Categories
Blog Archives
Facebook Identity Theft Protection Guide: 6 tips to protect your identity on Facebook
Posted by Joe on March 4th, 2008
With over 66 million active users and nearly a quarter million new people signing up every day, Facebook is one of the fastest growing social networking websites in the United States. Unfortunately, many of the characteristics that make Facebook a great social network also open up Facebook users to a variety of identity theft related crimes.
NextAdvisor.com has compiled a list of 6 simple tips in our Facebook Identity Theft Prevention Guide below. The goal of this guide is to help raise awareness of those identity theft risks related to Facebook use as well as provide some steps that Facebook users can take to help protect themselves from being victimized by identity thieves.
Tip #1: Limit the amount of personal information available on your Facebook profile.
A recent poll of Facebook users commissioned by NextAdvisor.com found that 27% of respondents listed their full name, date of birth, phone number and email address on their Facebook profile. An additional 8% of respondents included all of that information plus their physical address on their profile. Many Facebook users also list other personal data such as their spouse or significant other's name or birth date. That type of personal information is extremely dangerous in the hands of identity thieves as it can be used to perpetrate various forms of identity theft.
For example, an identity thief may be able to use your home address and phone number to submit a change of address form with the United States Postal Service and have your mail forwarded. This would allow an identity thief to get access to additional sensitive information that would allow them to open financial or other accounts in your name.
This information can also be used by savvy identity thieves to help them hack into online accounts since contextual information in your profile can tip them off to potential user name and passwords you may use. Once an online account, whether it is an email, credit card or other account, has been accessed it can be used to cause even further harm. In one such example of this type of identity theft a college student used information from another student's Facebook profile page to gain access to their Apple.com account and order over $1,000 worth of products.
Our recommendation is to limit the amount of personal information that is available on your Facebook profile. Specifically:
- Never list your full date of birth, phone number or physical address on your Facebook profile. Your real friends and associates will likely already know this information so including it on your profile will only increase your risk of being victimized by identity thieves.
- Limit the amount of contextual password clues on your profile pages. Identity thieves know that many people use their birth day, a spouse or significant other's name or birth date, an anniversary date, mother's maiden name, pet's name or other personal information as passwords on their personal accounts. It is also a good idea to make sure your online passwords don't include these types of personal items since they are easily hacked.
Tip #2: Proactively manage your Facebook privacy settings.
Because Facebook is a social networking site it is configured, by default, to make it very easy for other people to find you. For example, Facebook allows users to join networks which are groups of individuals that share a common trait such as having attended the same school or living in a certain metropolitan area. That means that if you join the network for the city you live in every other member of that city-based network will have access to your profile information. This means that potentially hundreds or thousands (or more) strangers could automatically have direct access to your profile.
The good news is that Facebook offers users a lot of control over their privacy setting within the "My Privacy" section of the site. This can be reached by clicking on the "Privacy" link in the upper right hand corner of any page on the Facebook website. From within the privacy section you have full control of all of your privacy settings and can fine tune who will have access to what aspects of your profile and your activity on the Facebook website.
Section: Profile
Suggested Privacy Settings:
- Select "Only my friends"in the drop down menus for each item. This will ensure that only people you have explicitly approved by adding them as a friend will have access to your personal profile information.
Section: Search
Suggested Privacy Settings:
- Under "Which Facebook users can find me in search" select "Only my friends." As in the point above, this will ensure that only people you have already approved can find you through Facebook's search function.
- Uncheck the box under "Create my public search listing." This will prevent Facebook from publishing a public version of your profile that will be listed in search engines such as Google or Yahoo.
Section: News Feed and Mini Feed
Suggested Privacy Settings:
- Uncheck any boxes associated with items you do not want published to all of your friends. It is up to your discretion as a user, but it is best not to publish any items that may expose personal information in some way.
- Uncheck the box next to "Show times in my mini feed." This will remove the day and time timestamp from any mini feed items that you do decide to publish publicly. This is a good step to prevent people from monitoring your Facebook usage habits and from knowing when you may be or have been online.
Section: Poke, Message and Friend Request
Suggested Privacy Settings:
- We suggest not exposing anything other than "Basic Info" on your outbound pokes, messages or friend requests. So, leave that box checked and uncheck the remaining boxes. This will give recipients limited information from your profile page until they have become a friend.
Section: Applications and Ads
Suggested Privacy Settings:
- This section allows you to remove applications you have previously added. No privacy setting updates needed as applications are governed by the privacy settings you set through the "Profile" section of "My Privacy."
