You might be giving away more information on your social media than you should

GUEST BLOGGER

Eva Velasquez
President and CEO, Identity Theft Resource Center

Since the rise in popularity of social media, there have been new rules created around social norms and professionalism — something to keep in mind when considering your personal social media privacy behaviors. At the advent of social media, many might have thought it was only for teenagers or college kids. However, people of all ages have joined the social sphere with personal profiles about both their personal and professional lives. Now that there is an abundance of social sharing from individuals and companies alike, it can be difficult to know where to draw the line in a professional capacity.

Here’s a high-level overview of the many different considerations you should make in order to maintain safe, healthy levels of social media privacy.

Basic best practices  

• Only disclose necessary information when creating your profile. Typically you can get away with providing a username and email address. You don’t need to provide your birthdate, city you grew up in, high school, etc.

• Set a strong password for your account.

• Provide security question answers that are not easily found online.

• Enable two-factor authentication.

With these basic measures in place, you can strengthen your social media privacy and lessen the risk of identity theft through your social media accounts.

Common lapses

Now, when it comes to sharing on social media, be careful to not disclose any information that can be used to commit identity theft. Some common examples include:

• Revealing your full birthdate. If you post on your birthday and share your age, you’ve just given away your full birthdate.

• Displaying your driver’s license image or number. If you share in image of an old license, perhaps to show off a funny picture of yourself, be sure to blur or black out all of the information.

• Inadvertently sharing answers to security questions – like your mother’s maiden name or what city you were born in. Remember if your mother is in your social network, it might be very easy for someone to figure out her maiden name.

When you choose to share anything online, make sure you know who you are sharing it with. Adjust your social media privacy settings to limit who can see your posts to only friends or certain groups of friends. Remember that some linked social platforms don’t update to the strictest security setting — case in point, if you post from Instagram to your Facebook profile and your Instagram profile is set to share publicly, those pictures may be public on Facebook, too.

Workplace privacy

You also should not share information that is not yours to post or violates professional guidelines. For example, it is not wise for a teacher to publish photos of their students or student work that might be a violation of their rules and regulations. Did that teacher receive permission from the students’ guardians? Could it violate the privacy of individuals featured? Another example is that of nurses and doctors. Sharing photos of patients or “funny” charts could lead to HIPAA violations. Fraud professionals should not share victim information or tactics that can help criminals. Privacy is not only about what you choose to disclose about yourself but also respecting the information shared about others as well.

Remember your shared information is only as safe as the least safe person you share it with. Roughly 13 million U.S. Facebook users do not opt to customize or change their privacy settings. If you do not evaluate the settings yourself, you could be exposing information to a lot more people than you realize with a lack of privacy awareness. Even if you have strict social media privacy settings enabled, your social media contacts can share your content with someone else by taking screenshots. Whoever sees that content could then use your information for their own personal gain.

The threat of a data breach

There is also the case of the information you do not directly post, but allow social media to have access to. If any platform you use suffers a data breach, sensitive data like phone numbers, email addresses, payments and images could be exposed. If you store sensitive information on your phone, or other devices you allow social media platforms to access, you could be putting that information in jeopardy as well. Most likely you will hear in the media there has been a breach and if you receive an official notification from the company or not, there are some actionable steps you should take.

First, change your password and more importantly, do not reuse passwords. I recommend updating your passwords routinely in order to maintain your privacy and security.

Second, does the social media app serve as a third-party login? If you remember the 2018 Facebook breach, users were urged to disconnect from any other apps and “log out of all devices” using their privacy settings. This was to ensure that no one with bad intentions was still be logged in to your account.

Remember, periodic proactive checks to your privacy and security settings will help you stay one step ahead of the identity thieves.

The Identity Theft Resource Center is a national nonprofit established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud and privacy issues. If you have been a victim or know of someone that has, they can receive no-cost, one-on-one assistance from our knowledgeable advisors by calling (888) 400-5530 or LiveChatting at Idtheftcenter.org. If you are a professional that would like ITRC to assist you in your fraud and infrastructure, please reach out via email to set up a time to discuss how we can help your organization.