Our fascination with social media is at an all-time high. We spend an average of 1 hour and 40 minutes using the sites every day, and the trend shows no signs of slowing down. With this in mind, it's important to remember to protect ourselves whilst using social networking sites. Whilst it's easy to think of social media as an informal, fun space – this doesn't mean your data is at any less risk from cyber criminals on the platforms. It is always best to remain vigilant online.
Social media platforms have been targeted by hackers ever since they gained popularity in the early 2000s. Indeed, in order to set up a profile, users have to hand over personal data such as date of birth and phone number, information that is valuable to cyber criminals who can use these details to commit identity fraud, open bank accounts in your name, take out loans and etc.
Since social media sites now attract hundreds of millions of users, they're the perfect place for hackers to go data-hunting.
Hackers don't need to look very far when it comes to gathering information about social media users. Users sometimes make information like email addresses visible to either the public or their contact list and, using this, hackers can pretend to be legitimate users who have simply forgotten their password and request the site to reset it. Most email accounts are protected by weak passwords that are easily cracked with hacking software, which can test up to 100 billion passwords every second. With access to the email account, it's easy to reset social media passwords and take control of the profile.
For this form of attack, hackers don't need incredible technical skill. A lot of the work is done by software that's easily downloadable online, or by simply befriending someone on social networking sites and viewing their profile information. For instance, it's common nowadays for people to 'check-in' on social media, a way of letting your friends know where you are and what you are doing/experiencing. However, if this information falls into the wrong hands, e.g. a criminal who is impersonating one of your friends, they will know that your home is empty and for how long (users often post holiday snaps online, for example, signifying to their friends that they will be away for days or weeks). This information could be used to facilitate a burglary at your home.
The privacy settings on social media platforms allow users to control who has access to information about them and what posts they can view. If you use social media, you should be aware of your privacy settings, and review them regularly.
Although there are lots of social media sites out there, all with slightly different privacy settings, the top three are as follows:
The Facebook/ Cambridge Analytica scandal in 2018 highlighted the importance of data awareness on the Facebook platform. Many apps posted on the site have access to users' profile information, things like name, birthday, friends list, and even photo albums. By going to the Apps Settings page, users can see exactly what apps they have used in the past and what information these apps have on them. Most users will be quite shocked to see the amount of information they continue to share with these external sources! To limit what personal details these apps have access to on Facebook, users can uncheck the boxes besides each listing, or unlink from the apps altogether by clicking X.
Facebook also allows users to limit who can see individual posts, pictures, personal information, and photo albums. Options are: private (only the owner), friends, friends of friends, or public. There is also a custom option to limit viewing to only a selected few.
Twitter allows users to control who can see their tweets, who can tag them in photos and mention them by their twitter handle, and what accounts can 'follow' them. All privacy settings can be found under 'privacy and safety' settings on the platform, where 'protecting' tweets means only twitter users that follow you can see them (by default, tweets are public).
Twitter also allows users to review, block and/or report messages if they receive something offensive or suspicious, and to either allow or block unknown (those they do not follow) people from messaging them.
Similarly to Facebook, Twitter provides its users with ability to manage third-party applications built for the Twitter platform. Depending on what permissions the app asks for, an app may be able see your Tweets, see who you follow, post Tweets on your behalf, access Direct Messages, or see your email address. Twitter users should exercise caution and review permissions carefully before consenting to share information.
Instagram is a photo-based sharing site, meaning that privacy settings are much more black and white than either Facebook or Twitter. Users can either make their pictures and videos public (in which case, all Instagram users will have access to them and they will appear in hashtag searches); or they can make their profile private, which means only contacts will be able to view the content, and any new contact requests will have to be reviewed and accepted by the user first.
Images may also appear in Google search results if users have logged into their account using a web viewer, which authorises search engines to access the profiles/images of users. To remove photos from appearing in web image searches, users can revoke access to third-party apps and websites in settings, or set their account to private.