Tips From FBI To Lower Your Online Profile

ic3I am getting posts from the FBI and the Internet Crime Complaint Center (IC3), and received this interesting warning on November 18th of last year.  This warning was sent to law enforcement and public officials, but if you have come to the point in your life were you are feeling a bit overexposed on the Internet, these tips can help you too.

For some of us, a few of these suggestions are going to be hard, since many of us are using social networks to promote our business or professional identities.  Just remember, it is all a balance.  Choose the ones that work for you.

  • Use two factor authentication wherever possible, especially on your email account.
  • Turn on all social media privacy settings and think about what you are sharing.
  • Look at your other online profile settings and limit sharing to people you know.
  • When posting to social media, do not provide personal details or location information.
  • Do not promote your professional standing in social media.
  • Limit posts and comments on social media.
  • Use security settings on your personal computers and home wireless network.
  • Perform hardware and software updates as recommended.
  • Update your security software to limit exposure to new security threats.
  • When setting up security questions, don’t use ones where the answers can be easily found online in public records.
  • Use passwords of 15 characters or more and change them regularly.
  • Do not store your login credentials near your computer.  (Personally, I would recommend using a password manager such as LastPass.)
  • Be alert to pretexting phone calls (a.k.a “vishing”) from people pretending to be someone you may know or in authority, and looking for information.
  • Be on guard against phishing emails, and never click on a link or open an attachment without verifying the source.
  • Share these tips with your family.  Your security can be compromised by the online actions of your children, or other family members.
  • Restrict your driver’s license and motor vehicle information with the DMV.
  • Monitor your credit and banking activity.  (Brian Krebs is recommending that we get a credit “freeze” to prevent identity thieves from opening accounts in our name.)
  • Request that real estate and personal property records be restricted from online searches with your county governement.
  • Hack yourself!  Perform online searches for your own information to see where you m,ay have information leakage.

It also can’t hurt to learn a bit about “social engineering.”  This is when attackers use the phone or email to trick you into parting with your user credentials, credit card number, or other personal information.  This is a straight up old school con.  This way you may recognize an approach or an attack when you see it, and avoid the incident entirely.

As I like to say, “just because you’re paranoid, doesn’t mean they’re not out to get you.”  If these ideas have induced a deep sense of paranoia in you, start at the top of your list and work through them.  On Friday we will look at Security-in-a-Box.

More information:


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.