Posts

Facebook Privacy and Security Info Graphic

Thanks to Naomi Paton from BestComputerScienceSchools.net for sharing this Facebook Privacy Infographic!

Facebook_Privacy

 

Share this infographic on your site!
According to an early 2013 report from ComScore.com, Facebook still maintains the lead for American user engagement for a single web site — averaging a minute short of 6.75 hours per user in the month of Mar 2013. While this number is a decline from the same period in 2012 (with an average of nearly 7.25 hours per user), it’s obvious that American Facebook users spend a considerable amount of time on the site — more than any other social media site — revealing facts both mundane and interesting about their lives — facts that might be of interest to other people and companies, including those with ill intent.

In fact, according to a study by Alessandro Acquisti discussed in a TED Talk, American employers often judge job candidates who post to social media more harshly than equally skilled candidates who did not post — regardless of whether posts were negative or positive or not even relevant to the potential employer. How potential employers find your Facebook information about you is beyond  the scope of this article, but we do cover some relevant security and privacy statistics and offer some tips to guard yourself.

The Facebook Facts
Please note: All statistics below refer to U.S. Facebook users unless specifically indicated.

  • 1.26 — Number in billions of monthly active worldwide Facebook users  (as of  Oct 2013).
  • 83 — Number in millions of fake profiles (worldwide; as of late Jun 2013).
  • 7.5 — Approximate percentage of fake profiles (worldwide).
  • 128 — Number in millions of daily active Facebook users (mid Aug 2013)
  • 6 3/4 hours — Approximate average amount of time Facebook users spent on the site in Mar 2013.
  • 101 — Approximate number in millions of Facebook users on mobile devices (app and mobile web browsers).
  • 128 — Approximate total number in millions of Facebook users on both desktop computers and mobile devices.
  • 78 — Approximate percentage of Facebook users who access the site on a mobile device.
  • 76 — Percentage of smartphone market that Facebook reaches with their app (primarily) or via mobile web browsers.
  • 23 — Percentage of time spent on mobile apps that is attributed to Facebook use.
  • 303 — Approximate number of “friends” a Facebook user (12+ years old; worldwide) has in their network. This number varies significantly by age group. Research estimates have suggested numbers of 500+ for Facebook users in the 12-24 age range, but much less (low hundreds) for those in older age ranges.
  • 245 — The average number of friends that U.S. users have in their Facebook network, according to a Pew Research study in early 2012.
  • 600 — The approximate number of people that the average person knows overall (Facebook or otherwise), according to a New York Times report in early 2013. Note that other studies suggest a figure of 290.
  • 25 — Percentage of Facebook users (worldwide) who do not look at or ignore their Facebook privacy settings (according to a 2012 Velocity Digital report).
  • 71 — The number of countries whose individual governments made requests for user data to Facebook in the first six months of 2013.
  • 25.6 — The approximate total number in thousands (actual: 25,607) of requests for data made to Facebook by various world governments in that six-month period.
  • 11 — The number in thousands of data requests (minimum) that were made just by the U.S. government.  (U.S. data is reported as a range: 11,000-12,000.)
  • 43 — The approximate percentage (actual: 42.96) of all data requests made just by the U.S. government.
  • 38 — The approximate total number in thousands (actual: 37,954) of Facebook user accounts covered in those requests by all governments.
  • 20 — The number in thousands of Facebook account data requests (minimum) made just by the U.S. government.  (U.S. data is reported as a range: 20,000-21,000.)
  • 53 — The approximate percentage (actual: 52.70) of total account data requests made just by the U.S. government.
  • 2.5 — Number in billions of photos uploaded to Facebook in a single month in 2010
  • 30 — Percentage of photos in a study by Alessandro Aquisti in 2010 (taken of students on a college campus) that were identifiable by off-the-shelf facial recognition software. (Using data mining techniques, the researchers were also able to determine part of identified students’ Social Security numbers.)
  • 10 — Percentage of anonymous online dating profiles identified via facial recognition software in another study by Aquisti.
  • 43 — Percentage of employers (in a study of 2,100 hiring managers) who did not hire a job candidate after researching the latter’s social media profile.
  • 600 — Number in thousands of Facebook logins (worldwide) that are compromised daily (late Oct 2011).
  • 25 — Percentage of consumers whose online data has been breached who later become a victim of identity fraud.
  • 2.78 — Percentage of homes in the U.S. (1 in 36) that will likely be burgled in 2013, according to an FBI 2012 crime report — with or without the help of social media tracking.
  • 1,657 — Average loss in dollars per break-in.
  • 25 — Percentage of teens who claim to have been stalked on Facebook.
  • 55 — Percentage of teens who have given out personal info to strangers on Facebook.
  • 24 — Percentage of teens who have had compromising information made public without their permission.
  • 2.5 — Number of billions of new daily Facebook posts (worldwide).
  • 67 — Percentage of teen users who know how to hide their online activity from parents.
  • 10 — Percentage of children worldwide who experience cyberbullying.
  • 52 — Percentage of teens not telling parents about being cyberbullied.
  • 34 — Percentage of parents who check their children’s social network sites.