Section: External Sites
Suggested Privacy Settings:
- Unbeknownst to many users, Facebook has the ability to track and publish information about actions you take on some large third-party websites (this is their controversial Beacon program). If you don't want this information, such as purchases you make, shared with anyone, check the box next to "Don't allow any websites to send stories to my profile."
Keep in mind that it is very easy to provide more access to people, such as your friends and family, over time but that it can be impossible to turn back the clock if a piece of personal information in inadvertently exposed to the wrong parties. For that reason we recommend that Facebook users take the most conservative approach possible to their personal privacy settings.
Tip #3: Only accept friend requests from people you know.
According to another recent Facebook poll commissioned by NextAdvisor.com, 49% of respondents said that they accept some or all friend requests that they receive from people they don't know. What many Facebook users may not realize is that by accepting friend requests from people they don't know they are potentially opening themselves up to identity theft or related crimes. As a general rule, we suggest that Facebook users only accept friend requests from people that they already know or whose identity they can verify through some other means. Here are some ways to safely add new friends on Facebook:
- When you receive a friend request from someone you already know verify they are who they say they are by sending them an email or giving them a phone call. It is easy for someone to set up a phony profile under the name of someone you know and trust in order to extract additional information from you.
- If you don't recognize the person who is making the friend request feel free to ask them how they know you before you accept their friend request by using the "send message"feature in Facebook. If they don't answer or if their answer seems suspicious you can investigate further or simply ignore their friend request.
- Some experts believe that social networks like Facebook may become the next target of sophisticated phishing scams designed to steal your online passwords or other personal information. If you receive a friend request or other information purporting to be from Facebook over email it is a good idea to login to your Facebook account directly, versus clicking on any links in the email, to verify that the communication is actually coming from the Facebook system.
Tip #4: Limit the amount of "time and place" data that you expose through Facebook.
Facebook gives users many opportunities to broadcast their schedule and whereabouts to their network of friends. Whether it is a simple status update or detailed itinerary, criminals can use information about your current or upcoming whereabouts to victimize you in a number of ways.
For example, if you publicly announce that you will be out of town for a vacation or your plans to attend a certain event, such as a concert or sporting event, criminals can use this information to determine when your home may be most susceptible to a burglary. This could open you up to any number of forms of identity theft or worse.
In general, we strongly recommend that Facebook users not publish specifics about your whereabouts and schedule.
Tip #5: Remember that even people you know can be identity thieves.
Unfortunately, several recent studies show that a significant number of identity theft victims know the person that victimized them.
Javelin Research found that a shocking 17% of identity theft crimes are perpetrated by people that the victim knows, such as friends or family members. Additionally, a recent study by the credit bureau Experian found that 55% of identity thefts perpetrated against children were committed by someone the victim knew.
We strongly recommend that even if you feel as though all of your Facebook friends are people that you know and trust that you still follow all the tips above to prevent yourself from falling victim to Facebook identity theft.
Tip #6: Consider an identity theft protection service.
Identity theft, both online and in the real world, remains a growing threat to all Americans. We recommend that all consumers consider using a proactive identity theft protection service such as Identity Guard or LifeLock to protect their identity.
Each identity theft protection service is different, but most will:
- Set fraud alerts with the major credit bureaus so that new accounts cannot be opened in your name without your knowledge.
- Provide you with identity theft insurance that will reimburse you on costs and expense you incur as a result of being victimized.
- Provide you with copies of your credit report.
You can learn more about the various benefits of identity theft protection services and learn more about the specific services we have reviewed by visiting our identity theft protection service guide and comparison.
While social networks like Facebook can be fun and productive services, it is important for users to be aware of the risks that they pose. We believe that taking proactive steps to protect your identity on Facebook will only improve the amount of enjoyment you can get out of the service.
We hope that the tips we have provided are helpful and informative. We would also really like to hear if you have any feedback or additional tips on how you protect yourself on Facebook, on other social network or on the Internet in general. Please leave any tips in the comments below.
49 Responses to “Facebook Identity Theft Protection Guide: 6 tips to protect your identity on Facebook”
Leave a Reply
About Us Blog Contact UsTerms & Privacy PolicyAffiliate ProgramSite map
Copyright© 2006 - NextAdvisor.com - All rights reserved.
March 4th, 2008 at 12:50 pm
I honestly don't see much use in Facebook or Mayspace, and these seurity issues are exactly the reason why. I just don't think that the psychic benefit of the "friends" you make is worth the risks of having your data exposed for all the world to see.
March 4th, 2008 at 1:36 pm
I agree with immediately fine tuning Facebook privacy settings after signing up, especially the public search listing. I thought it was a little ironic that one has to submit one's name and email to post a comment here. I hadn't even thought of the possibility of friends and family stealing my identity, so there's a new fear!
