With the continuing rise in the popularity of social media platforms as more people embrace posting personal details of the minutiae of everyday life, hackers are mining their information to commit more fraud.
Fraudsters are becoming increasingly shrewd by diving into social media to capture personal details of their victims and thus compelling companies, banks and other financial institutions to turn to more sophisticated technology to thwart cyber attackers.
While cyber criminals already have basic information such as your mother's maiden last name, consumers are contributing to the efforts of fraudsters who may not need to hack into their accounts to retrieve sensitive financial and personal data.
Too many apps have location tracking built into their software by default. When you post to Facebook, Facebook messenger, Instagram and Swarm, you may not have to avoid geotagging and check-ins “completely, but you should certainly take control of the process,” said Amy Baker, vice president at Wombat Security Technologies, a Pittsburgh, Pa.-based provider of cyber security awareness and training products.
Manage the settings on all your devices and disable the access for the software for applications where you do not want to automatically share your location.
“You should also have a good understanding of how apps use and display this type of data,” she said.
Instagram is a “great” example, because few people are aware that the geotagged images are added to a “Photo Map,” Baker said. This means your followers can focus on the locations where the photos were taken.
Start by disabling the geotagging option in your camera settings and also consider turning off location tracking unless it is for an app which requires this functionality such as navigation.
“Not only will it help conserve battery life, it will give you better control over your privacy,” she said.
“Every Move You Make”
The desire to share details of your vacation or other outings should be resisted, because all the particulars will remain on the Internet for an eternity even if you delete the posts later.
“Though it may seem harmless to share news about an upcoming business trip or to post photos while you’re away on an extended family vacation, you should resist the urge to do so,” said Baker. “Would you walk into a room with 350 people you ‘know’ and shout that you’ll be halfway across the country for the next seven days?”
Learning to have patience is an asset, because it makes your information less valuable to hackers. Waiting to post photos of your vacations means you will not be advertising that you are not home for an extended period of time.
“It’s unfortunate, but scam artists and thieves do use social media to plan their attacks,” she said. “The less inroads you give them, the better. You are also sharing information with people you don’t know very well and that’s why people really need to think about the ramifications of posting certain kinds of personal information.”
Uphold your reputation online and assume that all the information you post “will end up seen by the world such as future employers, colleagues and dates,” Mark Parker, senior product manager at iSheriff, a Redwood City, Calif.-based provider of enterprise cloud security solutions.
Privacy settings do not protect the information you post whatsoever because one of your friends could share the post or take a screenshot of it, he said.
“Think about how many screenshots you have seen of social media activity over the last several months,” Parker said. “A positive online presence can be an asset when seeking employment or business relationships, so maintaining your online reputation should be as important as a good resume.”
Just because it is commonplace to share your birthdate or birthplace, limit the amount of access people have to your personal information, which invites hackers, said Marie White, CEO of Security Mentor, a Pacific Grove, Calif.-based security awareness training provider.
“Even if your account is private, friends may intentionally or unintentionally share your information,” she said. “Accounts can even get hacked, especially for Millennials and Generation Z who grew up sharing information and may not realize that oversharing increases their risk of identity theft.”
The same questions used to identify you when you log into a bank or credit card account can be ones you easily give out unknowingly on social media. Often times the questions ask about your pets’ names, family members or a favorite teacher, said Devin Egan, chief technology officer of LaunchKey, a Las Vegas-based decentralized mobile authentication and authorization platform. “Be careful with the information you post both privately and publicly on Facebook and Twitter,” he said. It will make it easier for an attacker to use that information to do things such as reset passwords and breach your online accounts by accurately guessing the answers to these questions.”