Top Five World Governments Requesting Facebook User Data
The following five countries made the most requests to Facebook in the first six months of 2013. (Note: United States data is reported in ranges. In the table below, only the minimum value of U.S. ranges is reported.)

Country Minimum Requests Minimum Accts Requested
United States 11000 20000
India 3245 4144
United Kingdom 1975 2337
Germany 1886 2068
Italy 1705 2306

6 Threats to Your Privacy and Security
Using Facebook incorrectly can expose you to a number of threats. Here’s an incomplete list:

  1. Bullying — You think that your kids are safe at home from bullies? Unfortunately not, and some reports suggest that cyberbullied kids are 2-9 times more likely to commit suicide.
  2. Stalking — Let’s face it; there are lots of creeps out there and one of them may be  stalking you or your children — which is made easier by the fact that more than half of teens give up personal info to strangers on Facebook.
  3. Burglary — While the U.S. Bureau of Justice Statistics suggests home burglaries have declined since the 1970s, while make their efforts easier? Some burglars do monitor social media to determine which homes will be unoccupied for a long enough period for them to get what they want. Sometimes they do this by hacking accounts; other times they simple make friend requests to people who don’t know them. From there, it could be a simple matter of monitoring posts for location data and extended and absence.
  4. Identity theft — Are you revealing too much info in your Facebook profile? Potential victimizers can combine your Facebook profile info with your other social media profiles to get the data they need. Note that identity theft can happen to your children, too, and this might not be noticed until they’re 18 or older.
  5. Career compromise  – Given two equally qualified candidates, new research shows that if a potential employer checks social media profiles, they tend to have a bias against those who post anything to social media – regardless of the topic or tone; even worse if you say something compromising or have photos of questionable behavior. This may not be surprising given that while most U.S. universities and charities are on Facebook, the percentage of Fortune 500 companies with a Facebook page is considerably less (60% as of Jan 2012).
  6. Reputation damage — It might only take one tagged picture of you cutting loose, doing something one time that you wouldn’t normally do. If an acquaintance not in your Facebook network posts the picture, you might not even know about it — a potential problem if they’ve identified you in text.

Privacy and Security Features
Facebook founder Mark Zuckerberg — who in late 2013 spent an extra $30M buying four extra nearby homes to maintain his real-life privacy — has in the past openly indicated that “privacy is over” and that if he were starting Facebook anew that user information would be public by default. That was nearly three years ago and the company doesn’t seem to have swayed much from that goal. He has also made comments suggesting that Facebook users don’t care about privacy.  Despite this attitude, there are legitimate reasons to maintain your privacy on Facebook and there are ways to do so.
This is not a comprehensive list, but possibly two of the most under-utilized features are “private profile” and friend lists. New Facebook accounts used to be private by default but have since switched to public by default. You need to manually change that setting. As for friend lists, they’re the digital equivalent of social circles. Friends can fall into multiple lists or just one.

15 Things You Should Do To Maintain Privacy on Facebook
According to various reports, teens and adults are being turned down for work due to certain things they’ve posted on their social profiles. To see how potentially embarrassing indiscriminate posting can be, visit weknowwhatyouredoing.com.
Younger children are at risk, too, given the growing number of underage Facebook users. According to figures by the Crimes Against Children Research Center, children in the 10-13 age range are at most risk from online predators — that age group makes for 22% of targets.
Here are some tips for maintaining your privacy and keeping your profile socially acceptable, as well as for protecting your children if they use Facebook.

