Staying Safe On Social Media
If you think that social media is a harmless tool for connecting with people, then perhaps it might surprise you to learn about “Russia’s Social Media War on America”. Far from fear-mongering, this is a very real threat that exists all the way at the top.
And while you may not work for the DOD, your information is very valuable to hackers. The wealthier you are, the bigger potential target you are. The forms used to hijack your information may vary, from malware to impersonation.
In a continued effort to help keep you safe while you use the web, we’re diving deeper into how to best manage all that social media has to offer - and keep your guard up at the same time. Internet thieves can use the tiniest - or strangest - pieces of information to crack the code on accessing your financial information.
Check out the tips below to help secure your online activity even more.
Turn up privacy. Turn down visibility.
Use the absolute most stringent privacy settings that your social platform of use offers, and at the same time, turn down “post visibility”. Facebook, Twitter, Instagram and TikTok all offer options of who can see your posts, comment on them or share them. You can even segment your followers into lists and truly customize who sees what. This may be helpful when you have a combination of, say, friends, family and coworkers who follow you.
You may want your family to see pictures of the new baby, but you may not want your co-workers (or, their friends/family) to see them at all. Make sure to also apply these privacy settings to who can private message you.
The last thing you want is unsolicited “MLM” offers from someone outside of your network, a sales pitch or, worse, a phishing link to some horrible website that is ready to install malware on your device.
Use a VPN
We talked about this at length in our previous post and it bears repeating - using a VPN helps protect your data and activity, especially if you’re going to be using public hot spots. Accessing social media sites, from any device, bears a certain kind of risk, especially depending on how much information you share on your profiles.
If a hacker can access your Facebook or Instagram, for example, they can potentially learn a lot about you. Even something as simple as complaining about the service you got at your bank (or even leaving reviews on company pages) can give them information that’s valuable. A VPN is a helpful weapon in the fight against net thieves.
Leave personal information off
This may seem like a no-brainer, but you’d be surprised how many users still post their address on their social media profiles. While this faux pas tends to appear in the older generations, young people are guilty of oversharing in other not-so-obvious ways.
One simple tactic is to not use your real first and last name, or use a variation of nicknames or middle names to fill in the necessary fields. Those who really know you can figure out who you are from your photos, regardless of the name that you may use for yourself.Never ever fill in the about sections requesting phone number, address or birthday. The latter 2, especially, are perfect pieces of information for a hacker, since an address & birthday are key identifying pieces of criteria. Resist the urge to sign up with anything using your phone number and if an email is necessary, create a “trash” email solely for that purpose.
While you’re at it, ignore the “education” and “employer” fields, too. People who know you “in real life” already know these things and ultimately, are they really important pieces of information for the world (aka: strangers) to know?
If you’re on LinkedIn for job hunting, this may be a bit more difficult to manage. But, there is a way. When filling in past/present job experience, you’re not required to fill in the location of your positions, and LinkedIn makes it possible for you to leave most fields empty. A company name is probably all you need. You can also amend your user URL to not default to your first and last name.
On a related note, never respond to messages (no matter how legitimate they may appear) for requests for your social insurance number, bank account number, etc.
It may seem, for example, Bank of America’s Facebook page is sending you a message to ask you for some personal information because “you are now at risk for X,Y,Z fake reason”, but this is categorically something that they will never do due to policy. If in doubt, always call the company on the verified phone line you have in your documentation.
And, never click links in private messages with this kind of request.
Be careful about sharing vacation/out of town plans
Even if your profile is locked tight (you turn off public visibility, you’re only friends with people you know in real life/have seen in real life even if on a screen) activity on your vacation posts from friends can potentially be seen by other people depending on the platform. By announcing you’re “on your way to Cancun for 2 weeks” is essentially telling thieves “hey, my house is ripe for the picking”.
If you absolutely must share your trip, please wait until you’ve returned home. People who know you day-to-day will know you’re gone and can absolutely wait to see what you’ve done until you’re back. Before social media, this is basically what we all did anyways. The "dopamine-hit-from-likes" is what causes us to want to share it *this instant*.
Turn off “geotagging” or location sharing
Geotagging is great for a bunch of reasons - but it, too, has weaknesses that can be exploited. Does your entire following need to know where you are every time you post? Most likely not. For many, the risks associated with it aren’t worth it.
Don’t share any information in posts, either, about where you are at a certain time of day. This could be when and where you work, where you go to school, where you go for regular social events or where you bring your kids to school/activities. Don’t even post things about online shopping patterns - all of it is information that can be used against you (porch thieves are already a problem - don’t help them out by telling them you're gone).
Thieves can very easily figure out your daily/weekly routine if you have location sharing on. If they know you walk down a certain area of town at the same time every day (lets say you visit the same coffee shop every evening at 7pm), potentially alone, it could make you a target. Again, this risk increases significantly if you have no privacy settings on your accounts at all (aka: that everything is public with no limitations).
While you’re at it, disable every location-sharing option on your devices, not just within your social media profiles. Sure, it may be neat for Google to ask you for reviews on places you’ve been in the past, but it’s also a bit creepy.
Vet every single friend request
This stands true even if they’re already connected to someone else you know. A good rule of thumb here is a similar one we’re taught in drivers ed - drive like everyone else has no idea what they’re doing. In this case, don’t just add someone because they know someone you know. Poke around their profile. Do they seem like a real person? Do they post often? Do they have pictures that look legitimate (aka, they don’t reek of “stock photo”).
On the note of friend requests, and more specifically, messages from friends; know that accounts can get hacked and you can get messages from your contacts that are being created by someone else. If something seems off about the message you got from them, contact them off of the platform. It’s likely they may have already been made aware of their account breach but by doing so, you’re keeping yourself safe. You could also be helping them discover the problem, to boot.
Manually log out every time
Sure, it’s way more convenient to stay logged in but this matters especially if you’re using an unsecured connection or any public space. Even if you use a VPN, just log out. An extension of this tip would be to use a different browser for all of your social activity
This may seem on the edge of neuroticism, but you could also use a completely different browser for only your social activity. There are some browsers that boast “no or little tracking” as part of their sales pitch. Firefox was recently rated by NordVPN as the safest browser to use in 2021. Additionally, you can boost your safe searching by using DuckDuckGo.
If you missed our previous posts on internet safety…
You can catch them all here, here and here. We hope you feel a little bit safer navigating the web! Stay tuned for our next post which will be all about how to keep your money safe online.