Phacebook?
Posted on October 19, 2007
Filed Under Data Protection, Uncategorized |
(One word of warning before getting on with the post, don’t bother going to look at the .com of the title. It’s your bog standard parked page.)
I’ve just finished reading Sugarrae’s Updated Unofficial and Smartass Guide to Using Facebook. A great resource. Having only recently signed up to Facebook, and, with a baby in the house, having had little time to set it up so far, this guide will definitely speed up my getting in to Facebook.
However…
…and hence the reason for this post, the one thing I’d like to see in the next edition is a phishing warning. The closest I found to this was the instruction to fill out the parts of the profile you’re comfortable with, with no discussion of which parts you might want to be reconsider being uncomfortable with, especially those that could be useful in ID theft.
Birthday is an obvious one to think twice about. I try and avoid giving this to anybody without a financial paper based contract with me e.g. banks, insurance etc. I certainly don’t put a real birthday on any form of social media site. Those who “need” to know my birthday already do.
The other one I’d be cautious about is whether you are indirectly giving away mother’s maiden name. There as several ways I can see this being possible. Linking to your mother’s profile when she goes, for whatever reason, by her maiden name would be the most direct route. Linking to your mother’s profile when she links to her mother’s profile, linking directly to your maternal grandmother’s profile etc.
Whatever information you place on the net, think carefully about where else, that actually matters, you might use that information to establish who you are.
It is continually reported (or so it seems ;)) that phishers are getting ever more specific in their targets. If somebody hacks into a social media site where you have an account then they may already have some of the information they need to steal your identity. They also have an email address to attempt to get the remainder.
Comments
One Response to “Phacebook?”
Leave a Reply
Interesting article although I’m not entirely convinced the focus should be on solely Facebook. The issues you address apply to all industries where people submit information not just Facebook.
People submit information and entrust companies with the most private details on a global scale everyday. A lot of companies leak or sell such information on or distribute such details through international regions with poor security values and very little emphasis on personal privacy. With details such as mother’s maiden names, in my opinion this is a terrible security reference in the first place. Most people could easily and quickly reveal such information if the questions were disguised within a general conversation.
Facebook does offer you the option to restrict access to your profiles and to whom your information is available to. However in conjunction with what you stated, Facebook should inform their users of why and how such settings should be considered. I think this is aptly suggested in your statement:
“Whatever information you place on the net, think carefully about where else, that actually matters, you might use that information to establish who you are.”
Good read.