Social Network Safety

Social networks like Facebook and Twitter can pose security risks to your personal information, devices, and the College.  Hackers and identity thieves are increasingly targeting these services to compromise accounts or otherwise profit.  Here are some tips for staying safe on social networks:

Tweak the privacy settings

Most services allow you to fine-tune privacy settings.  With Facebook, for instance, it is wise to limit access to your profile and updates to only your friends.  "Friends of Friends" is often an excessive amount of people that you don't know, so be wary of that setting.

See these "Smart Cards" for detailed instructions:

Limit your "friends" or "connections"

Having 10,000 "friends" may be flattering, but do you really want everything in your profile, and all your posts and pictures accesible to that many people?  How many of those 10,000 people are actually imposters, or have had their account compromised by malicious hackers or identity thieves?

Be aware of location services enabled on smartphone cameras

Most smartphones are location aware, and have built that into the cameras on the devices.  This means that many pictures take are tagged with your longitude and latitude.  You don't see this when you look at the picture, but a hacker can see it by analyzing the image.  This can lead to offline risks.  Posting pictures while on vacation could lead to your actual home being robbed, for instance.

Don't fall for scams

If you receive messages from your uncle, soliciting money via wire transfer, claiming to be stuck in London after losing his passport, you may want to double check via known-good means, such as a confirmed telephone number, that your uncle is in fact in London.  Chances are, your uncle is watching television in his home, completely unaware that some scammer has hijacked his facebook account.

Use a password that differs from your College passwords

Social network passwords are compromised all the time.  A compromise of your password on a social network should not also be a compromise of your College accounts.  Keep them separate, and choose completely different passwords for work resources.

Limit the number of "apps" you authorize, deauthorize apps you no longer use

Apps you authorize on social networks can usually access your personal information, posts, and other information.  These applications have a tendency to get bought and sold, application authors change their views on privacy, and in general applications and their authors are not usually thoroughly vetted by the operators of social networks.  Drop applications you stop using.

Beware of impersonators

It is trivial for an attacker to impersonate a relative or friend on a social network.  All it takes is knowledge of someone's name, their picture (both of which may be obtainable from the social network itself), and they can create a fake account and begin adding you and others as "friends" or "connections".  If you receive a friend request from your cousin, and you were fairly sure you'd already added your cousin to your network, that should trigger a red flag that the new person may be an impersonator.