Is Facebook setting you up for identity theft?

Social media sites like Facebook and YouTube provide a gold mine for bad guys. When you post your birthday or download free apps, you may be setting yourself up for identity theft.

Pat Sullivan/AP/File
Houston school teacher Candida Gutierrez had her identity stolen several years ago. If you share too openly on social media sites like Facebook, Google+, or YouTube, you could be putting yourself at risk of identity theft.

How many friends do you have on Facebook? Now, how many of those friends do you actually know from personal or professional interactions in your past?

How many had you never met before you accepted a friend request that was based on six mutual acquaintances? After all, who doesn't want to be like Norm on "Cheers," where everybody shouts your name and is your friend?

Social media has changed the way we interact with people, creating easy opportunities to re-connect with old friends and to be introduced to potential new ones. You can always find someone who shares your passion, no matter how unusual or bizarre.

But social media lulls users into revealing more than we should, or perhaps more than we want to, to people who really are mostly strangers.

While the vast majority of social media users are good people, all of that information and those interactions with unknown "friends" put users at serious risk.

Another piece of the puzzle

"Each piece of personally identifiable information that we provide gives thieves the missing piece of our profile mosaic," explained Kelly Santos, public relations manager with Identity Theft 911 in Scottsdale, Ariz.

"Something seemingly innocent, like posting our birthday on Facebook, can provide thieves with just enough information to access bank accounts, credit cards, sign up for credit and more."

You also give away a few more pieces of the identity puzzle by sharing whom or what you "like" or "follow."

When you like a particular store or your neighborhood bank, for instance, you are giving a potential thief one more link to steal your information.

Hackers utilize the following distribution "touch points" to deceive users: malicious links and code, spam, friend requests, private messaging, user groups, gaming forums, videos and music.

"Social networking scams are 10 times more effective in spreading malware than email" is, said George Waller, executive vice president and co-founder of StrikeForce Technologies in Edison, N.J.

"People will download just about any type of application without thinking twice about the security risks associated with it. Sometimes they download more than they bargained for," Waller said.

"Last March, Google removed over 60 [mobile] applications which had embedded malicious software in them," Waller said. "Some of the malware was designed to reveal the user's private information, replicate itself on other devices, destroy user data or even impersonate the device owner."

Often, such malware is loading keylogging software onto your computer that allows the thief to "read" your login usernames and passwords for all of your accounts.

If you use online banking, the thief will have the information he needs to access your accounts and money.

Have you typed your Social Security number or driver's license number into a document you thought was safe? Again, that's data a thief can use to create new accounts and to borrow your identity.

The main antagonists

Jon Mills, co-founder of NetClarify in Gainesville, Fla., believes there are two primary types of social media attackers. He calls them the Vulture and the Wolf in Sheep’s Clothing.

The Vulture, Mills said, takes advantage of those users who rely on public computers and either don't know how or don't bother to properly log off their accounts. The next person who sits at that computer can pull up the sites you visited and pretend to be you.

"The Vulture may then reset your password and download your pictures and personal messages," Mills pointed out. "Additionally, the Vulture could easily hijack your postings and message your friends using your social media profile as a 'trusted' source, leading them to a very unsavory deal or website."

The Wolf in Sheep's Clothing, Mills said, is the person who lures you into a friendship. This is the contact who posts malicious links on your wall or even blackmails you.

"One area where this can be particularly problematic is Pinterest," Mills said. "Here, a picture can entice you to click through to the website from which it came. This site could have malware, cookies or pose as a real brand's site to gather personal information for a 'deal.'"

Think before you press 'enter'

You should also think twice before you post that adorable video or photo of your children. While you might want the 15 minutes of fame that comes with a post that goes viral, you may be putting your child in danger.

"If you must post videos on YouTube, disable the GPS or location functions, do not use your names or your family names or any identifying information," said journalist, author and motivational speaker Becky Blanton.

"Be aware that with face recognition software, it's easy enough to take a screen shot of you or your family and find other information about you via your workplace or Facebook or other photos," Blanton said. "Many companies, schools or other places have newsletters where you are 'tagged,' so it's not that hard to find where you live if someone wants to know."

Blanton, who was once a police officer, added that people have always used personal information to commit crimes.

"The Internet just makes it easier," she said.

And now social media has provided a gold mine for bad guys.

You don't have to stop using social media — just be smarter about it. Avoid third-party applications that download your information and may lead to malicious links. Share your birthday, but not your birth year.

Think twice about what you like or follow or pin to a wall. Don’t tag pictures of yourself or your family.

And most of all, don't feel like you have to be everybody's friend. This is one time when you don't want to be the most popular person and you don't want everybody to know your name.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.