Microsoft's support for your web browser ended on January 12, 2016. To continue to use our online services, you must upgrade to a current version of Google ChromeTM, Mozilla Firefox® or Microsoft Internet Explorer®.

Staying Safe on Social Media

Perhaps every picture does tell a story worth 1,000 words, but when you post on social media, you may be telling a story that has plenty of words that you shouldn't be saying publicly.

“Someone takes a picture of you standing out in front of your house with the street address, and your car and the license plate number, and all of a sudden, that's a lot of information about you out in the world that someone might be able to use against you," warns Michael Kaiser, executive director of the National Cyber Security Alliance.

“Different data sets have different value," Kaiser points out. One piece of information—like a name or phone number or mother's maiden name—out in the cyber ether isn't necessarily a bad thing. It's when that information is used in combination to pose as someone else, crack passwords, or gain account information. “Different kinds of information can cause different kinds of damage," says Kaiser.

When your information gets into the wrong hands, two things can happen: You can unlock critical elements that leave you vulnerable to identity theft and compromised accounts, or you can clue people in on other status updates, like being away from your home on vacation. The concern is for good reason. According to the FBI's Internet Crimes Complaint Center, of the 262,813 complaints received in 2013, almost half resulted in financial loss to the tune of nearly $800 million dollars.

As our work and personal life become more dependent on social networking, we become more “hackable," but not everyone is conscious they're letting their information go outside their close network. On Facebook, for example, “Your friend posts something, and you comment on it. Now your friend obviously can see that, and all your friend's friends can see that. You're not always in that super-closed environment that you think you are," Kaiser said.

And if something sounds too good to be true or doesn't seem right—like Bill Gates giving away a free computer if you click or share a link—it probably isn't. You can visit Snopes.com to verify Internet hoaxes.

Social media sites generally do a good job of keeping things secure, but even that can go awry. There are occasional hacks and glitches that compromise an entire network, and someone can take a screen capture in a private group and post it elsewhere. Basically, don't put anything on social networking sites you're not prepared for the world to see, but posting about your trip or the salad you had for lunch is probably fine. “We like to say, 'stop, think, connect.' Take security precautions. Think about the consequences of your actions. Is social networking really important?" Kaiser asks.

“I really think the main thing is to use a lot of common sense," Kaiser advises. “When you're in the social environment, you always have to remember it's not just about you. It's about other people."

Social Media Security

Social media security

In 2013, the FBI's Internet Crime Complaint Center received 262,813 complaints (down from the 2009 height of 336,655) resulting in nearly $800 million dollars in swindled money. See report.

Two primary strategies scammers use, often used in tandem. See report.

  1. Writing and manipulating computer code to gain access or install unwanted software on your computer or phone.
  2. Exploiting personal connections through social networks. Social hackers, sometimes referred to as “social engineers," manipulate people through social interactions.

Emerging social media scams (See story here)

  • Tinder. Fake profiles lead the user to an adult webcam show and ask for a credit card number to verify age, but really, they've signed up for a subscription and need to figure out how to cancel it. Some profiles are covers for prostitutes (marked on profiles with “GFE" for “girlfriend experience") and leads for adult dating/hookup website.

  • Google+: Some invitations to Google's networking sites include links to malware and tools that target bank sites; some even ask users to fill out a Google doc with names of friends so that scammers can have new targets.

  • Instagram. The crook posts a photo of “winning" lottery tickets and announces that he'll donate money to each of his first 80,000 followers—in exchange for their email addresses, or a small fee to cover postage. InstaLike is a third-party app designed to generate likes, but also collects information.

  • “Shocking news!" A thumbnail link promises a new, shocking angle on a trending news story, but leads those who click to a completely different kind of site.

  • Facebook Messenger. Facebook Messenger allows people who aren't connected to you to directly message you. Beware instant-message “worms" that can steal your Facebook password and post on your behalf to Facebook and other social sites.

  • Pinterest and Tumblr. Harmful links allow scammers to take over your account and pose as you in order to reach your friends with diet pills or other products and services.

  • Chrome. False “virus removal tools" will steal profile information and the target your friends.

Protect yourself

Advice from Michael Kaiser, executive director of the National Cyber Security Alliance

  • Think before you post. Is the photo or text revealing any important personal details, such as car license number or address?

  • Don't share account numbers on social media sites. If you're on Twitter asking your power company about an outage, don't provide your address, but it's acceptable to ask if there's a problem in your neighborhood. Information over the phone is the most secure.

  • Understand your privacy settings. On Facebook you can set picture tagging so you're notified if someone posts and tries to tag a picture of you. On YouTube, you can elect to keep videos private or to a select audience that has the link.

  • Create passwords you can remember that are hard to guess. The best passwords are long and strong, and not obvious. It's OK to write them down, just don't leave them on your computer or in an obvious place.

  • Be judicious with your children's information. If you give away your child's name and birthday on an open site that goes beyond just your friends, you render them vulnerable to identity theft.

  • Be careful what you post about other people. Even the most benign-sounding posts can reveal medical, financial, home and whereabouts information about others they'd prefer was kept private.

Stay Alert

Be on guard against identity theft and fraud with Mobile Banking and Alerts.

Learn More