identity_socialThis blog post comes from Adam Kennedy, Product Analyst at CSID.

With the rise in social networks and the increasing desire to share personal data in public forums, it’s no surprise identity thieves are targeting Facebook, LinkedIn, and Twitter to steal your identity.

What are they after?
Your Facebook page and Twitter profile page will show your name, email address, your current employer and friends. Most don’t use the proper privacy settings and provide access to date of birth, phone number, and current address. Those in the professional world have a LinkedIn profile with your primary college, where your first job was, and your colleagues. Soon the identity thief can piece together your personal life; your childhood nickname, your favorite childhood friend, where you were born, the make and model of your first car.

What can they do with your identity?
Identity thieves that successfully gather enough information about you can gain access to your bank accounts, email accounts, and even open new accounts since your bank, credit card company, and your email accounts all have security questions designed on your personal life (your childhood nickname, your mother’s maiden name, etc.). In addition, an identity thief can call your bank acting as you and have the password reset over the phone, free to gather any information needed to drain your accounts.

An individual’s email inbox contains a treasure trove of information such as old passwords for bank accounts and e-commerce accounts like Amazon or eBay, bank and credit card account numbers, and even tax return information including, your SSN. So, you can imagine an identity thief’s desire to get into your email inbox.

What are safe social network practices?

  1. Maintain you Privacy settings: There are privacy and security settings on social networks which help keep your information private and out of public view. Each social network website has a section outlining the necessary steps to utilize these settings.
  2. Limit personal information: It is important to be careful how much personal information you share on social networking sites. The more information you post, the easier it is for a hacker to access your data and piece together your identity for malicious use. Avoid listing the following information publicly: date of birth, hometown, address, education, and primary email address. Also avoid information that could be used as a security question: your mother’s maiden name, the make and model of your first car, etc.
  3. Stay away from surveys: Survey scams are typically found on social networking sites like Facebook. They come in the form of wall posts with a link. They use clever social engineering techniques like mentioning popular news items about celebrities, or political issues. Another popular hook is mentioning a contest or prize giveaway. By hooking survey scams with effective social engineering lures, users are likely to click the links or follow the instructions included in the posts. Once the link is followed, malware can be attached to the computer where your personal information can easily be collected.
  4. Be aware of whom you friend: The easiest way for identity thieves to get into your personal life is by friending you. This gives the identity thief access to any public or private information you or a friend posts about you. Only invite people to your network that you know or have met, as opposed to friends of friends and strangers.

Have additional tips for safe social network practices? Share your thoughts with us on Facebook and Twitter.