What You Facebook Profile May Be Telling ID Thieves
Seemingly harmless information can help ID thieves unlock key to your identity.
Your pet's name is a fraudster's best friend.
You may think you're revealing precious little when you tell your Facebook friends that you're dressing your pooch, Puddles, in your favorite color, red, for brunch at Grandma's on Sunday. But you've actually just opened a Pandora's box of risks.
The information consumers willingly, and often unwittingly, post on social-media websites can be a gold mine for fraudsters looking to steal everything from your flat-screen TV to your identity.
What's more, tidbits like your birth date, birthplace and the last school you attended are typically the challenge questions posed by bank websites and online retailers to verify your identity.
"Despite all the awareness that people have about identity fraud and privacy on social networks, there is a disconnect between [that and what they are] disclosing in online space and social environments," said Thomas Oscherwitz, chief privacy officer for ID Analytics, a San Diego-based consumer risk management firm.
More than 24 million Americans 18 years old and older are still leaving their social-network profiles mostly public, meaning they aren't activating privacy controls that limit who can see their information online, according to a Harris Interactive survey conducted in October for ID Analytics.
The survey also found that nearly 70 million U.S. adults on social-networking sites include their birthplace — one of the most common security questions asked by financial institutions — on their profiles.
"The information people are disclosing is not the entire piece of the puzzle but it's certainly helpful," Oscherwitz said. Thieves steal identities in pieces, he said, and layer them on each other for a clearer picture.
Say you post on a social-media site that you're at a tanning salon ahead of your week-long trip to the Bahamas the day after your birthday. You're telling potential burglars that not only are you away from home for an hour or so, but beginning Tuesday, your home likely will be empty for seven days.
"Even listing daily activities can let strangers know your routine and put you at risk," said Gail Cunningham, spokeswoman for the National Foundation of Credit Counseling.
Too much information can hurt you in other ways. John Sileo, a Denver-based identify-theft expert, said your online chatter could equip an ex-spouse with ammunition for a court challenge. Future or current employers could have a problem with information about your personal life that they deem inappropriate for a member of their staff, he said.
You also could be furnishing a would-be stalker with information about your whereabouts. "We are giving people the little pieces of our trust or access to our trust that allows them to get bigger things out of us," said Sileo, founder of the ThinkLikeaSpy.com newsletter.
Tips to Stay Safe
Here's some advice from Sileo, who wrote the "Facebook Safety Survival Guide," about protecting online privacy on all social-networking sites:
• Never post your exact date and place of birth. It's invaluable information to identity thieves, particularly when the two are bundled together.
• Never post your address, phone number or email address. This is plum information to scammers and marketers who are looking for nuggets of your identity.
• Control who can see your personal information. Many social-networking sites have privacy features, but they change often. Know what they are, stay on top of them and restrict your page to your real friends, not friends of friends or someone you met in a bar.
• Limit information about your activities. If you must brag about a trip or a fabulous party, do it after the fact.
• Remember that what you post is public and permanent. Don't put up embarrassing photos that you wouldn't show your grandmother. Don't complain about your job or your boss. Don't say something to or about someone that you wouldn't say to his face. Don't threaten others.
• Know the four types of Facebook users: friends, outsiders, businesses and enemies.
• You should know exactly who wants to be your friend or is asking you to link into their network. Some people will befriend your friends to get to you or your company.
• Be wary of seemingly harmless quizzes. When someone invites you to take a survey, say, "10 Things Others Don't Know About You" or "My Favorite Things," it may be designed to harvest your data. The name of the street you grew up on or your favorite vacation spot could be clues to your passwords.
• Before you share any information anywhere online about yourself or your workplace, ask this question: What would the consequences be if this information fell into the hands of my boss, competitor or people who don't like me?
Jennifer Waters is a MarketWatch reporter, based in Chicago.
7 Things to Stop Doing Now on Facebook
Using a Weak Password
Avoid simple names or words you can find in a dictionary, even with numbers tacked on the end. Instead, mix upper- and lower-case letters, numbers, and symbols. A password should have at least eight characters. One good technique is to insert numbers or symbols in the middle of a word, such as this variant on the word "houses": hO27usEs!
Leaving Your Full Birth Date in Your Profile
It's an ideal target for identity thieves, who could use it to obtain more information about you and potentially gain access to your bank or credit card account. If you've already entered a birth date, go to your profile page and click on the Info tab, then on Edit Information. Under the Basic Information section, choose to show only the month and day or no birthday at all.
