Social networks are interesting things, they allow people to connect and share data. Casinos spend billions of dollars to carefully design every aspect of their location, games and services to maximize your spend. Social networks spend a great deal of time figuring out how to "encourage" you to over-share.
The advantage social networks have is that they are impersonal and thus users seem to be willing to share far more information online than they would during a face to face encounter. This over-sharing of information is what allows the social networks to monetize you their product, to their customers (the advertisers).
But the reality is that it gets a little worse for users. This abundance of personal information also attracts nefarious people with questionable motives (spies, espionage agents, identity thieves, etc). Remember that the more information people can gather about you the easier it is for them to steal from you or put you in an uncomfortable position (think social engineering, phishing, etc). Using information this information, people can find your location, interests, places you like to visit, people you hang out with, when you typically leave the house, etc.
A good example of this is a software called Cree.py. The developer describes it as:
creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.
Remember that your smartphone likely adds GPS data to every picture you snap and then share.
These sites are not only used to collect information but also to distribute malware, virus’ and Trojans to unsuspecting users. Attackers can easily create a professional looking social network connected app that does all kinds of “bad things” to your computer without you even knowing.
- Information you post – Review everything you are posting and try to understand the real impact of what a malicious person can do with it. Limit personal information as much as possible.
- Assume everything is public – Even with the best of controls, once you post something on a social network, it can be copied and re-distributed by your “friends”. Assume anything you post will be made public and that once it is posted it can never be erased from the internet.
- Make sure friends are friends – It is not uncommon for malicious users to create fake profiles that may look like it belongs to someone you know. Question everything and validate face to face to make sure the right people are connected to you. If you get requests to connect with strangers, refuse.
- Fake information – Most of us know how easily people can be manipulated to post “fake news” on their social network feeds as updates. This human weakness can be used to exploit one of your friends to pass a particular message to you. Assume anything can be faked online and double check.
- Check site settings – Most sites offer interesting privacy options but most users simply don’t take the time to review them. I recommend you take the time every month to check your site privacy settings and make sure they still meet your requirements. Also it is common for sites to periodically change their default settings or to add new settings (which may compromise your privacy unless you regularly go back to check)
- Dreaded 3rd party application - Remember that faking is easy online and think about all those apps you authorized to connect to your social network profile. Do you trust them? What is someone at that company went rogue and read your private messages, viewed your pictures or even posted things pretending to be you. It doesn’t happen often but it does happen.
- Keep your apps updated – read my article about updating your apps here.
- Install and update your antivirus
I’m not asking you to be paranoid but the world is a much more dangerous place than most people assume.
- You Are Facebook's Product, Not Its Customer
- Stop Hackers - Automatically Keeps Your PC Software Updated
- Is Your Account Hacked? Find Out Now Thanks To PwnedList
- Is Microsoft Going Through Your Cloud Stored Files?