Internet Security Blog from Kevin Lam

You are here: Home » Blog » Facebook and Identity Theft: Top 3 Things I Would Change On Your Facebook Account Right Now If I Were You


Facebook and Identity Theft: Top 3 Things I Would Change On Your Facebook Account Right Now If I Were You

Posted by Kevin Lam on 06 Feb 2012 / 7 Comments
Feb
6
2012
 7
Facebook Logo

Somebody recently asked me how I would use my experience as a legal and professional hacker to steal their personal identity. There are lots of way to do this. I might attack your email account, bank accounts, your laptop, your work account and your home wireless network just to start.

Or I could take an easier path: your Facebook account. Here are the top 3 things I would turn on or off on your Facebook account right now if I were you.

A quick note before I get into the details is that I realize that not everyone will agree with me. That’s fine. Just at least be aware of the risks.

Tip #1: Turn On Secure Browsing

Malicious hackers love it when people access their Facebook accounts using public networks like the ones at coffee shops or at the library. Know why?

It’s because these types of networks are often not very well secured, if at all. This makes eavesdropping on the data you exchange with Facebook much easier, such as your birthday, your mobile number and your address. All very useful things for identity theft.

Fortunately, Facebook has a feature called “Secure Browsing”. All this feature really does is it turns on SSL (when possible) whenever you access your Facebook account.  This will make accessing Facebook over public networks safer. There’s a catch however: Secure Browsing is turned off by default.

Here’s how to turn on Facebook Secure Browsing:

  1. Log into your Facebook account.
  2. Select your Account Settings.
  3. Select the Security Settings icon.
  4. Check the Secure Browsing option and click the Save Changes button.

Tip #2: Remove Your Family Links

Facebook has a feature that lets you tell other people who the members of your family are. If you’re using this feature, bad idea. Real bad idea. Here’s why.

If I know who your family members are, I can infer things about you such as your mother’s maiden name, your wife’s maiden name, how many children you have, their ages, places you may have been to on vacation, your family members birthdays, favorite food, pets names, favorite sports teams, your anniversary date and so on and so on.

Sound familiar? These are all answers to common security questions that are used to protect your other online accounts, like at banks and shopping sites.

You may already be careful about this type of information and how much you share. But can you say that your family members take the same level of care? Better be safe and not make identity thieves jobs easier by letting them know who your family members are.

Here’s how to limit access to this type of information:

  1. Log into your Facebook account.
  2. View your own profile and select the Edit Profile button.
  3. Select the Friends and Family tab.
  4. Next to the Relationship Status section there’s a drop down controls the visibility of this type of information.  Select this and change the setting to Only Me.
  5. Clear out the Anniversary information if it’s set.
  6. Repeat this for the Family and Friends sections.  At most I would only let direct Friends see this information.
  7. Click the Save Changes button.

Tip #3: Hide Your Birthday, Mobile Number and Address

Information like your birthday, mobile number and address really needs to stay private on Facebook. These are really useful pieces of information when it comes to stealing your identity.

Yes I know. Part of the Facebook experience is having people wish you happy birthday on your wall on your birthday. And when you remove visibility of your birthday from Facebook you can expect a dramatic drop in birthday wishes from people who would otherwise not know it’s your birthday.

I am perfectly fine with giving this up if it means my identity is better protected. You might not agree and that’s OK. Everyone’s tolerance levels to privacy and security risks are different.  Again, just be aware of the risks.

To mask this information in Facebook, follow these steps:

  1. Log into your Facebook account.
  2. Go to your profile page and select the Edit Profile button.
  3. Under the Basic Information tab, select the Don’t show my birthday in my profile drop down at minimum.  You may wish also to clear out or restrict access to information such as your Hometown and Current City.
  4. Click the Save Changes button when you’re done.
  5. In the Contact Information tab, clear out any addresses, or mobile numbers you have listed or at least restrict their visibility to only friends.

 

–Kevin Lam

LOCKBOX SFT, the easiest to use and most secure file transfer service





7 Comments for Facebook and Identity Theft: Top 3 Things I Would Change On Your Facebook Account Right Now If I Were You


Thomas P
1 years ago


All good tips Kevin. I made a couple of adjustments on my own page and then posted your article to my wall to spread the word.

(Reply)

    Karen S.
    1 years ago


    Thanks Kevin! Very good infor. Will pass on in my FB account.

    (Reply)

Robbi Firestone
1 years ago


Thanks Kevin! This is great info! I want to share on Facebook…how can I?

(Reply)

Jim
1 years ago


Great post Kevin – thanks for sharing your thoughts and helping educate people. The maze of permissions and changes in default settings and changes in privacy policies make it so hard to understand what risks we’re accepting. I hope you do some more posts on online security and making it easier for regular people.

(Reply)

Inderjit Mudhar
1 years ago


Well done, Kevin. Do more of these.

(Reply)

Rebecca W
1 years ago


Thanks Kevin! Good looking out. :)

(Reply)

C. S. Hennes
1 years ago


Helpful and easy to follow post! Thank you for sharing.

(Reply)




Leave a Reply