Social Network Safety
Facebook, Twitter, and other popular social
networking sites have given cybercriminals additional avenues to try grabbing
your personal data. For example, scammers might create a malicious Facebook app
that attempts to harvest your information for their financial gain, spreads
tainted links, or hijacks other people's profiles. Below are a few measures
that you can implement to protect yourself on social networks.
Tighten your security and privacy settings:
Although security and privacy features vary across social networks, they can
help to protect you and your account data. You must set them up, however, for
them to work effectively. For instance, both Facebook and Twitter allow you to
encrypt your connections so that other people can't hijack your account when
you're connecting from public Wi-Fi hotspots. And Facebook offers a feature to
monitor and track the computers and devices that log in to your account, to
help identify unauthorized logins.
Be careful who you “friend” or “follow”:
Before you add someone as a Facebook friend, or follow them on Twitter or
Google+, ask yourself whether you really know the person. Cybercriminals often
set up fake profiles just to spread spam and malicious links.
Watch for phishing attempts, scams, and
hoaxes: If something sounds fishy or too good to be true, it probably is. Two
widespread Facebook scams, for instance, promote links or apps that claim to
tell you who has viewed your profile, or that promise to change your Facebook
profile layout or theme even though neither capability exists. Think before you
click on these types of links or apps, as they could steal your information,
hijack your account, send spam to your friends, or cause other damage. To learn
more about social network security and to discover scams as they develop,
follow sites such as Facecrooks (www. facecrooks.com) or our own security
topic page.
Check app permissions: If you're thinking
of giving a Facebook app permission to access your profile information, first
checkout the types of information it wants. If you think a particular app
should not be able to access certain details, don't allow it. Also,
periodically check the apps you’ve authorized to see if any of them look
suspicious. You can find your installed apps at facebook.com/bookmarks/apps.
Twitter lets apps access account
information, too. Go to twitter.com/settinqs/applications and review which apps
and sen/ices can access your profile. If you no longer want to use a particular
app or service, you can disable it from this page.
Twitter
lets apps access account information
Use apps to help detect malicious activity:
A number of apps can tell you if your social network accounts are vulnerable to
attack, or if you're sharing too much personal data. For starters, they can
filter and moderate your feeds and comments for malicious or inappropriate
content, and detect fake profiles set up to flood your feeds with spam.
Two good antiscam apps are Bitdefender
Safego for Facebook or Twitter (safeqo.bitdefender.com) and MyPageKeeper for
Facebook (apps.facebook. com/mypaqekeeper). both of which monitor your
profile's feeds and comments and alert you and other users to any malicious
links they encounter. For more details on how each utility works. And if you
operate your own Facebook Fan Page or blog, consider using a service such as
Websense Defensio, which filters comments for spam
messages, malicious content, and profanity.
Inappropriate Content
If children use your computer, you should
look at ways to block inappropriate content and online predators. Even if
children aren't searching for unsuitable content, they could still stumble across
it in searches, find it via links or advertisements, or even access it directly
by mistyping a site address.
Enable Parental Controls in Windows: With
the parental controls in Windows Vista and later versions (accessible through
the Control Panel), you can determine when your kids can use the computer,
which games and applications they can run, and the types of websites they can
visit. The feature also provides activity reporting, so you can keep an eye on
their computer usage.
Vista
Parental Controls
Activate OpenDNS for Web filtering: As I
mentioned earlier, OpenDNS is an online service that offers content filtering.
But in addition to stopping malware and phishing sites, OpenDNS can block
adult-oriented sites and other online material that may be inappropriate for
children.
Even if you use the built-in Windows
Parental Controls, OpenDNS is worth trying since it provides a second layer of
protection. OpenDNS can also safeguard all computers and devices on your
network when you configure the service on your router. You can use the free
OpenDNS FamilyShield service without even creating an account. And if you wish
to selectively block certain content categories, you can create a free or paid
account with the OpenDNS Home or Premium DNS service.
Enable search engine filtering: Since
children can encounter all sorts of inappropriate content in searches, consider
enabling filtering for the popular websites. For Google, go to
qooqIe.com/preferences to turn on search filtering. For Yahoo, go to search.
yahoo.com/preferences. And for YouTube, click the Safety Mode link at the
bottom of any page.
Use SocialShield for social network
monitoring: Avira’s free SocialShield service (www.socialshield. com) helps you
keep an eye on your children’s Facebook, Twitter, Google+, and MySpace
accounts. It analyzes their public and private posts, photos, friends, and so
on to alert you to anything that might compromise your children’s online
safety.
Device and Data Theft
Not all security risks come by way of the
Internet: You never know when a thief might try to steal your equipment.
Although this is obviously more of a concern for laptops and mobile devices,
theft is one of the simplest, yet most damaging, threats.
Even if you have set a Windows password,
thieves might still be able to access your personal files and passwords, as
well as other bits of sensitive data. They could remove your Windows password
(which isn't difficult) and log in to your Windows account, boot your computer
into Linux (which bypasses Windows completely), or remove the hard drive and
connect it to another computer.
Encrypting your drive will prevent those
types of attacks. A thief could still delete your data from an encrypted drive,
but the crook wouldn’t be able to access it. If you’re using an Ultimate or
Enterprise edition of Windows Vista or later, you can use Windows BitLocker to
encrypt your drive; to learn more. If you’re
using another version or edition of Windows, check out the open-source
DiskCryptor utility.
Windows 7 Ultimate or Enterprise, use its built-in BitLocker
An alternative to encrypting your entire
hard drive is to encrypt only your most sensitive files, such as financial
reports and confidential work documents. You won’t be able to protect some data
(such as saved browser passwords) under this scheme, but taking this approach
is better than doing nothing. If you're running a Professional, Business,
Ultimate, or Enterprise edition of Windows,
you can use the built-in Encrypting File System feature, which you can turn on
through the properties of a file or folder. If you're on a Home edition of
Windows, or if your computers do not all run the premium editions, you might
turn to TrueCrypt to encrypt the files or folders you want to protect (to learn
how to use the utility.