  1. Review your Facebook profile information to make sure that if you do have email addresses, employment history and phone numbers listed, that the information is only accessible by friends. Keep in mind that Facebook had a bug in June 2013 that caused the leak of email addresses and/or phone numbers of 6M users — not a large percentage of all users, but enough to potentially cause problems for those compromised. (If you have specific need to prevent someone from finding you, use an alias in your profile — and don’t post any photos of people associated with you. Better still, use a social media service that’s truly private.)
  2. Create friend lists. Name them according to social circles such as family, friends, friends of friends, colleagues, college-chums, teammates, etc. Put everyone in your network on one or more lists. Every time you add someone, assign them to one or more lists. Hide your friend lists to protect your friends, so that strangers cannot see to whom you are connected.
  3. When you post, use friend lists to control who sees your information. Set a default setting (e.g., Friends or Friends of Friends). If you want, you can change the viewability setting for a specific post either before (best practice) or after posting.
  4. Pay careful attention not only to what you are revealing about yourself in something you are about to post, but also look at the icon indicating who can see the post once it’s published. If you see a “globe” icon, that means your post will be public. Make a habit of checking this before posting.
  5. Review your recent posts and consider removing personal details in case you’ve over-shared.
  6. Make sure that your location is not being broadcast. This is especially important if you’re using Facebook on a mobile device. Turn off the location feature.
  7. If you use Facebook for work purposes, split your posts between your personal profile only available to friends and a “Personality/ Business” Page accessible publicly.
  8. Review your friends’ posts if they tag you. Review your comments on friends posts that might be controversial, in case they change their post’s status to Public. Cover your bases by using Google Alerts [http://www.google.com/alerts] to get email updates for your Facebook profile name, and then take action if necessary.
  9. Even if you keep your Facebook profile private, if you are using Facebook on a mobile device, be absolutely sure that you are using legitimate wi-fi networks and not “honey pots”. If you get on such a network by accident, change your password immediately. If your Facebook profile includes your email address, change your email password.
  10. Change your password regularly — once a month or more often — and don’t repeat any previous password for at least a few months — preferably never.
  11. Use different passwords for different websites and services. Try not to reuse your Facebook password anywhere else — especially for email addresses listed in your Facebook profile.
  12. Pay attention to any privacy setting changes that Facebook announces. You never know when they will affect you or your children.
  13. Make sure your profile name is unique. If there are other people with the same name as you, don’t take chances that your profiles might be confused by someone.
  14. Check your overall privacy settings on the Facebook Privacy Settings and Tools web page [https://www.facebook.com/settings/?tab=privacy].
  15. Check the settings on your photo albums. Each album and photo can have custom settings.

Check the Facebook Privacy page [https://www.facebook.com/help/445588775451827] for more details on privacy settings.

6 Additional Tips For Protecting Your Children
If you think your child will not join Facebook until they’re older, consider that an Oct 2013 study by Commonsense Media shows that 38% of children under 2 have used a mobile device (smartphone or tablet). By the age of 8, that number jumps to 72%. Kids are comfortable with mobile devices, so the chances of them joining a social media site such as Facebook as a mobile user increases. When you then consider that, as mentioned above, 10-13 year-olds make up 22% of the targets of online predators, and that there are millions of underage users, it’s better to guide your children into proper use of Facebook and other social media than to hope they’ll “be good” and not use such services.
In addition to the general tips above, here are some additional tips for protecting your Facebook-using children.

  1. If your children are not on Facebook, agree to show them how at an agreed-upon age. Let them know early on what you will expect from them in terms of usage behavior. Better you introduce them and know they’re more likely to trust you as a “friend” if you teach them early and trust them.
  2. Implement usage schedules and rules for your children. E.g., can only post to Facebook between 7pm-9pm, from home, when a parent is home to monitor, if necessary.
  3. Discuss privacy and security with your kids and make sure that they understand what dangers lurk online. With underage Facebook profiles increasing in number, have this discussion as soon as possible.
  4. Require at least your under-age children to friend you (possibly using a joint family profile that one or more adults can use to monitor posts.) If you are not on Facebook and your children are, that’s a very good idea to join. Just don’t embarrass your kids with awkward comments on all of their posts.
  5. Review recent posts by your children and teach them to understand what is acceptable and what is not. Ask them to edit out any personal info as necessary. E.g., they may not realize they’re revealing too much when they post about an upcoming family vacation and how long you’ll be away.
  6. Ask your children to regularly submit a list of Facebook groups they’d like to join so you can review the groups.

Also make sure that your children are not doing any of the things in the following list.

10 Things You Shouldn’t Do on Facebook
It can be easy to forget how your security and privacy gets compromised on social media. Of course, if you’re doing “bad” things and posting about them, don’t expect to have your privacy maintained. Even if you’re just under suspicion of having done something illegal, Facebook and other social media sites give access to profiles to crime fighting and government agents in certain circumstances — which you cannot prevent. However, to keep other people from knowing your social business, here are tips for what not to do on Facebook

  1. Don’t use Klout.com and similar services if you want to maintain a private profile. It’s not clear in the Klout.com UI who can or cannot see your “Klout moments”, but given that your private FB posts do appear in Klout (because you had to have given permission in the first place), it’s probably not a good idea.
  2. Don’t use FB apps or mobile apps that “want to post for you” if you’re concerned.
  3. Don’t publicly post that you are away for an extended period of time or imply such — especially if your address is easy to find online or in the white pages.  Some U.S. insurance companies are changing policy rules to exclude claims if they can prove you revealed too much on social media and were burgled as a result.
  4. Don’t give away too much info about your current whereabouts. Turn off “location,” don’t mention you’re away and for how long. This includes multi-day conferences, even if you’re near by.
  5. Don’t publish your full home address contact details anywhere online, including your Facebook profile. If you have a home business, use a P.O. Box or use a service that gives you the equivalent of a physical suite number and signs for packages for you.
  6. Don’t post photos of your children, or at the least do not identify and tag them — especially under-age children.
  7. Don’t post or tag photos of your friends doing “questionable” things. Ask them to check with you as well before posting. Similarly, don’t post pictures of your bad habits. Make sure your friends are not doing so either. You would think all this would be commonsense, but friends of friends might be posting photos of you.
  8. Don’t post “insider information”, especially for publicly-traded companies. You might have family, friends or acquaintances that become sources of such information for you. Carefully consider what you’re revealing before posting about any company or the legal repercussions might be worse than losing a job.
  9. Don’t accept friend requests from people you don’t know – especially if they have very few friends in their profile. At least with LinkedIn, you know how they’re connected to you.
  10. Don’t use short, simple passwords. Use longer passwords, some uppercase letters mixed with lowercase letters, numbers and punctuation. Use multiple unrelated words if it makes it easier for you to remember. It’s particularly important to protect your account if re-use this password for other online services — especially common ones such as email addresses, banking, etc.

References :
Information for this article was collected from the following pages and web sites:

