So what can you do to try to protect yourself? Here are some tips from the United States Computer Emergency Readiness Team (US-CERT):
Limit the amount of personal information you post - Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your connections post information about you, make sure the combined information is not more than you would be comfortable with strangers knowing. Also be considerate when posting information, including photos, about your connections.
Remember that the internet is a public resource - Only post information you are comfortable with anyone seeing. This includes information and photos in your profile and in blogs and other forums. Also, once you post information online, you can't retract it. Even if you remove the information from a site, saved or cached versions may still exist on other people's machines.
Be wary of strangers - The internet makes it easy for people to misrepresent their identities and motives. Consider limiting the people who are allowed to contact you on these sites. If you interact with people you do not know, be cautious about the amount of information you reveal or agreeing to meet them in person.
Be skeptical - Don't believe everything you read online. People may post false or misleading information about various topics, including their own identities. This is not necessarily done with malicious intent; it could be unintentional, an exaggeration, or a joke. Take appropriate precautions, though, and try to verify the authenticity of any information before taking any action.
Evaluate your settings - Take advantage of a site's privacy settings. The default settings for some sites may allow anyone to see your profile. You can customize your settings to restrict access to only certain people. However, there is risk that even this private information could be exposed, so don't post anything that you wouldn't want the public to see. Also, be cautious when deciding which applications to enable, and check your settings to see what information the applications will be able to access.
Use strong passwords - Protect your account with passwords that cannot easily be guessed. If your password is compromised, someone else may be able to access your account and pretend to be you.
Check privacy policies - Some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam. Also, try to locate the policy for handling referrals to make sure that you do not unintentionally sign your friends up for spam. Some sites will continue to send email messages to anyone you refer until they join.
Use and maintain anti-virus software - Anti-virus software recognizes most known viruses and protects your computer against them, so you may be able to detect and remove the virus before it can do any damage. Because attackers are continually writing new viruses, it is important to keep your definitions up to date.
Introduction – Social Networking and Security Risks
With
any new tool or application, it is always important to keep a close watch on
its security implications. Facebook comes with its own set of security concerns
which can put your information systems and/or personal data at risk. This
article will look at some of these risks and identify possible solutions to
help protect you, your personal information and your company data. Facebook - Three of the most popular features of Facebook are the ability to add Friends, update your status and run applications such as games and quizzes. A “Friend” is anyone on the Facebook network whom you allow to see various levels of personal information, such as job, birth date, photos, group membership, comments and list of other Friends. You can even play online games and keep others updated on your daily life. Friends can also see Friends of Friends, meaning individuals, whom you have officially befriended and may never have met, may have visibility into your personal information and whereabouts.
Updates - At the top of the user’s Facebook profile is the Update field, which allows the user to post a sentence or paragraph regarding any topic at any time. Here are some examples of updates that my Facebook friends have recently posted. These are very typical:
»» “Just received a job offer.
Hooray!”
»» “I’m tired of all the rain.”
»» “Looking forward to the family
vacation next week at Disney World.”
Although
these might seem relatively harmless, the third bullet point could raise some
concern. You have just told all your friends, as well as all their friends,
that you will be away from home for a full week. This is comparable to putting
a sign on the main road that shouts “Empty House” for passers-by to see. Even
if you have a burglar alarm or neighbors keeping an occasional eye on the home,
you still don’t want to create the temptation for strangers (Friends of
Friends) to consider helping them to that wonderful, new 52” flat screen TV you
just purchased. Twenty things you didn’t know about me - Not long after I joined Facebook, I received a message from a Facebook Friend who had just created a list called “Twenty Things You Didn’t Know About Me.” I was then invited to read it, create one for myself and then notify others in turn. The list had questions I needed to answer so that my Friends could learn a little bit more about me. I had some initial concern as this seemed very much like a chain letter, and I never forward those. Yet, it also seemed harmless enough; I wasn’t being asked to send money or forward a false virus alert. I decided to give this a try and went through the bullet points. Here are some of the items that I was supposed to identify about myself:
»» What was my most embarrassing
moment?
»» Have I ever played hooky?
»» What was the name of my first
elementary school?
»» What was my favorite pet’s name?
In
ordinary conversation with friends and colleagues, these are questions that we
aren’t typically afraid to answer. But look more closely at the last two
questions, and now think about the way that you may have set up your online
bank account, Amazon.com profile or the access to your work’s Human Resources
system. When setting up online accounts, in addition to creating a User ID and
a password, you often provide answers to a set of “secret questions” that you need
to answer if you forget your credentials. If you can answer the questions, you
will receive the password (or a new one) and have full access to the system
which likely contains very personal and sensitive information. Now consider
what “secret questions” are often asked: “What was the name of your first
elementary school?” “What was the name of your favorite pet?” By providing the
personal information asked in these Facebook questionnaires, you may
unwittingly be providing an easy channel for identity theft. Is it worth
compromising your online bank account for the bit of amusement that Facebook
provides? Probably not. If you still want to have fun with these
questionnaires, then by all means do so. But be very careful about the type of
information that you provide and how that information could be used if it fell
into the wrong hands.
Applications
- Facebook
offers thousands of applications that its users can install and run. These
applications include calendars that allow Friends to be reminded when it’s your
birthday, tools to send Friends online greeting cards, quizzes on myriad topics
and much more. Many of the applications were designed by Facebook end-users.
Although
the applications on Facebook may look harmless, and in fact most probably are,
there are always some that may deliver malicious content to your computer. This
holds true not only to Facebook, but also to other social networking sites and
to the Internet in general, when downloading from the web or opening
attachments in email messages. Therefore, make certain that your computer has a
proper and functional firewall, as well as up-to-date antivirus/anti-malware
software, and only install or run these applications if they are from a trusted
source or approved by your corporate IT department.
No comments:
Post a Comment