Your privacy is for sale and it’s being compromised. What you think is secret online, may not be. Near-daily data breaches and security leaks make it even more difficult to keep your personal information secure. But there are things you are doing, or not doing, online that puts your digital information at even more risk.
So the NBC10 Boston Investigators and Responds have teamed up to show you how to "Take Back Your Privacy" – steps you can take right now to lock down your social media.
“If you don’t have your guard up to some extent at all times, you’re probably going to allow something to slip through the cracks at some point,” said E.J. Whaley, who works for Great Horn, a local email security company.
Whaley says cyber-criminals can use your tweets, posts, pictures, and friend lists against you to access accounts, create fraudulent identities and compromise careers.
“All it takes is a very small amount of info on LinkedIn or the other social media profiles or a combination of them and you can do quite a bit of damage,” said Whaley.
For example, if criminals see a post about your weekend away in Phoenix, they may assume you used an ATM while you were there. Then they could craft an email that looks like it is coming from an Arizona bank, describing a security issue and asking you to click on a link to see if your information was compromised. If you fall for it, you unknowingly download malware on your computer. It’s software specifically designed to gain unauthorized access to your computer, putting your account information at risk.
“It comes back to being aware, thinking about not just what you are posting, but what you are clicking on, and who you are communicating with,” said Whaley.
So what can you do right now to make it harder for identity thieves and hackers to get your personal information? Whaley walked us through four social media platforms to show us how to lock down our accounts.
He says to begin by revisiting your privacy settings, making Instagram, Twitter and Facebook accounts private
In your Facebook settings tab, make it so your profile won’t pop up on a web search, filter who can find you by searching an email address or phone number, and enable the feature that allows you to review posts before they hit your timeline. Clean out your friends list and keep it private and do some serious vetting before you accept any new friend requests. You should also keep your bio information on all accounts to a bare minimum, even on LinkedIn. You may want to connect with potential employers, but don’t reveal more than you need to.
“There is a big difference between being able to say I have worked in this capacity doing these types of things, and I have worked in this capacity doing these types of things on a very specific software,” said Whaley.
Some other smart moves: enable two-factor authentication on your accounts -- a security feature that requires an additional step to sign in to your accounts, and use a password manager, which generates and remembers strong and unique passwords for your accounts. You can make it harder for criminals to connect the dots of your personal information.
“If people are just a little bit more aware about what they are doing, and a little bit more aware about what info is out there about them, they can reduce the amount of risk that they themselves have,” said Whaley.