  1. http://arxiv.org/pdf/1111.4503v1.pdf
  2. http://www.asecurelife.com/burglary-statistics/
  3. http://www.bjs.gov/index.cfm?ty=tp&tid=321
  4. http://blog.bufferapp.com/10-surprising-social-media-statistics-that-will-make-you-rethink-your-strategy
  5. http://www.careerbuilder.com/share/aboutus/pressreleasesdetail.aspx?sd=6%2f26%2f2013&siteid=cbpr&sc_cmp1=cb_pr766_&id=pr766&ed=12%2f31%2f2013
  6. http://cola.unh.edu/ccrc
  7. http://www.commonsensemedia.org/
  8. http://www2.comscore.com/l/1552/gital-Future-in-Focus-2013-pdf/3dplfc [PDF; requires free signup]
  9. http://www.cooldailyinfographics.com/post/hashtag-etiquette
  10. http://www.cooldailyinfographics.com/post/how-burglars-are-using-social-media
  11. http://www.dazeinfo.com/2012/01/07/social-media-facts-figures-and-statistics-2012-infographic/
  12. http://dotcomplicated.co/content/2013/06/online_reputation/
  13. http://expandedramblings.com/index.php/by-the-numbers-17-amazing-facebook-stats/
  14. https://www.facebook.com/about/government_requests
  15. https://www.facebook.com/bookmarks/lists
  16. https://www.facebook.com/settings/?tab=privacy
  17. http://www.fbi.gov/about-us/cjis/ucr/crime-in-the-u.s/2012/crime-in-the-u.s.-2012
  18. http://www.go-gulf.com/blog/cyber-crime/
  19. http://www.heinz.cmu.edu/~acquisti/face-recognition-study-FAQ/
  20. http://www.huffingtonpost.com/2013/06/21/facebook-bug_n_3480739.html
  21. http://www.identitytheftassistance.org/pageview.php?cateid=47
  22. http://www.jonloomer.com/2012/01/06/facebook-timeline-privacy/
  23. http://www.marketingcharts.com/wp/direct/18-24-year-olds-on-facebook-boast-an-average-of-510-friends-28353/
  24. http://mashable.com/2011/10/28/facebook-600000-accounts-compromised/
  25. http://mashable.com/2013/10/28/children-under-2-mobile-media-study/
  26. http://www.michaelzimmer.org/2012/05/07/how-to-adjust-your-facebook-privacy-settings-2012/
  27. http://www.pewinternet.org/Reports/2012/Facebook-users.aspx
  28. http://readwrite.com/2010/01/09/facebooks_zuckerberg_says_the_age_of_privacy_is_ov#awesm=~olwXxqKGlnb9Ed
  29. http://sociallyactive.com/facebook-and-kids-a-parents-guide-to-facebook-privacy-and-security/
  30. http://www.statisticbrain.com/facebook-statistics/
  31. http://techcrunch.com/2013/08/13/facebook-mobile-user-count/
  32. http://blog.ted.com/2012/07/24/what-data-is-being-collected-on-you-some-shocking-info/
  33. http://blog.ted.com/2013/09/16/6-basic-tips-for-better-online-security-from-ted-speaker-james-lyne/
  34. http://blog.ted.com/2013/10/17/the-future-of-facial-recognition-7-fascinating-facts/
  35. http://www.ted.com/talks/alessandro_acquisti_why_privacy_matters.html
  36. http://www.ted.com/talks/james_lyne_everyday_cybercrime_and_what_you_can_do_about_it.html
  37. http://www.theatlanticwire.com/technology/2013/02/real-friends-vs-facebook-friends/62310/
  38. http://www.theparentszone.com/parenting/why-parents-hate-social-networking-sites/
  39. http://www.theverge.com/2013/9/29/4783702/the-faces-of-facebook-natalie-rojas
  40. http://www.wired.com/business/2010/04/report-facebook-ceo-mark-zuckerberg-doesnt-believe-in-privacy/

 

Facebook_Privacy_thumb

 

John Sileo is an author and highly engaging speaker on internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Identity Theft & Fraud Keynote Speaker John Sileo

, , , ,

America’s top Privacy & Identity Theft Speaker John Sileo has appeared on 60 Minutes, Anderson Cooper, Fox & in front of audiences including the Department of Defense, Pfizer, Homeland Security and hundreds of corporations and associations of all sizes. His high-content, humorous, audience-interactive style delivers all of the expertise with lots of entertainment. Come ready to laugh and learn about this mission-critical, bottom-line enhancing topic.

John Sileo is an award-winning author and keynote speaker on the dark art of deception (identity theft, fraud training, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust.

7 Steps to Stem Facebook Privacy Bleeding

, , ,

Why You Should Share Facebook Privacy Settings with Friends

A true friend does more than just post updates about their conquests on your wall. They share information with you that makes your life better, even if it isn’t exactly what you want to hear. And you do the same for them. But are your friends unwittingly sharing too much information about you with others (strangers, advertisers, app developers, scammers)? Probably. For example, if they (or you) haven’t customized your privacy settings lately, you are giving Facebook permission to:

  • Publish your name, photo, birth date, hometown and friend list to everyone?
  • Indirectly share your restricted data with outsiders through your friends?
  • Let your friends check you in to embarrassing locations where you aren’t?
  • Post your Likes as advertisements on friends’ walls using your name?
  • Authorize Google to index, access and share your information on the web?

