Steps to take for social media security

As the Cambridge Analytica scandal showed, bad actors, data aggregators, state sponsored hackers and groups looking for a political advantage are using social media to gather information about YOU.  There are a few simple things you can do to limit your exposure.

These recommendations are for Facebook but similar settings are available for other social media sites like LinkedIn.

First check YOUR Facebook security settings.  In particular look at the “Privacy” and the “Apps and Websites” settings.

(You can also get to these settings from Facebook, click the down triangle in the blue header bar and choose Settings)

Pay special attention to Apps and Websites.  Delete any you don’t actively use and if you do choose to keep any check the type of data access they have.  They may not be worth the risk.

Apply critical thinking.

Don’t be manipulated!  Try to view ads and posts with healthy skepticism.  People on your friends list may not be as discriminating as you and “liking” something which you’re not sure about starts further ads and posts targeting you.

Based on details of your life you’ve shared or posts you’ve liked or groups you’ve joined, bad actors may be able to:

  • Guess your passwords
  • Impersonate you online
  • Steal your identity
  • Form a profile of you that is valuable
  • Attempt to manipulate you

Be cautious posting personal details.

Assume any information you do post will eventually become public, regardless of the privacy controls you use.  You may be vigilant about protecting your own account, can you expect that everyone in your Friends list is as security conscious?  If their accounts are compromised your data is exposed.

Third Party Apps, Games, Quizzes and Surveys

Some social websites have additional third-party programs, such as games you can install. These programs are usually not developed or reviewed by the social networking website.

How did the whole Cambridge Analytica scandal start?   A personality survey asked users to download an app which scraped private information from their profiles and those of their friends, activity that Facebook permitted at the time and has since banned.

The data included details on users’ identities, friend networks and “likes.” The idea was to map personality traits based on what people had liked on Facebook, and then use that information to target audiences with digital ads.

As we now know fake groups were created to misinform and manipulate voters based on their Facebook data.

The Washington Post had collected examples of fake groups and ads which were designed to sow discord and change voting patterns:

Check Facebook’s own security page for information on how to limit or even delete your account.

The Department of Homeland Security has additional recommendations for using social media safely: