Pew Research Center (PRC) has been tracking social media usage since 2005 and, nearly two-thirds of American adults (65%) are using social networking sites
Statista reported that, as of the end of 2015, there were:
- 1.59 billion active Facebook users
- 320 million active users on Twitter
- 100 million active users on Pinterest
- 400 million active users on Instagram
- 100 million members on Linkedin
Social media has become an important part of a modern lifestyle, but it is also the perfect platform for users to overshare private information to the extent that they end up inviting trouble. People of all ages and backgrounds are guilty of oversharing, but it is a particularly major concern when it comes to children and teenagers who are often completely unaware of the consequences.
Reports of enormous data breaches and hacked social media accounts are becoming increasingly widespread as cybercriminals take advantage of the vast number of people using popular social networks. However, even if you do not fall, a victim, yourself, oversharing on social media will often come back to haunt you later on, particularly when it comes to future job prospects or personal relationships.
The Facts about Data Breaches and Hacked Accounts
Attacks on social media accounts are steadily increasing, with more than one billion records reportedly stolen back in 2014. In that same year, almost half of all adults had personal data exposed due to hacking attacks. While the consequences are most often negligible, it depends on exactly which information is stolen. Sometimes, the consequences can be disastrous.
In 2013, more than two million passwords for social media accounts, such as Facebook and Twitter, were stolen and sold online on the black market. This login information is often acquired by keyloggers and other malicious software as well as entirely Web-based phishing schemes that attempt to dupe people into giving away their passwords to criminals.
According to a Norton Mobile Apps Survey, "68 percent of people surveyed will willingly trade in various types of private information for a free app."
If you are still not convinced about the dangers of oversharing on social media, consider the fact that around 600,000 Facebook accounts are compromised every day. While Facebook does what it can to keep your information safe, you should never take it for granted. After all, it is not the social network that's ultimately responsible for your information - you alone are responsible for what you share.
How Much of Information about You Is On Social Media?
As far as most social media users are concerned, social networks are all about sharing your lives with others. However, you should be prepared for the consequences of every word and photo you post, because once something is online, there is a good chance of it being there for good. In this respect, privacy settings are mostly meaningless, particularly if your account gets hacked.
While a lot of social media users spend hours updating their profile with massive amounts of information, there are a few things that you might end up sharing unwittingly. After all, the likes of Facebook and Twitter do not care much about your privacy, and relatively few people bother to go through the small print of their service agreements.
The following are some details you might be unwittingly sharing:
- Information about payments
- payment information, such as your credit or debit card number and/or other cards
- billing, shipping and contact details.
- Device information
- The operating system
- hardware version
- device settings
- file and software names and types
- battery and signal strength
- other device identifiers
- Specific geographic locations, such as through GPS, Bluetooth, or WiFi signals
- Name of your mobile operator or ISP
- browser type
- language and time zone
- mobile phone number
- IP address
- Information from websites and apps that use their Services (like when they offer our Like button or Facebook Login)
- information about the websites and apps you visit
- Information from third-party partners
- experiences or interactions with them
The above information is acquired legally by companies like Facebook to pass on for advertising purposes. In fact, you agree to this giving away of personal information when you sign up to the network in the first place, although few people exhaustively read the privacy agreement.
How Can Hackers Use Your Data?
Just like the social networks themselves, stolen data is most often utilized for advertising. Hackers typically sell things like login information on the black market to unscrupulous advertisers and companies. The information gathered from hacked accounts is ideal for personalized social engineering attacks and spam emailing. Additionally, emails containing malicious software or links to malicious websites tend to look a lot less suspicious if they comprise of information that you are familiar with, such as names of friends or employers. In other words, stolen social media data allows cyber criminals to personalize their attacks, in order to dupe their victims.
Identity theft is another common reason for criminals to hack into people's social media accounts. Even information that most people provide on social networks without a second thought, such as relationship status, hometown, date of birth and full names may be used to misappropriate your identity. Online bullies may also use this information to create fake social media profiles for the purposes of defamation. In other cases, a hacked account may be used for the purposes of extortion by holding things ransom; like embarrassing photos or private chats.
Hackers can also use the information they gather from a social media attack to hack into other accounts. For example, if a criminal has uncovered your Facebook password, they may try to access other accounts that you might have used the same password for. Additionally, they might use the information they find on your profile to guess passwords and answer security questions to reset passwords. Common security questions include a pet's name or place of birth, information that people can often find from your social media profiles.
Below are some examples of the social engineering exploits that criminals employ:
- Like-jacking: this happens when a criminal posts a fake Facebook “like” buttons onto a web page. A user clicks the button don’t “like”, and instead downloads malware.
- Phishing – instilling a sense of urgency or fear in someone to hand over usernames, passwords, and credit card details (and sometimes, indirectly, money) by disguising itself as a trustworthy. Those ‘Nigerian Prince’ scams are an example of phishing.
- Link-jacking: redirecting a trusted website’s links to another site that has malware that hides drive-by downloads or other types of infections.
How to Keep Yourself Safe Online
The only way to be completely safe on social media is to avoid using it at all. In fact, according to a study by the USA Network in 2015, over half of young people claimed that they regretted ever joining social media in the first place. Nonetheless, most people have come to rely on it as an easy way to keep in touch with friends around the world. As such, it is often not practical to simply commit 'Facebook suicide', so to speak. Fortunately, however, there are still many ways you can protect your privacy online without having to shy away from social media altogether:
- Use different complex alphanumeric passwords for every online account, and get into the habit of changing them regularly. Never use passwords that are easy to guess from the information that might be available on your social media profiles or elsewhere online.
- Always think about what you post before you post it, and never assume that privacy settings will protect you. For the sake of your privacy and security, it's best to post as little information as possible about yourself, including your real name, date of birth and location.
- Be particularly wary of any unsolicited contact over social media, such as messages or friend requests from people you do not know. Only interact with people you know in real life, but be aware that a friend's account could also get hacked at any time.
- Although you should never take social media privacy settings for granted, it is still worth configuring them to better control what you share with others, particularly people you do not know. Most social networks also allow you to hide your profile entirely from the general public.
- Never share any sensitive information over social media, including in private messages. Information that you should never post anywhere online includes financial information, login details, confidential corporate information or personal information that hackers could use to steal your identity.
To use social media safely, you'll be best off using an alias rather than your real name and keeping any profile information to a minimum, completing only the fields that you feel are necessary. If you still insist on sharing content such as personal information and private photos, you should always remember that, once it is online, it can end up being there forever.
Should your personal information end up in the wrong hands either due to your own oversharing or because of factors beyond your control, you could end up in serious trouble? Online privacy has rightfully become the number-one concern of the century, and you need to take it seriously lest your social media blunders of the past come back to haunt you later on.
Also published on Medium.