible) or fill them with partial or inaccurate information (make up a birthdate that is close to yours but not exact. Please note this may be in violation of Facebook’s user policy.). Either way, you should also limit others from accessing your PII. Click on Account>>Privacy Settings and then Customize Settings (towards the bottom of the sharing grid – look for the tiny pencil). Each drop down box to the right allows you to Customize your setting for that item. Using the Customize option, set Birthday (under Things I share) and Address, IM Screen Name, Email, Phone Numbers (under Contact information) to Only Me. Consider setting Religious and political views and Interested in to Only Me or Friends Only as well. The primary way a social engineer (information con artist) exploits you is by understanding what interests you. 
  3. Stop Broadcasting Your Whereabouts in Places. Like the popular application Foursquare, Facebook Places allows you to check in to real-world locations and share your whereabouts with friends (so that burglars know exactly when to rob you). There are two relevant settings regarding Places. First of all, you should limit which users can see which places you can check in to. Click on Account>>Privacy Settings and then Customize Settings (see the first video for direction). Set Places you check in to (under Things I share) to Only Me (using the Customize feature) if you want to disable Places or to Friends Only if you want your friends to know your location. In a very strange default setting, Facebook allows your friends to check you in to places (e.g., a friend checks you in to a strip club while you are at the library). To turn this off, on the same screen, click on Edit Settings next to Friends can check me in to Places (under Things others share). In the drop down menu, choose Disabled and click Okay.
  4. Limit How Your Photos & Videos are Shared. If you allow everyone to see photos or videos in which you are tagged (the default), anyone can post a compromising photo of you (friend or otherwise) and then share it with the world by tagging you in the photo. This can lead to some very embarrassing situations (you’d never post the pictures taken at the bachelorette party, but the scorned bridesmaid just might). There are two settings you need to change to fix this. First, click on Account>>Privacy Settings and then Customize Settings (find the pencil). Click on Edit Settings next to Photos and videos you are tagged in (under Things others share). Change the drop down menu to Customize and change the setting to Only Me if you don’t want others to see your tagged photos or to Friends Only if you want your friends to see the tagged photos. Click Save Settings. Then, in respect for your friends, make sure you aren’t accidentally allowing their friends to see photos in which you tag them. To do this, go to Account>>Privacy Settings. Towards the bottom of the page (above the pencil) is a check box that says Let friends of people tagged in my photos and posts see them. Uncheck this box. 
  5. Restrict Google and Apps from Mining Your Identity. By default, Facebook allows search engines like Google and applications (apps) like Farmville access to certain personal information. After all, Facebook is in the business of inventorying your identity and then selling it to vendors and advertisers. To regulate how much is shared, click Account>>Privacy Settings and then Edit your settings (under Apps and Websites in the bottom left-hand corner). First, go to Public search and Edit Settings. Unclick the Enable public search check box to keep the search engines out of your profile. If you use your Facebook profile for business and want to be searchable, leave public search enabled. Next, go to Apps you use and click Edit Settings. Review and Edit every app that has access to your private information or delete the access entirely. Having all of your social networking profiles connected and using Facebook as a centralized login for convenience is a recipe for privacy disaster.
  6. Limit What’s Accessible Through Your Friends. No matter how tightly you lock your privacy down in Facebook, if you don’t restrict what strangers, vendors, advertisers and Friends of Friends can see through your friends, you have done very little to actually protect yourself. Here’s how to limit what your friends can share (knowingly or unknowingly). First, click Account>>Privacy Settings and then Edit your settings (under Apps and Websites in the bottom left-hand corner). Next to Info accessible through your friends, click Edit Settings. You will see an entire list of data that can be accessed through your friends Facebook page, EVEN IF THE SAME INFORMATION ISN’T ACCESSIBLE THROUGH YOUR PAGE (because you customized your privacy settings in steps 1-5). This is quite possibly the most devious aspect of Facebook. I only have two or three items checked here – those pieces of information that I wouldn’t mind seeing on the front cover of USA Today. That is how public these bits of data become if you allow your friends to share them. 
  7. Turn On Your Account Security Features. Facebook has several built-in security features (turned off by default) that make your social networking a safer virtual world. Click on Account>>Account Settings and then Security (left column). First, under Secure Browsing (https), check the box next to Browse Facebook on a secure connection (https) whenever possible. The gives you bank-like security when accessing your Facebook pages. Under Login Notifications: When an unrecognized computer or device tries to access my account, check the box next to Send me an email. That way, if someone gains unauthorized access to your Facebook account on a non-registered computer (your computers and phones will be registered), Facebook automatically locks the user out. If you don’t mind sharing your mobile phone number with Facebook (I don’t share my # with them), you can implement Facebook Addictiona third security feature. Under Login Approvals: When an unrecognized computer or device tries to access my account, check the box next to Require me to enter a security code sent to my phone.

