Facebook Security

This week I thought I would take some time to talk about Facebook. Facebook is so commonly used, it is no surprise that hackers would target it and the users on it. The question is, what do they want and how do they get it?

The short answer, they want access to your account. There are several reasons for this. Many people have weak passwords and weak security settings. Until recently, Facebook did not help much in securing your profile.

Hackers want to use your account to:

1. Spam
2. Spread Viruses
3. See your personal information
4. Much more

Secure Yourself

There are several things you can do to protect yourself. The three main things are strong password practices, Facebook security settings, and minimizing the amount of personal information on available.

Passwords should not be weak. They should be hard to guess, and meet the requirements of hard passwords.  It should also be unique in that the password is not used for other accounts. As always, don't ever tell anyone your password. Getting your password is the easiest way for hackers to access your account. For more information on passwords, see my earlier blog post.

You should be careful about what programs or apps you give permissions to.

Facebook offers security settings under Account, then Account Settings, then Security. I encourage you to explore all of these settings, but I will go over the ones I think are most important.  

• Secure Browsing. You should enable this. This basically encrypts your session. Without this, everything you do goes over the wire in "clear text", which means anyone can watch what your doing. Hackers can also "hijack" your account if your on a public network. This allows them access to your account without even a password. 
• Activate Login notifications and you will know whenever someone accesses your account. You can also activate login approval to add an extra layer of security. 
• You should periodically check Active Sessions. This will let you know who is currently logged on and if you don't recognize it, you can end the session.

For privacy, there are a few things you can do. The first is to realize that anything you put on the web can be viewed by other people. So keep that in mind when posting things on Facebook. On that subject, remember that prospective employers will often check your Facebook. The next is limit the information available on Facebook. Keep your phone number, address and other information that can be used against you off there. Lastly, do not go around clicking every link you see. There are many malicious links out there.

I've Been Hacked!

The section is what to do if your account does get hacked. 

First, end all active sessions as described above. Next change your email password and your Facebook password. Why your email password? It is possible that a hacker could have your email password and will just reset your Facebook password after you change it.

Next, if you haven't already, follow the tips above about the Security Settings.

Erase anything that was posted on your wall that you did not put there. If you see these "bad" links on your friends walls, first Report the link, then let your friend know about it.

Last, scan your computer for viruses and clean them.

There is much more you can do to secure your Facebook account and protect yourself. Check this out to start: 

https://www.facebook.com/security

As always, feel free to contact me with questions.

Avoid Spam

As a follow up to last weeks post, here is how to avoid getting spam in our inbox from the start. This list is not exhaustive but should be a very effective start in reducing the amount of spam you receive.

A. Don't visit questionable websites.
 1. This is good advice to begin with. There are a lot of sites out there with malicious intents.
 2. This includes not clicking links that you don't know about or are unsure of, especially from emails.

B. Don't give out your email address.
 1. If you do happen to visit one of the questionable sites just mentioned, just don't give out your email address.
 2. Once someone has it, they often sell it to spammers.
 3. Stores will often ask for your email as well. This is not needed at all. There have been cases where stores have sold email addresses or their list was stolen by hackers.

C. Make a secondary email account designated for junk.
 1. If you do feel compelled to fill out the forms at websites you're unsure of, a secondary email address is well suited for this.
 2. This can also be the address you make public to people on your web page.

D. Do not publish your email address.
 1. It is easy for someone to send you spam when your address is made public.
 2. As I just stated above, you can use your secondary address when you have or want to do this.

E. Remove from List
 1. Most commercial emails have a link at the bottom to remove yourself from the distribution list.
 2. This is usually very small, so look hard for it.

F. Report the Spam
 1. Most email clients have a way for you to report the email as spam.
 2. This will help that client filter spam better in the future.

G. Edit Settings
 1. Sites like Facebook or others associated with your email should have settings that determine how much mail they send you.
 2. You can also sometimes decide whether your email is visible or not.
 3. You should also read website's Privacy Policy before giving your email address