Planning a high school reunion used to be a task involving lots of phone calls, mailings and general footwork to find classmates, compile a list of attendees, and coordinate the physical get-together. Now, thanks to social media like Facebook and Instagram, you just put out a call to the three or four people you’ve kept in touch with. Then they contact people they know by sharing your post and the hard work is done. Hooray for technology!
But what if it’s not really your student government president who is pulling together all this information? What if it’s a hacker masquerading as that person, and they are compiling names, addresses, phone numbers and perhaps times you won’t be home? How can you protect yourself?
That Facebook, Twitter, Instagram, TikTok and other social media apps are open to all is a great leveler. However, it also means the usual cautions you might exercise when making friends don’t apply. If person X already knows person Y, and you’re a follower of person (Y) that must be OK, right? Not necessarily.
There are some simple guidelines to follow that can keep you safer on social media. First, when you get a friend or follower request, verify the person is who they say they are (perhaps with a phone call or non-Facebook message) and that they have a reason to connect with you. Scammers send out thousands of friend requests, and if even a small fraction say yes, they have a larger pool of victims. If they spend a little more time, and impersonate someone you already know, it’s more likely you’ll just click ADD. Once they have access to your profile, they can repeat the exercise with your friends.
Second, think about what you reveal in your profile on social media. Potentially, your social media contacts can see your birth date, hometown, education and workplace. Using that data, and one or two other details, a scammer could set up credit accounts in your name, re-direct payments to another address, or convince your bank and credit-card suppliers to add their name to your account. Try and keep your available personal information to a minimum.
The other place you might inadvertently give away personal information is those cute quizzes you see on social media. They ask things like where you met your spouse, how you chose your career, the first rock concert you attended. The more data points a scammer can glean from such tests, the more convincing they can be when trying to scam information out of your bank or friends. Keep your profile information to a minimum —don’t add birthdate or high school graduation year as that gives the bad guys valuable data.
Watch out for friend requests from folks you are already know. Such requests are a sure sign your friend’s account has been compromised, and the hacker has set up a cloned profile, solely for the purpose of adding your profile data to their portfolio.
If you are at the beach and you want folks to see what a great time you’re having, consider waiting until you get home to upload your photos. It’s tempting to do in real time, but then the scammers know you’re not home.
And as I have mentioned before, take a few minutes to review your privacy settings in social media apps. Pay particular attention to who’s allowed to view your profile information—this should be either just your friends or yourself. When you post to the app, check that you’re including as small a group as possible (again Friends, not Public) to reduce the chances of sensitive information falling into the wrong hands.
And as with every account on-line, NEVER re-use the same password on different services. Following the few steps outlined above usually makes the hackers look elsewhere for an easier mark.