If you just took these first 7 Steps to protect your Facebook privacy – congratulations – your profile and data are more secure than 99% of the Facebook population. Now it’s your turn to be a good friend – pass this on to someone you care about, and ask them to spend a few minutes protecting themselves. It’s a win-win for everyone.

John Sileo is the award-winning author of Privacy Means Profit and a keynote speaker on social media privacy, identity theft prevention and manipulation jujitsu. His clients include the Department of Defense, Blue Cross, Pfizer and Homeland Security. Learn more at www.ThinkLikeASpy.com or contact him directly on 800.258.8076.

Facebook's Zuckerberg Gets Hacked

,

While Facebook privacy issues are becoming a concern for most users, you would think that the CEO of Facebook should at least be protected. Apparently that is not the case. Mark Zuckerberg’s Facebook page was hacked last week. The founder of the social networking giant found himself to be a victim of what many users often face, and I hope it prompts him to incorporate more robust security into the fabric of Facebook. In fact, my experience is that people’s willingness to pay attention to privacy and data security goes up exponentially when they have experienced a breach first hand.

Here is what The Guardian had to say about Zuckerberg’s breach:

“Mark Zuckerberg’s Facebook page has been hacked by an unknown person who posted a status update suggesting that the site should let people invest in it rather than going to the banks. The page belonging to the 26-year-old Zuckerberg, the Facebook founder who was named Time‘s Man of the Year in 2010, was hacked some time on Tuesday.” (The Guardian)

This hacking comes at the heals of the announcement that Facebook is worth about $50 billion after investors such as Goldman Sachs and a Russian venture capital firm started to take interest in the company. Many believe that those who made Facebook what it is today, the users, should be able to invest and profit from the billion dollar company. One significant breach of Facebook’s data could reduce that valuation by about 40%, as the loss of user trust would be devastating.

The following message was posted to Zuckerberg’s page:

This posting has since been removed and there has been no comment from Facebook on the hacking. This just goes to show you that if the CEO and Founder of Facebook can get hacked, so can the average user. Perhaps now Zuckerberg and the team at Facebook will take a closer look at privacy settings.

John Sileo trains organizations on Information Offense: Controlling identity, data and social media exposure before an attack takes place. His clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. Learn more about his high-content financial speeches.

Facebook Email: Putting Every Last Egg in One Basket

, ,

Facebook wants a piece of every social interaction you have, which is why they are poised to offer you a free email account, just like Gmail or Hotmail.

Facebook’s newest features (email and eventually a built-in search engine) are aimed at making their website your one-stop shop for all things internet. Rumor has it that at 10:30am PT, Facebook will offer their existing users email addresses. And millions of existing users will take them up on their offer because it will be cool to have a Facebook email account and because we are all in short supply of email accounts to check 24/7. Other sources are saying that Facebook will soon be offering a search engine as well.

As of December 2009, Gmail had over 1.8 million monthly users. Facebook currently has more than 500 million active users – even if a fraction of them use Facebook’s webmail in place of Gmail, it will significantly decrease Google’s hold on the industry. And Hotmails, and Yahoo’s. Why check 3 sources of information (mail, social networking, search) when you can simply check one?

For starters, you are putting all of your data eggs in one basket. Not only will Facebook control your profile (full of personally identifying information), your updates (that let them know what you are up to – if you think that this can’t be digitally scanned and analyzed, think again), your current location (thanks to Places), your photos, videos, friends and groups (I never knew you were a closet Democrat!), now they will be overseeing your email content (yes, they will reserve the right to scan your emails and advertise to you and those whom you email based on that content) and your search engine keywords (if they do add a search engine function and you type in depression medication, Facebook and all of their partners now know that you have a higher chance of being depressive).

All of which means that Facebook is increasingly becoming a One-Stop Shop for Marketing Data Miners, Identity Thieves, Stalkers, Vengeance Seekers, Cyber Bullies, and of course, friends.

Let me ask you a question? Would you put every last penny you have in one investment? Would you eliminate all of your friends except your very closest one? Would you share everything about yourself to only a single individual? Probably not. The wise among us know how critically important it is to diversify a portfolio, to surround ourselves with many good people, not just one, to compartmentalize information so that no one person, no single company knows everything about us.

