A few weeks ago I spent several hours texting with a concerned friend who got his Facebook account hacked. Normally he is a smart guy, but he was a real dummy when it came to protecting his account. At first he panicked and closed his Facebook completely, which of course didn’t do anything to deal with his immediate problems. In the end he was fine, but the hours he spent fixing and securing his online accounts could have been easily avoided.
Here are some helpful tips to keep your personal information secure on Facebook. Remember none of these are foolproof, but they can go a long way to keep you safe from some of the most common vulnerabilities. (These tips can also be applied to just about every other social networking site).
Don’t click on suspicious links or videos: The most common FB hacks involve links to videos that appear to be posted by a friend either on their wall or your own. The often have provocative, risqué, or shocking titles and content. When you click the link, the hack takes control of your FB account (often without your knowledge), and then spams the same link to people on your friends list. Just don’t click anything suspicious. Also consider, does the subject matter of the link match the character of the person who posted it?
Give Facebook a unique password: Most people use the same email and password combination for every online site they use. This could potentially turn a compromised Facebook account into a potentially costly situation quickly. Given how vulnerable Facebook accounts can be to simple hacks, it is a wise idea to make a unique password that you use ONLY for Facebook. This way if your account is ever compromised, you only need to worry about that one password being breached.
Keep “Security Question” answers off Facebook: Facebook can be a treasure trove for someone who wants to break into another person’s email or online accounts, since the answers to some of the most common security questions are often prominently displayed on a person’s profile (such as maiden names and hometowns). Try to keep more sensitive information off any social networking site, and whenever possible use the most obscure (or user generated) security questions and answers for any important online accounts.
Be careful what you trust your “friends” with: Be aware and careful what information you have on Facebook that is not public, but viewable by people on your friends list. Remember, if anyone of your friends accounts get compromised, all of the information you share with them is potentially compromised as well. Anything too sensitive should be kept off the web altogether.
Don’t accept just any “friend” request: For the same reasons as my last point, be careful and selective who you accept “friend” requests from. Is this someone you know? Do they have a well-established online identity (such as active blogs and twitter feeds)? Always be selective, and if you are unsure about a person you add change your privacy settings to exclude them from accessing any potential information.
Keep your phone (and laptop) off public WiFi: Ever hear of sidejacking? It’s nothing new, but thanks to some Firefox plugins practically anyone can do it. If you must use public WiFi, be sure to use the secured version (at https://www.facebook.com). You can go into your account settings and set Facebook to always connect this way. Remember your phone has the same potential vulnerabilities as any computer, so the best thing you can do is keep your WiFi turned off when using social networking sites on your phone in a public place.
Remember none of these are foolproof but a little due diligence can go a long way online.