Is Facebook setting you up for identity theft?
Social media sites like Facebook and YouTube provide a gold mine for bad guys. When you post your birthday or download free apps, you may be setting yourself up for identity theft.
How many friends do you have on Facebook? Now, how many of those friends do you actually know from personal or professional interactions in your past?
How many had you never met before you accepted a friend request that was based on six mutual acquaintances? After all, who doesn't want to be like Norm on "Cheers," where everybody shouts your name and is your friend?
Social media has changed the way we interact with people, creating easy opportunities to re-connect with old friends and to be introduced to potential new ones. You can always find someone who shares your passion, no matter how unusual or bizarre.
But social media lulls users into revealing more than we should, or perhaps more than we want to, to people who really are mostly strangers.
While the vast majority of social media users are good people, all of that information and those interactions with unknown "friends" put users at serious risk.
Another piece of the puzzle
"Each piece of personally identifiable information that we provide gives thieves the missing piece of our profile mosaic," explained Kelly Santos, public relations manager with Identity Theft 911 in Scottsdale, Ariz.
"Something seemingly innocent, like posting our birthday on Facebook, can provide thieves with just enough information to access bank accounts, credit cards, sign up for credit and more."
You also give away a few more pieces of the identity puzzle by sharing whom or what you "like" or "follow."
When you like a particular store or your neighborhood bank, for instance, you are giving a potential thief one more link to steal your information.
Hackers utilize the following distribution "touch points" to deceive users: malicious links and code, spam, friend requests, private messaging, user groups, gaming forums, videos and music.
"People will download just about any type of application without thinking twice about the security risks associated with it. Sometimes they download more than they bargained for," Waller said.
"Last March, Google removed over 60 [mobile] applications which had embedded malicious software in them," Waller said. "Some of the malware was designed to reveal the user's private information, replicate itself on other devices, destroy user data or even impersonate the device owner."
Often, such malware is loading keylogging software onto your computer that allows the thief to "read" your login usernames and passwords for all of your accounts.
If you use online banking, the thief will have the information he needs to access your accounts and money.
Have you typed your Social Security number or driver's license number into a document you thought was safe? Again, that's data a thief can use to create new accounts and to borrow your identity.
The main antagonists
The Vulture, Mills said, takes advantage of those users who rely on public computers and either don't know how or don't bother to properly log off their accounts. The next person who sits at that computer can pull up the sites you visited and pretend to be you.
"The Vulture may then reset your password and download your pictures and personal messages," Mills pointed out. "Additionally, the Vulture could easily hijack your postings and message your friends using your social media profile as a 'trusted' source, leading them to a very unsavory deal or website."
The Wolf in Sheep's Clothing, Mills said, is the person who lures you into a friendship. This is the contact who posts malicious links on your wall or even blackmails you.
"One area where this can be particularly problematic is Pinterest," Mills said. "Here, a picture can entice you to click through to the website from which it came. This site could have malware, cookies or pose as a real brand's site to gather personal information for a 'deal.'"
Think before you press 'enter'
You should also think twice before you post that adorable video or photo of your children. While you might want the 15 minutes of fame that comes with a post that goes viral, you may be putting your child in danger.
"If you must post videos on YouTube, disable the GPS or location functions, do not use your names or your family names or any identifying information," said journalist, author and motivational speaker Becky Blanton.
"Be aware that with face recognition software, it's easy enough to take a screen shot of you or your family and find other information about you via your workplace or Facebook or other photos," Blanton said. "Many companies, schools or other places have newsletters where you are 'tagged,' so it's not that hard to find where you live if someone wants to know."
Blanton, who was once a police officer, added that people have always used personal information to commit crimes.
"The Internet just makes it easier," she said.
And now social media has provided a gold mine for bad guys.
You don't have to stop using social media — just be smarter about it. Avoid third-party applications that download your information and may lead to malicious links. Share your birthday, but not your birth year.
Think twice about what you like or follow or pin to a wall. Don’t tag pictures of yourself or your family.
And most of all, don't feel like you have to be everybody's friend. This is one time when you don't want to be the most popular person and you don't want everybody to know your name.