Taking simple steps will make a significant difference. Start with the 7 Facebook Privacy Settings below and ask your friends to do the same. It benefits their privacy and yours. The video to the left quickly walks you through how to get to each level of privacy setting. If the video is too small for you to see the pointer, simply click on the four arrows in the bottom right-hand corner of the video viewer (to the right of the YouTube logo) to view in full-screen mode. For better resolution, use the drop down menu to switch to 720 HD.

7 Facebook Privacy Settings to Share with Your Friends

  1. Hide Your Hometown, Friends & Interests from Strangers. You may want every last soul on Facebook to know who your friends are, but your friends might not appreciate being part of your popularity contest. And believe me, you don’t want outsiders knowing where you live, where you were born and what interests you. To block people other than your friends from seeing your these items, in the upper right hand corner of your home Facebook screen once you are logged in, click Account>>Privacy Settings. Then go to View Settings (under Connecting on Facebook). Set See your friend list, See your current city and hometown, See your education & work and See your likes, activities and other connections to Friends Only. You can even block everyone, including friends, from seeing these personal tidbits by clicking on the Everyone button, selecting Customize and choosing Only Me.
  2. Restrict (or alter) Your Personally Identifying Information (PII). Facebook PII includes your Birthday, Address, Email, IM Screen Name and Phone Numbers. With just your name, birthdate and hometown, a scammer can easily recreate your Social Security number, steal your identity, or rob your home while you’re on vacation. My recommendation is to leave these fields blank in the first place (where possible) or fill them with partial or inaccurate information (make up a birthdate that is close to yours but not exact. Please note this may be in violation of Facebook’s user policy.). Either way, you should also limit others from accessing your PII. Click on Account>>Privacy Settings and then Customize Settings (towards the bottom of the sharing grid – look for the tiny pencil). Each drop down box to the right allows you to Customize your setting for that item. Using the Customize option, set Birthday (under Things I share) and Address, IM Screen Name, Email, Phone Numbers (under Contact information) to Only Me. Consider setting Religious and political views and Interested in to Only Me or Friends Only as well. The primary way a social engineer (information con artist) exploits you is by understanding what interests you. 
  3. Stop Broadcasting Your Whereabouts in Places. Like the popular application Foursquare, Facebook Places allows you to check in to real-world locations and share your whereabouts with friends (so that burglars know exactly when to rob you). There are two relevant settings regarding Places. First of all, you should limit which users can see which places you can check in to. Click on Account>>Privacy Settings and then Customize Settings (see the first video for direction). Set Places you check in to (under Things I share) to Only Me (using the Customize feature) if you want to disable Places or to Friends Only if you want your friends to know your location. In a very strange default setting, Facebook allows your friends to check you in to places (e.g., a friend checks you in to a strip club while you are at the library). To turn this off, on the same screen, click on Edit Settings next to Friends can check me in to Places (under Things others share). In the drop down menu, choose Disabled and click Okay.
  4. Limit How Your Photos & Videos are Shared. If you allow everyone to see photos or videos in which you are tagged (the default), anyone can post a compromising photo of you (friend or otherwise) and then share it with the world by tagging you in the photo. This can lead to some very embarrassing situations (you’d never post the pictures taken at the bachelorette party, but the scorned bridesmaid just might). There are two settings you need to change to fix this. First, click on Account>>Privacy Settings and then Customize Settings (find the pencil). Click on Edit Settings next to Photos and videos you are tagged in (under Things others share). Change the drop down menu to Customize and change the setting to Only Me if you don’t want others to see your tagged photos or to Friends Only if you want your friends to see the tagged photos. Click Save Settings. Then, in respect for your friends, make sure you aren’t accidentally allowing their friends to see photos in which you tag them. To do this, go to Account>>Privacy Settings. Towards the bottom of the page (above the pencil) is a check box that says Let friends of people tagged in my photos and posts see them. Uncheck this box. 
  5. Restrict Google and Apps from Mining Your Identity. By default, Facebook allows search engines like Google and applications (apps) like Farmville access to certain personal information. After all, Facebook is in the business of inventorying your identity and then selling it to vendors and advertisers. To regulate how much is shared, click Account>>Privacy Settings and then Edit your settings (under Apps and Websites in the bottom left-hand corner). First, go to Public search and Edit Settings. Unclick the Enable public search check box to keep the search engines out of your profile. If you use your Facebook profile for business and want to be searchable, leave public search enabled. Next, go to Apps you use and click Edit Settings. Review and Edit every app that has access to your private information or delete the access entirely. Having all of your social networking profiles connected and using Facebook as a centralized login for convenience is a recipe for privacy disaster.
  6. Limit What’s Accessible Through Your Friends. No matter how tightly you lock your privacy down in Facebook, if you don’t restrict what strangers, vendors, advertisers and Friends of Friends can see through your friends, you have done very little to actually protect yourself. Here’s how to limit what your friends can share (knowingly or unknowingly). First, click Account>>Privacy Settings and then Edit your settings (under Apps and Websites in the bottom left-hand corner). Next to Info accessible through your friends, click Edit Settings. You will see an entire list of data that can be accessed through your friends Facebook page, EVEN IF THE SAME INFORMATION ISN’T ACCESSIBLE THROUGH YOUR PAGE (because you customized your privacy settings in steps 1-5). This is quite possibly the most devious aspect of Facebook. I only have two or three items checked here – those pieces of information that I wouldn’t mind seeing on the front cover of USA Today. That is how public these bits of data become if you allow your friends to share them. 
  7. Turn On Your Account Security Features. Facebook has several built-in security features (turned off by default) that make your social networking a safer virtual world. Click on Account>>Account Settings and then Security (left column). First, under Secure Browsing (https), check the box next to Browse Facebook on a secure connection (https) whenever possible. The gives you bank-like security when accessing your Facebook pages. Under Login Notifications: When an unrecognized computer or device tries to access my account, check the box next to Send me an email. That way, if someone gains unauthorized access to your Facebook account on a non-registered computer (your computers and phones will be registered), Facebook automatically locks the user out. If you don’t mind sharing your mobile phone number with Facebook (I don’t share my # with them), you can implement Facebook Addictiona third security feature. Under Login Approvals: When an unrecognized computer or device tries to access my account, check the box next to Require me to enter a security code sent to my phone.