March 4th, 2008 at 4:36 pm
B.K.- Thanks for stopping by and leaving a comment. Point well taken. We have updated the settings on the blog comments so that people may leave comments anonymously. Thank you very much for the feedback.
March 4th, 2008 at 11:18 pm
This tips is very useful "Proactively manage your Facebook privacy settings".When I join a form or social sites I dont look settings but for this tips I must check my personal settings.
March 5th, 2008 at 5:13 am
This piece of information is really useful one. It actually help to save yourself from possible Identity theft and other severe issues.
March 5th, 2008 at 5:14 am
Useful
March 7th, 2008 at 5:50 am
Very useful info. Tip #5 is something that most of us overlook.
March 7th, 2008 at 5:03 pm
I find it interesting that people who want to add you on facebook might not be who they really are.
March 7th, 2008 at 5:16 pm
Thank you for this great article. Several of the tips are things that are often overlooked. However, it is sad that we have to be so wary.
March 8th, 2008 at 7:28 am
i use facebook and i have to say, sometimes i don't really think about this stuff and end up putting sensitive info on my profile…i'll be more careful from now on.
March 8th, 2008 at 5:20 pm
@Joe
Thanks for leaving a comment on my site.
This article is a great guide for protecting ID theft on Facebook, and other social networks.
I don't usually put too much info on my profile. Although the one thing I don't like on Facebook is requiring a surname (last name). I don't leave my last name on other social sites.
March 8th, 2008 at 7:26 pm
@Ryman – thanks for stopping by. Glad you found the post informative.
Great point regarding last name requirements on facebook. I think that is another example of a feature that helps facebook a useful social network (by making it easier to search for people by their last name) but also makes it a ripe potential target for identity thieves and other criminals.
March 13th, 2008 at 4:46 pm
Thanks for the useful info. This article made me re-think alot of things that I am or am not doing. Great stuff!
March 13th, 2008 at 10:37 pm
This tips is very useful “Proactively manage your Facebook privacy settingsâ€.When I join a form or social sites I dont look settings but for this tips I must check my personal settings.
March 14th, 2008 at 11:28 pm
I do not have account at "Facebook". I will join here shortly and follow the tips provided here.
March 15th, 2008 at 2:29 am
I like Facebook, but I hadn't realized all these opportunities for ID theft. I'll definitely keep these tips in mind.
March 15th, 2008 at 8:23 pm
The statistics stated throughout are mind-boggling. But, they are an eye-opener.
March 15th, 2008 at 8:56 pm
THIS WAS REALLY A VERY INFORMATIVE ARTICLE IT MAKES ME REALIZE JUST HOW VULNERABLE WE ARE.
March 16th, 2008 at 5:23 am
very informative i liked the post but it is a little wordy, please donot abuse my e-mail address.
March 16th, 2008 at 1:31 pm
[...] Facebook Identity Theft Protection Guide: 6 tips to protect your identity on Facebook [...]
March 16th, 2008 at 4:00 pm
[...] A commenter on this blog, Joe Fahrner, posted an article at nextadvisor.com/blog on how to protect your identity on Facebook. Like I've always say, identity thieves are out there. Don't wait till you get a huge bill from your credit card, or the law enforcement came knocking on your door. [...]
March 16th, 2008 at 10:16 pm
Hopefully many social-network newbies will read this article to get a better idea about what they can do to protect their online identities. The tips might be obvious to some of us, but those who are not as tech-savvy could really use plain language instructions.
March 17th, 2008 at 1:20 am
the tips, if followed to the word should be able to prevent a lot of cases of identity theft. But alas not everybody takes such precautions
March 18th, 2008 at 6:36 am
I can't believe that people would be so stupid as to put all their personal details on Facebook including phone numbers, addresses and the like. Not only are they opening themselves up to identity fraud, but also to loads of spam, once Facebooks opens its gates to the advertisers.
March 18th, 2008 at 10:53 am
We put our personal information out into the world on a daily basis. Swipe a credit card, fill out a job application, or even toss a birthday card. Real security is about being mindful and diligent. These are some good, and helpful tips.
March 25th, 2008 at 10:07 pm
Somebody made an account claiming to be me and even has a photo of my how do i report this identity theft
March 25th, 2008 at 10:08 pm
Somebody made an account on facebook claiming to be me and even has a photo of my how do i report this identity theft
March 26th, 2008 at 8:31 am
[...] Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.We created our Facebook identity theft protection guide to help raise awareness about the security risks that are present in the popular social network. Now it appears that a Vancouver based programer has exposed a security flaw in Facebook that has been shown to expose personal information on user profile pages. [...]