But Facebook is doing exactly that – collecting every gram of our personal information, social and otherwise, so that it can be aggregated, analyzed and sold. And the fault is still partially ours, because we will take them up on their free email.

And you probably won’t even have to do anything to sign up, BECAUSE FACEBOOK WILL SIGN YOU UP BY DEFAULT, just like they do with everything else. Whether you want it or not, you will now have a Facebook email address that is automatically populated with the Facebook email addresses of all of your friends (because they know who your friends are and know their email addresses already). It will be like Google Buzz all over again, but we will overlook it, because we are so damned interested in what our high school girlfriend is doing these days that we forget to pay attention to something that counts.

It is being speculated that Facebook Email will offer such things as photo slideshows, a better conversation thread, integrated contact bios, and contact groups. Apparently other email moguls are worried as well. AOL introduced their new webmail interface this morning to try to combat Facebook’s big announcement. We won’t have to wait long!

While Facebook is making their announcement, John Sileo is delivering a speech on Social Networking Safety for the Department of Defense. To help your organization anticipate Facebook fallout and other forms of social networking over exposure, contact him directly on 800-258-8076.

Facebook Privacy Breach – Eventually, We'll Lose our Trust

,

According to a Wall Street Journal investigation, Facebook apps are sharing more about you than you think.

The Journal stated in their article, Facebook in Privacy Breach, that many of the most popular applications on the site are transmitting personal information about you and even your friends to third party advertisers and data companies. Apps such as BumperSticker, Marketplace, or Zynga’s Farmville (with over 50 million users) can be sharing your Facebook User ID with these companies. This can give as little information as your name, or as much as your entire Facebook Profile. In some cases, your data is being shared even if you have set your Facebook privacy settings to disallow this type of sharing.

According to the Journal:

“The most expansive use of Facebook user information uncovered by the Journal involved RapLeaf. The  San Francisco Company compiles and sells profiles of individuals based in part on their online activities.. The Journal found that some LOLapps applications, as well as the Family Tree application, were transmitting user’s Facebook ID numbers to RapLeaf. RapLeaf then linked those ID numbers to dossiers it had previously assembled on those individuals… RapLeaf then embedded that information in an Internet-tracking file known as a cookie.”

RapLeaf in turn transmitted this Facebook ID and user information to a dozen other advertising firms.

Rapleaf has said that it was inadvertent and they are working to fix the data leakage problem. On their website they have posted a response to the article.

“RapLeaf has taken extra steps to strip out identifying information from referrer URLs…When we discovered that Facebook IDs were being passed to ad networks by applications that we work with, we immediately researched the cause and implemented a solution to cease the transmissions.  As of last week, no Facebook IDs are being transmitted to ad networks in conjunction with the use of any RapLeaf service”.

This Facebook privacy breach is affecting tens of millions of users and even those that have taken the proper precautions with high privacy settings.

This revelation goes against my latest post Facebook, Cigarettes and Information Control. I used this post to make users aware that although there are privacy issues with Facebook, they have given you the proper controls to protect yourself. The Wall Street Journal investigation clearly shows that Facebook is not doing their part. While you can supposedly better secure your privacy settings after last week, Facebook is clearly not holding their third party applications to the same standard.

Many of these third-party applications have declared that they are not keeping or using this data. Regardless, the transmission of this information violates the Facebook Privacy Policy. Facebook has said that it is the applications that are violating their privacy policy – not them directly. A Facebook spokesperson had this to say:

“Our technical systems have always been complimented by strong policy enforcement, and we will continue to rely on both to keep people in control of their information.”

Many wonder if there is there anything you can do to prevent this or protect themselves from personal data leakage. The answer right now – is no.  Because many of the most popular applications used on Facebook are transmitting your personal data, it is hard to do much more than adjust your privacy settings to the highest level and realize that you are trading the security and privacy of your personal information in order to connect with your Facebook friends. This is where Facebook needs to step up and deliver on what they promise their users. If you go the extra mile to hide your personal information from third parties, they need to make sure that your information is protected.

Sileo Discusses Facebook Privacy on Fox & Friends Tomorrow

,

Don’t Miss John on Fox & Friends Tomorrow Morning!

September 15th, 2010   7:15 a.m. ET, 4:15 a.m. PT

Join Fox and Friends hosts Gretchen Carlson, Steve Doocy and Brian Kilmeade as they interview John Sileo about Facebook Privacy, Identity Theft and John’s latest book Privacy Means Profit on Fox’s morning show.