S E C U R I T Y T I P S FO R W O R K & H O M E
December 2010
Volume 1, Issue 15
Dale Ducommun
Information Security Officer, Privacy Officer
OPEN SOLUTIONS INC.
With the growing popularity of Facebook, MySpace
LinkedIn and Twitter, privacy of millions of users is at risk
as its users are experiencing a number of security
issues. Just like a coin has two sides, similarly Facebook
usage has two facets - Fun and Threat.
importantly, do not add strangers to your friend list.
Always use a strong password
Facebook users are an easy target for spammers.
Privacy of millions of users is at risk on Facebook mainly
because of the following reasons:
∗ Users disclose a lot of personal information in their
profiles.
∗ Status updates by users let third parties like
Facebook applications, friend requests, pages,
groups and Facebook advertisements etc., seek
user information using Facebook.
∗
Users mostly sign out in haste without checking
whether they have actually logged out or not.
It is better to be alert and prevent your account from
being hacked rather than suffering personal or financial
losses later. You should be cautious while using social
networking sites. Consider the following tips that will help
you in protecting your privacy:
Never share personal information
Many users mainly teenagers share their personal
information like mobile numbers, email ids, address,
photos etc. in their profile page. You must not share
such sensitive information publically.
Your password should have at least 9 characters.
Choose a password which is easy for you to
remember and difficult for others to guess. Include
letters, symbols and digits in your password to
increase its strength.
Don't disclose your password
At times users do share their password with people
they trust, which is the easiest way to lose your
privacy. Never disclose your password or any other
confidential information with anyone, if you have
already shared your password, change it immediately.
Always remember a quote by Clifford Stoll "Treat your
password like your toothbrush. Don't let anybody else
use it, and get a new one every six months".
Change your password frequently
Do not change your password so often that it becomes
hard for you to remember it. You must change your
password often enough so that till the time someone
figures out your password, you have changed your
password.
Always sign out completely
Restrict your profile access:
Edit your settings to allow only your friends to see your
profile information. This will restrict strangers to know
your personal details or view your photos. Also disable
the "view my friends" option in the privacy tab. Most
At times people leave their systems in a hurry without
signing out or without waiting to see if the signing out
process is complete. This is quite unsafe especially
when you are using computers at cyber cafes. Before
leaving your system, always make sure that you have
Page 2
completely logged out of your account.
Do not let others use your PC, mobile phones,
etc.
You might have allowed your friends to access your
system and other devices but this is not right for your
privacy. Your friends can access your account and can
post or send anything under your name. They might
download some malicious program which can harm
your system.
Do not click on unnecessary links
Unnecessary links on your wall post, which appear
under your friend's name, could be a spam. Spammers
send malicious emails posing as Facebook notification
and stealing user's information by asking them to open
the links or attachments. Always ignore suspicious links
or private messages - they may rob you of your privacy.
Avoid using third party applications:
When you click on a “LIKE” button of a certain page it
accesses your data. Even the advertisements that
appear on your page may be spams. The various
applications on Facebook ask for access to your
personal data which is not good for your security.
Never allow these applications to access your personal
data.
Choose the right browser for accessing your
account
Always choose a right browser to access your account.
When it comes for choosing a browser, Firefox is a
good option as it comes with add-ons. These add-ons
provide security at a certain level as compared to other
browsers. The following add-ons would help:
∗ Adblock Plus
As the name suggests, this will block all the ads that
pops-up. Hence provides security from dangerous
links.
∗ NoScript
This add-on blocks JavaScript to run on a website
unless you allow. This will help in preventing cross site
linking which hackers use to insert dangerous codes.
Social Networking . . . It’s complicated
Too big a network of friends is dangerous?
Do you know people with a lot of friends, say 500 to
1,000 friends on Facebook ? What is the likelihood they
are all real ? There was a study in 2009 that concluded
just over 40 percent of all Facebook profiles are fake.
They have been set up by bots or impostors.
If you have 500 friends, it is likely there is a percentage of
people you don't really know. You are sharing a lot of
information with these so-called “friends”, such as when
you are on vacation, your children's pictures, their
names. Is this information you really want to put out there
to people you don't even know ?
In the "friends" arena, it seems to be the person with the
most friends wins. Some people will accept any friend
request they get, whether they know the person or not.
This is a serious problem, since whoever you accept will
be able to see all your personal information. They can
also see personal information about your friends. For
example, you only accept friends from people you know.
Then, if you have a friend that accepts anybody's
request, your personal information might be exposed to
your friend’s friends who also have friends of friends.
Make sure your personal settings are restricted to
"friends only", not "friends of friends."
You can create several different friends lists, and then
assign different permissions to each list. This will allow
you to accept a friend request and still restrict what they
can see. With this arrangement, your close friends can
see everything you have on Facebook, but your business
or casual friends will only see some basic information.
It is known that debt collectors use Facebook, MySpace
LinkedIn and Twitter to find people who are behind in
their debts. Once they find their target, will send them a
friend request, and then start to bother them. If they can't
connect to the person of interest, they try to friend their
friends. A few clever collectors have their profile picture
set to a cute young woman in order to get men to accept
their requests.
The number of employers who have their HR
department, use these social networking sites for
additional information about a possible new hire,
continues to increase. So having those embarrassing
pictures open to the public might prevent you from
Page 3
Social Networking . . . It’s complicated
landing your next job. Do you want your future employer
reading your smart assed comments on your wall?
The potential for crime is real.
According to the Internet Crime Complaint Center, (a
partnership between the Federal Bureau of Invesgaon
(FBI) and the Naonal White Collar Crime Center) victims of
Internet-related crimes lost $559,000,000 in 2010. That
was up 110 percent from the previous year. If you're not
careful using Facebook, MySpace LinkedIn and Twitter,
you are looking at the potential for identity theft, or
possibly even something like assault, if you share
information with a dangerous person you think is actually
a "friend."
One British police agency recently reported that the
number of crimes it has responded to in the last year
involving Facebook, MySpace LinkedIn and Twitter has
climbed by 346 %.
These are real threats.
Internet Crime Complaint Center
http://www.ic3.gov/default.aspx