If you just took these first 7 Steps to protect your Facebook privacy – congratulations – your profile and data are more secure than 99% of the Facebook population. Now it’s your turn to be a good friend – pass this on to someone you care about, and ask them to spend a few minutes protecting themselves. It’s a win-win for everyone.

John Sileo is the award-winning author of Privacy Means Profit and a keynote speaker on social media privacy, identity theft prevention and manipulation jujitsu. His clients include the Department of Defense, Blue Cross, Pfizer and Homeland Security. Learn more at www.ThinkLikeASpy.com or contact him directly on 800.258.8076.

Facebook Apps Leaking Your Information

A report was recently published claiming that nearly 100,000 Facebook apps have been leaking  access codes belonging to millions of users’ profiles. Symantec released the report and said that an app security flaw may have given apps and other third parties access to users’  profiles. Facebook maintains that they have no evidence of this occurring.

In their report, Symantec wrote:

We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.

These “access tokens” help apps interact with your profile.They are most often used to post updates from the application to your wall. When you add the applications to your profile you, as the Facebook user, is giving the apps access to your information by accepting their conditions.  According to the investigation, these tokens were included in URLs sent to the application host and were then sent to advertisers and analytics platforms. If the recipient recognized the codes (meaning they have to be qualified to read and write HTML code), they could gain access to the user’s wall’s and profile.

It was announced on Tuesday that the flaw has been fixed by Facebook, but I still recommend that you change your password. And don’t just change it every time Facebook experiences a breach, but every few months. By keeping all of your passwords current and original, you are decreasing the chances that you will be hacked and that your accounts (financial, social, and otherwise) will be compromised.

