Saturday, February 1, 2014

Is Social Media a Hack? How to Protect Yourself Online

It’s a startling reality that happens every day. You log on to your social media account to find that it has been disabled, that you have been locked out and your password changed – or worse, that your account information has been stolen or held hostage.

Image Credit: Bit Social Media
That is what happened to Naoki Hiroshima after hackers accessed his GoDaddy and PayPal accounts, resulting in his loss of a rare Twitter username.

The truth is that no one is safe from a data breach. Governments, companies and private individuals fall prey to hackers and scammers every day.

In January alone, Snapchat and Neiman Marcus fell to the hands of hackers, who stole private information from millions of users. Skype’s Twitter account was hacked by the Syrian Electronic Army (SEA) and just this week, both Yahoo! Mail and arts & crafts retail chain, Michaels, were the latest victims of a data breach. Last December, encrypted data with PINs were removed from Target’s databases, and hackers also stole 2 million Facebook, Google, Twitter and Yahoo passwords

We see this happening more and more, every day. We know the risks of being online, yet we’re sharing more and more of our private lives on social media with the world these days. There is no doubt that personal information is profitable for companies who use our personal information such as our shopping habits and health information for things like targeted advertising. Advertisers who message relevant content can result more attention from consumers and of course greater sales numbers, but the information used can be extremely damaging if it falls into the wrong hands. The most difficult part is that we can’t control what happens to the information companies have about us, but we can make it harder for them to get more information if we are conscious about what we are putting online and on our social media accounts. Here are some steps to protect your online privacy and social media accounts. A lot of these are common sense, but they could help you keep your accounts safe.

1.) Get better at choosing your online usernames and passwords.
  • Don’t create a password from a word that can be found in a dictionary.
  • Don’t use the same username and password for every site. This was something we learned in class, and a lot of people were very surprised to find that that’s exactly what they did and that they shouldn’t do.
  • Some ways to come up with a password include using acronyms, or l33t speak. You can even use a sentence that’s easy to remember. According to this website, here are some ideas for generating a password based on an acronym:
Ihp,tmmc I hate passwords, they make me crazy
TyIwl10# This year I will lose 10 pounds
Mw&katb! My wife and kids are the best!
Ilmd,M&S I love my dogs, Max and Spot
Iwqsbikm I will quit smoking before it kills me
  • Also, you should use 8 or more characters, and include capital letters and symbols in your passwords. Examples include: ~ ; # *
  • Do not use sequential numbers (ex: 123456).

2.) Secure your passwords and personal information.
  • Use authenticators whenever you can. Google has 2-Step Verification to protect your linked Google accounts, and Facebook has a similar authenticator program.
  • Don’t save your passwords in your browser and disable your browser auto-fill information if applicable.
  • Change your passwords every 6 months (every month is better), especially for online bank accounts. It wouldn't hurt to change your PIN that often as well.
  • If you use Google Chrome, you can work in an Incognito window (Ctrl+Shift+N (Windows, Linux, and Chrome OS, and ⌘-Shift-N for Mac) which will delete your cookies, browsing history, file download history and passwords. This is especially important if you're working on a public computer.
  • If you can’t remember all of your passwords, use a password cloud storage service, such as PassPack (free), KeePass (free, open-source) and LastPass ($12/yr).
  •  If you’re not comfortable with cloud-storing your passwords, consider writing them down and put them in a safe place, such as a protected or locked file box. Security experts have argued that writing your password down is a no-no, yet times are rapidly changing. The odds of getting hacked online or accidentally getting your computer infected with malware are almost a guarantee (1:3) versus getting your home burglarized, which is a 1:700 chance.
  • While we’re at it, always password-protect your computer, tablets, and phones. You never know when they might fall into the wrong hands, and if your social media accounts are connected to those devices, it could lead to problems.
  • Also, back up all of your data. A friend of mine recently had his Google account deleted, and he lost over ten years of important information that he will never be able to get back. Facebook, Google, Twitter, and other social media sites allow you to easily download your data to back up.

3.) Think about the information you put online.
  • Even though we can’t control all of the information about us online, don’t put anything out there that you wouldn’t be all right showing your family or an employer. The widespread availability of the Internet and therefore ease of access for online research these days are immense and could pose a security threat or it could damage your chances of landing a job. This stuff stays online for years, and even if you delete it, the information is still stored in a database somewhere.
  • It’s common sense, but you should limit the amount of personal information you put online, especially if it is information that could help a potential hacker figure out your account credentials.
  • Turn off location-based services, especially if you're away from home. If you’re going to post online and include your location (FourSquare, Twitter, Facebook), do it when you’re about to leave the area. However, it’s probably a good idea to just not do it at all.
  • Change and update your privacy settings. We know how annoying it is that Facebook seems to tweak and change its privacy settings all the time, so you should be always vigilant about what apps you have connected and what you allow others to see. Here is how you can remove, edit your apps and limit tracking information on Facebook.
  • Also, be careful whom you add as a friend, especially if you don’t know them. Even if it’s someone you know who said they made a new account, be wary. Distrustful people could be impersonating them in order to get information about you. You should probably ask the person in-person or via trusted online communication. In January, LinkedIn sued scammers over thousands of fake profiles that were created to gather information about LinkedIn members.

These aren’t the only reasons why you should be careful online. According to this article in Forbes, advertisers can use your personal information to make you pay higher prices than everyone else. What you put on your social media sites could also positively or negatively affect your credit score.

4.) Monitor your online activity and think before you click.
  • Keep a close eye on your credit and debit card statements for questionable charges on a regular basis.
  • Be careful whom you give your credit card information to, and don’t use your debit card as debit online, since it’s connected directly to your bank account. The information collected from Target’s databases included PINs, so why should we make it easy for criminals?
  • When you’re logging into a website, make sure you’re logging in through a secure connection (https), and make sure the website is who it says it is.
  • If you have a public Twitter, remove spammers from your followers list, just like we did in class.
  • Keep track of your account activity on social media sites to ensure that no one is posting on your behalf without your permission.
  • Don’t click on fishy links in emails or through direct messages, such as on Facebook and especially through direct messages on Twitter.
  • You should install software updates to keep your computer up-to-date and run your anti-virus/malware software often. You don't want your computer to accidentally become part of a botnet, where your computer can perform automated tasks over the Internet without you ever knowing.
There is no denying the power that social media has with the ability to connect and help individuals across the world in ways that we never could before. The trick is how to keep us safe, while still allowing enough information out there to connect and socialize with others.

However, it comes down to the fact that if companies are interested in collecting, using, and/or profiting on consumer information, they should act more responsibly and securely with this private and sensitive data. Therefore, if companies aren’t responsibly handling information, it is ultimately up to the consumer to be vigilant and discreet with the majority of information they are putting online.

This was originally posted on the Eagle Strategies blog.

No comments:

Post a Comment