Subscribe to the Bombay Chartered Accountant Journal Subscribe Now!

March 2013

Social Networking – Be Careful Out There – II

By Samir Kapadia, Chartered Accountant
Reading Time 8 mins
fiogf49gjkf0d
About this Article

This write up is Part 2 of the three part series on the topic. The previous write-up was aimed at creating awareness about some of the myths and misconceptions related to the use of social networking sites.

While the recent events have had the effect of an eye opener for some people, there are many others who throw wind to caution


This article highlights some simple steps and safe practices which may help in making your experience a safe one rather than a sorry one.

Background

The previous write up briefly discussed some of the myths and misconceptions related to the use of social networking sites. It also focussed on the complete lack of awareness on how personal information is stored, accessed and made available on the internet. The more shocking revelation being that the information is, more often than not, revealed with or without the permission of the person who was most likely to be affected by such a revelation.

 The key takeaways from the previous write up were:

• Social networking sites aren’t responsible for your privacy…. you are!!!

• Default settings on the site, may or may not provide adequate protection.

• When social networking sites change their privacy policy, they may or may not tell you about the changes made, more importantly they may not tell you how your “personal” information is about to become a more public.

• The privacy policy of the social networking site does not extend to its partners (i.e. app and other third party service providers).

• When something is provided to you free of cost, it doesn’t mean that there is no cost attached. On the contrary, it means that someone else is footing the bill. And that ‘someone’ is going to extract something of value (like your private info) in return.

• Social networking is a paradox – you are posting data meant to be private on a medium which is meant to be public.

Risks

Very recently, Facebook acknowledged that their servers were hacked. While the company said that there was no data loss/damage done, there is no way of knowing for sure whether that was a fact. This may come as a surprise to some people, however, for others it was something that they always expected to happen.

Given the nature and amount of data collected and stored by some of the social networking sites, it was obvious that sooner or later, they would be targets of cyber criminals.

A curious person would ask what does the social networking site have that may be of interest to anyone other than the users? Or the information posted by me is harmless, what damage can the hacker do to me?

A short list of the risks involved is as under:

• All your private information, either about yourself or your friends, their likes or dislikes will be compromised.

• Someone could use this information to bully you or cyber-stalk you or your friends.

• The information may be used for inappropriate or illegal purposes including phishing, cyber frauds, hacking someone else’s account, etc.

 • It is also possible that your ‘views’ about someone or something may be disclosed to the very person and there would be consequences.

 • Your name, details may be used to spread viruses, spam, malware, etc

• Someone may hijack your email account or Facebook page and post some damaging information.

Steps to Safe Social Networking Experience

 It is important to remind the readers that there is very little we can do against a prolific hacking attack or a skilled scamster. After all, considering that the networking sites with all their resources couldn’t do much, can you do any better? It is therefore imperative that you take steps to reduce the impact of any damage that may be caused. Listed below are a few ‘counter measures’ that may be useful:

Don’t succumb to peer pressure:

Peer pressure is like a double edged sword, at times it forces you to excel and then there are times when you succumb to it and in that moment of weakness, sometimes, it leads to disastrous consequences.

Don’t let peer pressure or what other people are doing on these sites convince you to do something you are not comfortable with. Stay within your limits. Remember, just like the spoken words cannot be taken back, what you post on these site cannot be erased (not very easily). It will remain in the system no matter what.

Keep personal information out:

Generally people have a tendency to post personal information like their phone number, photos of their home or their work place, school or date of birth, etc.

Just stop for a minute and think about it. This is the same information that a hacker would be need to access your bank account, your credit card, etc. Do you really want to leave this information out in the open?

Keep your profile closed, allow only your friends to view the profile. Else, for a skilled hacker or a scamster, you would be a sitting duck, ripe for the kill.

Mask your identity:

Be very wary of posting any personal data. If possible use a nick name or an alias (commonly referred as a ‘handle’).
It’s very easy to set up a separate email account to register and receive information from the site.

The advantage being that should you even feel the need to close the account or stop using the social networking site, you needn’t stop using your primary mail account.


Use strong passwords:

Remember, the password is the weakest link in the chain. Birthdates, location, nicknames are too common, you don’t need to be a super computer to figure out these types of passwords. The hacker will have a look at your profile and the information will be sitting right in front of his eyes.

Make sure that you use a combination of upper and lower case plus numbers and special characters. It doesn’t have to be very difficult.

Common daily use sentences like ‘I travel by western railway’ can also be converted in to a unique password by making use of a combination of upper and lower case characters along with symbols. Something as obvious as BCAS 2013 can be written as ‘8©@S2013’ and it would be become 10 times more difficult to guess or hack, yet easy for you to remember.

Social networking vs. venting out

Social networking and venting out are two seperate things. Remember that what goes online stays online.

Don’t say anything or publish pictures that may cause you or someone else embarrassment.

Never post comments that are abusive, or those that may cause offence to either individuals or groups of society.

Recently, many companies have started (re)viewing current and prospective employees’ social networking pages. The slightest indiscretion and you are likely to be on your way out.

What you say can and will be used against you

Who actually owns and who controls “your” intellectual content that you post is not as clear as you might think. This also raises the question: If you don’t own it, can you really control it?

 Terms of usage vary with every social networking service. It is more likely, that as soon as you sign up, you give up control of how your content may be used.

Be careful in choosing your friends:

It’s an age old advice. Be that as it may, it applies to your offline as well as online friends. Be wary about who you invite or accept invitations from. Be aware of what friends post about you or reply to your posts, particularly about your personal details and activities.

Never disclose private information when social networking. Most importantly be careful of clicking on links on an email or social networking post, even if its from your friend (in some cases specially if its from your ‘friend’)

One of the biggest mistakes you can make is to accept friend requests from people you don’t know. When you do that, you are inviting people you know nothing about to share your personal information.

When your friends share information about you on their networks that you’d rather keep private, contact them and request them to remove the damaging information. Some sites may also permit you to remove any tags that your friends use to identify you in their posts

Guard against phishing:

Be guarded about who you let join your network. Use the privacy network to restrict strangers from accessing your profile. Be on guard against phishing scams, including fake friend requests and posts from individuals or companies inviting you to visit other pages or sites. If you do get caught in a scam, make sure you remove any corresponding likes and app permissions from your account.

Don’t be afraid to block specific users or set individual privacy settings for certain sensitive posts and information.

While all of the above discussed ‘counter measure’ may not offer complete protection, you may be saved from a total disaster. After all, prevention is always better than the cure.

The next write up (the third and concluding part) will deal with the specific issue of changing your privacy settings (i.e. location) and some basic steps on what to do if your account is hacked.

You May Also Like