Twitter and Facebook users need to get smart

Security threats are serious, time to protect yourself


PirateAnyone who knows me understands that social networking is a critical piece of what I do. Every story, podcast, column and slideshow we publish on CSOonline is quickly proliferated via Facebook, LinkedIn, Twitter and elsewhere online. So it might be easy to look at the headline of this column and suggest I'm being a hypocrite.

But this isn't a column against social networking. It's about using the medium more securely.

We've written a lot about social networking security. Now there's a report from our friends at Threatpost about a new profile-stalking scam. The post reads: "A bogus application that lures Facebook users by falsely offering to show who has been viewing their profile has been exposed as a scam. A researcher warns he has already identified 25 different copies of the same rogue app but using different monikers such as peeppeep-pro, profile-check-online and stalk-my-profile."

Heck, I admit guilt in mixing personal with professional, especially on Facebook. I'd estimate my friends list is about half business associates, a quarter friends and a quarter family. Some might also say I'm guilty of oversharing because of the sheer volume of posts I make on these platforms. I've tried to improve on that score. I used to have the year I was born in my profile, but removed it when someone suggested it could be used by bad guys to crack into more sensitive personal information.

Here's what I try to do:

  • Limit my status updates to sharing content I've written, music I'm listening to or amusing things my kids say. Once in awhile, I'll take the bait and dive into a political argument, so long as it's respectful.
  • Avoid, at all costs, complaining or trash talking against others.
  • Avoid giving away details that would put my family at risk. A prime example is the new Twitter tool that lets followers see exactly where you are tweeting from. That is absolutely stupid, in my opinion. If my sons are bowling on such and such a street at a particular bowling alley, I'm not going to give away the coordinates in a tweet.
  • Avoid sharing banking information. (This seems obvious, but have you ever complained online about your bank's service or fees, thus giving away which bank you use?)
  • Avoid games like Farmville and Mafia Wars. That I find these games silly and boring is beside the point. One person's boredom is another person's fun. My bigger problem with these games is that they can put the user at risk.

That last point was made plain during a talk about social networking dangers presented at the ShmooCon conference in February.

"Recommended For You"

How to get more out of Twitter: 8 free Twitter tools Five new social engineering hacker tricks