With all the information we give the social networks, the more information they have about us, to hold and use as they please. People are becoming more aware of social media risks, but what risks are there?
We are not just uploading more of our lives on the internet; we’re also spending more and more of our days consuming, sharing and commenting on social media platforms. Naturally, risks related to social media are increasing. The goal of this post is not to make you stop using social media, or the Internet for that matter. Being smart online, especially if it’s part of your job, is only possible if you know about the risks and how to limit them.
Hacked Social Media Accounts
Getting your Social Media accounts hacked is increasingly common and probably one of the most significant social media risks. It happens to both large corporations (HBO, PlayStation) and people with small personal accounts. A hacker is anyone from an ex-partner who can guess your password or a previous employee who made a copy of the password lists before they left, to professionals with more advanced methods.
But how significant is the risk? Facebook said in 2011 that 0,06% of all logins on the platform was “compromised”, and during that time the platform had about 1 billion logins each day, so that is 600 000 problematic logins every day. Google reports that 20% of social accounts are compromised “at some point”. I would never have guessed that 1 in 5 accounts would be compromised, that’s a lot of sad users.
What can you do to prevent it?
- Use secure passwords and different passwords on every service you use. I recommend using 1password to make your life with secure passwords less of a hassle.
- Use two-factor authentication to make sure that it’s harder for someone to log in even if they have your password.
- Avoid browsing (especially logging in to) social media accounts on public wi-fi, the techniques for snooping around and waiting your login credentials are getting more advanced.
- Never give account or page credentials to someone who contacts you directly, not even people who say they work with customer service for the social media itself, or that they are your colleagues.
- Never download apps, especially not apps that want’s give permissions to post on your behalf.
Social Profiling is when someone uses the information on your social media accounts to create an opinion about you or “measure you” based on your interactions or influence on social media. This is typical behaviour today, both from employers and the people you’re dating.
Around 43 percent of businesses used information online when they’re decided not to hire someone. And 40 percent use social media when they screen candidates. Sure, this is a significant number, but your life online shows only a small part of you as a person. And if you don’t have a social media profile, or if your “influence score” is low, apparently you’re less worthy of an employer.
What can you do about it
It is hard to do anything about the behaviour of potential employers and Tinder dates. However, you can make sure to know what those searches will say about you, and you can adapt what comes up.
- Use the incognito search mode to search for yourself online to see what comes up.
- Remove pictures that are sketchy, strange or that someone can use in an entirely different context
- Use the “view as” setting on Facebook, to understand how your profile looks to the public. Make sure that potential employers can see only the best information about you.
Although cyberstalking might feel as bad as any stalking, it’s a bit different when it happens online. It’s not uncommon that it’s combined with offline and real-time stalking as well.
There are some differences between “traditional” stalking and cyberstalking. While traditional stalking often happens to women, cyberstalking is affecting men 40 percent of the time. One other difference is the stalker. Often, it’s an ex-partner or someone with a connection to the victim doing “traditional” stalking, while cyberstalking is widely done by complete strangers.
The fact that it is so easy to collect information about someone online is probably behind the significant increase in cyberstalking. A cyberstalker can use information about your geolocation, and this is automatically turned on for most smartphones. And it is rather easy to follow your life and regularly see where you are if you use apps like Swarm, check in on Facebook or tag your photos with Instagram.
What can you do about it?
- Turn off the automatic use of geolocations.
- Don’t actively check in with Facebook, geotag your images on Instagram or use apps like Swarm
- Limit the information you share on Facebook and other platforms so that it is only available for your friends
Third party information sharing
Many websites add cookies to your device when you visit them. Most cookies role is to find returning users to improve your online experience or keep track of users to improve their service. The problem is, however, that some cookies can crawl and follow you on other websites. Therefore, they can get a detailed view of your online behaviours.
Many services you opt-in to use, like Facebook and Google, record a rather significant amount of what you do. They are tracking your activity when you use their service online. This is everything from messages and comments, what you share, and for how long you looked at an individual piece of content.
They can then sell all this data about you to either another company or as part of their advertising services. You will, unfortunately, have microscopic say about who’s buying your information and for what causes they can use the data.
What can you do about it?
- Take a look at your Facebook Ad Preferences. Remove the things they’ve collected about you that you don’t want Facebook to use when they show you ads.
- Opt out of Facebook’s tracking and ads program. Choose “no” for both “Ads based on my use of websites and apps” and “Ads on apps and websites off of the Facebook Companies.”
- Opt out from being tracked by companies in the Digital Advertising Alliance. To opt out from all the participating companies, click on “Choose all companies.”
- Install Privacy Badger from the Electronic Frontier Foundation (EFF). “Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web.”
Warrantless searches are searches performed without a court-ordered “search warrant” and is the most common type of search conducted by law enforcement. According to Katz v. United States (389 U.S. 347), courts determined in 1967 (long before the age of social media) that if a person willingly makes information public is not protected by the Fourth Amendment and, therefore, it requires no warrant.
Information such as direct messages that you want to keep private is often interpreted by the law as not being “private” since there is no guarantee that the person receiving the message will keep it secret. The NSA has also worked with Facebook, Google, Apple and other tech companies through the Prism program. Part of this is sharing of user data such as emails, search history, instant messages and transferred files.
What can you do about it?
It is possible to do warrantless searches and record information since all our online activities are out in the open. The best thing to do is, therefore, to “hide” your actions.
- Use a VPN (preferably with double encryption and “no logs” policy) on both your phone, your computer and all other devices
- Use an end-to-end encrypted application for instant messages
- Meet up in person when you have to discuss sensitive information
Social media risks, some last thoughts
Make sure to check that you have decent security related to your social media. It might not seem like a significant risk to you now, but keeping certain things out of the public eye (or the Google Search) is not stupid, it’s smart.
The costs for getting your accounts compromised are pretty high, and it is not easy to get compromised accounts back if they get hacked. Most of the proactive suggestions in this article, to cut your social media risks, is probably possible to fix. That is perhaps time very well spent.