Social networks are a tremendous source of personal information leakage. Actually, more like a waterfall. As we learned in the last post, attackers use social networks to perform reconnaissance against their chosen targets. Since few of us are going to delete all our social network accounts and move of the grid, we have to find a way to live with the level of disclosure. Here are a few ideas.
- Use strong passwords and two-factor authentication on any accounts you can.
- Look at the security settings of your social networks, and limit your visibility to people you truly know and want to share with.
- Many of us accept connection and friend requests from almost anyone. Cyber attackers know this and will try to befriend us online, in order to get to know us and trick us into falling for a scam . Accept connections only with people you know.
- Take some time to comb through your friends and connections, and prune where necessary. If you don’t know who they are, drop them!
- Be careful what you share or retweet. Make sure you have read the entire message, and that it is in agreement with your own beliefs and values. Casual retweets of poorly understood content can blow back on you in unfortunate ways, and impact your reputation.
- I understand the appeal of sharing your vacation or travel online, in real time, but this is an easy way for criminals to find unoccupied homes to burglarize.
- In a similar vein, you may want to disable any automatic photo and video sharing with your social networks. You are at the ballgame? The thieves are in your living room.
- Anything you post online may be viewed by a potential employer someday. That “funny” post or picture may keep you from your highly paid dream job.
Over the last two weeks we have explored many of the ways that you can protect yourself and your personal information from unfortunate disclosure. If the task to secure this information seems overwhelming, know that you are not alone. Nevertheless, it is a good idea to slowly work your way through the ideas we presented, and give yourself a better chance at surviving online.Share
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com