Overlooking Useful Privacy Controls
For almost everything in your Facebook profile, you can limit access to only your friends, friends of friends, or yourself. Restrict access to photos, birth date, religious views, and family information, among other things. You can give only certain people or groups access to items such as photos, or block particular people from seeing them. Consider leaving out contact info, such as phone number and address, since you probably don't want anyone to have access to that information anyway.
Posting Your Child's Name in a Caption
Don't use a child's name in photo tags or captions. If someone else does, delete it by clicking on Remove Tag. If your child isn't on Facebook and someone includes his or her name in a caption, ask that person to remove the name.
Mentioning That You'll Be Away From Home
That's like putting a "no one's home" sign on your door. Wait until you get home to tell everyone how awesome your vacation was and be vague about the date of any trip.
Letting Search Engines Find You
To help prevent strangers from accessing your page, go to the Search section of Facebook's privacy controls and select Only Friends for Facebook search results. Be sure the box for public search results isn't checked.
Permitting Youngsters to Use Facebook Unsupervised
Facebook limits its members to ages 13 and over, but children younger than that do use it. If you have a young child or teenager on Facebook, the best way to provide oversight is to become one of their online friends. Use your e-mail address as the contact for their account so that you receive their notifications and monitor their activities. "What they think is nothing can actually be pretty serious," says Charles Pavelites, a supervisory special agent at the Internet Crime Complaint Center. For example, a child who posts the comment "Mom will be home soon, I need to do the dishes" every day at the same time is revealing too much about the parents' regular comings and goings.
Consumer Reports has no relationship with any advertisers on Yahoo!
Copyrighted 2009, Consumers Union of U.S., Inc. All Rights Reserved.
6 Things You Should Never Reveal on Facebook
The whole social networking phenomenon has millions of Americans sharing their photos, favorite songs and details about their class reunions on Facebook, MySpace, Twitter and dozens of similar sites. But there are a handful of personal details that you should never say if you don't want criminals — cyber or otherwise — to rob you blind, according to Beth Givens, executive director of the Privacy Rights Clearinghouse.
The folks at Insure.com also say that ill-advised Facebook postings increasingly can get your insurance cancelled or cause you to pay dramatically more for everything from auto to life insurance coverage. By now almost everybody knows that those drunken party photos could cost you a job, too.
You can certainly enjoy networking and sharing photos, but you should know that sharing some information puts you at risk. What should you never say on Facebook, Twitter or any other social networking site?
Your Birth Date and Place
Sure, you can say what day you were born, but if you provide the year and where you were born too, you've just given identity thieves a key to stealing your financial life, said Givens. A study done by Carnegie Mellon showed that a date and place of birth could be used to predict most — and sometimes all — of the numbers in your Social Security number, she said.
Vacation Plans
There may be a better way to say "Rob me, please" than posting something along the lines of: "Count-down to Maui! Two days and Ritz Carlton, here we come!" on Twitter. But it's hard to think of one. Post the photos on Facebook when you return, if you like. But don't invite criminals in by telling them specifically when you'll be gone.
Home Address
Do I have to elaborate? A study recently released by the Ponemon Institute found that users of Social Media sites were at greater risk of physical and identity theft because of the information they were sharing. Some 40% listed their home address on the sites; 65% didn't even attempt to block out strangers with privacy settings. And 60% said they weren't confident that their "friends" were really just people they know.
Confessionals
You may hate your job; lie on your taxes; or be a recreational user of illicit drugs, but this is no place to confess. Employers commonly peruse social networking sites to determine who to hire — and, sometimes, who to fire. Need proof? In just the past few weeks, an emergency dispatcher was fired in Wisconsin for revealing drug use; a waitress got canned for complaining about customers and the Pittsburgh Pirate's mascot was dumped for bashing the team on Facebook. One study done last year estimated that 8% of companies fired someone for "misuse" of social media.
Password Clues
If you've got online accounts, you've probably answered a dozen different security questions, telling your bank or brokerage firm your Mom's maiden name; the church you were married in; or the name of your favorite song. Got that same stuff on the information page of your Facebook profile? You're giving crooks an easy way to guess your passwords.
Risky Behaviors
You take your classic Camaro out for street racing, soar above the hills in a hang glider, or smoke like a chimney? Insurers are increasingly turning to the web to figure out whether their applicants and customers are putting their lives or property at risk, according to Insure.com. So far, there's no efficient way to collect the data, so cancellations and rate hikes are rare. But the technology is fast evolving, according to a paper written by Celent, a financial services research and consulting firm.
taken from http://finance.yahoo.com/family-home/article/111722/what-your-facebook-profile-may-be-telling-id-thieves?mod=series-m-article-a
No comments:
Post a Comment
Thanks for taking the time to leave a comment. I really enjoy hearing from you! Please be sure to check back after you leave a comment as I like to respond back.