John Sileo is one of America’s leading Social Networking Security Speakers. You can learn more about Facebook Safety and how to protect yourself online here. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Facebook Safety: New HTTPS Facebook Settings

, ,

Facebook has announced that they will be rolling out a new security feature that will add full HTTPS support to the site. The new secure site uses the same underlying technology that banks use to keep your communications out of the reach of potential hackers. While many people don’t have this feature yet and mine just showed up today, eventually all users should have the capability.

To enable HTTPS, log into your Facebook account and at the top right go into Account -> Account Settings.

Once there, scroll all the way to the bottom and click “change” next to Account Security.

The following screen should pop up. Check the box under Secure Browsing. You can also check “send me an email” (or a text message to your cell phone, which I don’t advise giving to Facebook) so that if someone tries to log into your account from a new computer, Facebook will immediately alert you. This is a good way to find out fast if your account has been hacked.

How to Keep Your Facebook Secure by Enabling HTTPS

Facebook rolled out these secure settings to make Facebook seem safer, but like many of their security changes, they are turned off by default. You must go in and manually change the feature to gain the added security.

But HTTPS isn’t a cure-all for Facebook Safety. The real trouble arrives when you click on an App or quiz  that contains malware. Since you are giving permission for the App to install, you have just let the enemy in the back door. Stay away from Apps, Quizzes and Questionnaires from unknown sources. The malware allows a hacker to transport you off of the secure HTTPS site and onto a page where they can hack into your account. The higher your Privacy Settings are, the safer you are.

Two New Facebook Scams:

  1. An email is sent to users saying that their Facebook account is being used to send spam, and that their password has been changed. They are told to open the attachment to find their new password. The attachment includes a Microsoft Word icon and even opens Word when you click to make you think its legitimate. In addition, the attachment opens all of the computer system’s communication ports and connects to mail services in an attempt to send spam.
  2. Users are sent an instant message that contains a link, that when clicked, takes over the person’s Facebook account and locks them out. A message is displayed when they try to log in saying that their account has been suspended. In order to reactivate the account, they must complete a questionnaire (it even promises prizes for doing so).

Even  with the latest security changes in Facebook, users will always be the targets for spam, viruses and malware. Pass this onto friends and family so that everyone can be a little bit safer while online.

Click Here to learn more about protecting yourself online and on Facebook.

John Sileo is an information survival expert whose clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. He is the author of Privacy Means Profit and earns his keep delivering highly motivational identity theft speeches.

Facebook's Zuckerberg Gets Hacked

,

While Facebook privacy issues are becoming a concern for most users, you would think that the CEO of Facebook should at least be protected. Apparently that is not the case. Mark Zuckerberg’s Facebook page was hacked last week. The founder of the social networking giant found himself to be a victim of what many users often face, and I hope it prompts him to incorporate more robust security into the fabric of Facebook. In fact, my experience is that people’s willingness to pay attention to privacy and data security goes up exponentially when they have experienced a breach first hand.

Here is what The Guardian had to say about Zuckerberg’s breach:

“Mark Zuckerberg’s Facebook page has been hacked by an unknown person who posted a status update suggesting that the site should let people invest in it rather than going to the banks. The page belonging to the 26-year-old Zuckerberg, the Facebook founder who was named Time‘s Man of the Year in 2010, was hacked some time on Tuesday.” (The Guardian)

This hacking comes at the heals of the announcement that Facebook is worth about $50 billion after investors such as Goldman Sachs and a Russian venture capital firm started to take interest in the company. Many believe that those who made Facebook what it is today, the users, should be able to invest and profit from the billion dollar company. One significant breach of Facebook’s data could reduce that valuation by about 40%, as the loss of user trust would be devastating.

The following message was posted to Zuckerberg’s page:

This posting has since been removed and there has been no comment from Facebook on the hacking. This just goes to show you that if the CEO and Founder of Facebook can get hacked, so can the average user. Perhaps now Zuckerberg and the team at Facebook will take a closer look at privacy settings.

John Sileo trains organizations on Information Offense: Controlling identity, data and social media exposure before an attack takes place. His clients include the Department of Defense, Pfizer, Homeland Security, FDIC, FTC, Federal Reserve Bank, Blue Cross Blue Shield and hundreds of corporations and organizations of all sizes. Learn more about his high-content financial speeches.