March 26th, 2008 at 10:54 am
[...] Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.A recent commenter on our Facebook identity theft protection guide asked how to report someone who has created a fake Facebook profile in her name. After doing some quick research, we found that Facebook makes it fairly easy to report a fake profile. [...]
March 26th, 2008 at 11:00 am
Hi Michelle,
Sorry to hear about your problem with Facebook identity theft. I just posted a quick guide on how to report the fake Facebook profile page in your name. You can read it here:
http://www.nextadvisor.com/blog/2008/03/26/how-to-report-a-fake-profile-page-on-facebook/
Thanks,
Joe
March 26th, 2008 at 8:56 pm
[...] http://www.nextadvisor.com/blog/2008/03/04/6-tips-to-protect-your-identity-on-facebook/ [...]
March 27th, 2008 at 8:38 am
[...] Accompanying the message is a link to a site that appears to be a Facebook login page which prompts users to enter their Facebook username and password. This page is NOT associated with Facebook and it is likely that the goal of the scam is to get Facebook users to expose their login information. As we discussed in our Facebook identity theft protection guide, this information can be the gateway to identity theft or worse. [...]
May 8th, 2008 at 12:18 pm
Look at isekurity.com these people are good!
June 18th, 2008 at 11:45 am
[...] Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.Our Facebook Identity Theft Protection Guide provides six tips to prevent Facebook users from being victimized by identity theft. These six tips concentrate on two areas in which users can be proactive in protecting their identity and personal information: limiting the amount of personal information available and restricting your Facebook profile to people you know and trust. Many of these tips are also applicable when using MySpace, but there are some significant differences between various social networking sites. While Facebook is primarily geared toward one on one interaction with people you know in real life, MySpace is more frequently used to establish a larger and more public online presence and facilitate contact with large groups of people. While we still recommend that users only accept friend requests from people they know, we realize that this is not necessarily realistic. If you do choose to make your MySpace profile visible to strangers, we strongly encourage you to be extremely careful when publishing any information about yourself. Presumably, you would not walk around in public wearing a t-shirt printed with your birthday, phone number and address. So use the same discretion on MySpace. [...]
July 8th, 2008 at 10:29 am
[...] Our research shows that a significant number of Facebook users are engaging in behaviors that may pu… [...]
July 28th, 2008 at 11:33 am
[...] Daily blog. You may want to subscribe to our RSS feed.We have warned previously of the potential identity theft risks that exist for Facebook users. One issue that we didn't specifically address was the risk that the popular social network [...]
August 5th, 2008 at 6:04 pm
[...] Facebook identity theft protection guide covered several tips on how to protect your identity while using the popular social network. What [...]
September 30th, 2008 at 7:58 am
Very useful information. You do have to be careful on these social networking sites like bebo, myspace, facebook etc and people have to be aware of how to keep safe. Very good and wise information – thankyou.
October 20th, 2008 at 6:40 pm
[...] done…you may not have done what you should have but you can fix that now. Here's a fine HOWTO from NextAdvisor I came across that seems to cover all the bases. If they missed anything, be sure to let them know, [...]
October 21st, 2008 at 9:28 am
[...] to know, or simply cannot make heads or tails of what to allow or not, try reading suggestions from this article that Chuck has found. It also gives good reasons why you do not want to give out some information. [...]
February 9th, 2009 at 5:42 pm
Any friends I add on Facebook, I share with them a note I had written that walks you thru the step-by-step process of protecting your identity & what-not. The note is viewable to any & everybody, so if you've got a facebook acct, feel free to check it out & get your profile (& any friends you're exposing) all under protection!
http://www.facebook.com/note.php?note_id=34859448397
February 14th, 2009 at 12:21 pm
Good on ya for putting this out there. I think a lot of people don't think about the privacy risks.
May 20th, 2009 at 3:23 pm
I dont have to worry about identity theft. Nobody would ever want it. I have no credit whatsoever. My score has to be 400 or less. No credit cards. No bank account, I cant open a bank account because of check systems. I am also a felon for carrying a concealed weapon, gun in the car. Oh, and I dont have a drivers license either. If anyone even wants to trade identity give me a shout
May 24th, 2009 at 2:15 pm
Jeff,
While I'm sorry to hear you feel you have no credit & would not be a target, you must think again, & just not of yourself. If you read the above carefully, there are explanations of how, if bad people hack into your account & impersonate you, they would then have access to all of your friends, being able to see their names & dates of birth, etc, & defraud them by opening credit cards in their names, etc. If you care about your friends, you will tighten up your security. If you want to feel sorry for yourself, wallow in self-pity & make your friends as miserable & angry at life as you, do nothing. Who knows, mebbe after all your friends are defrauded with help from your account, you can be a 'victim' & sue the crook (in Nigeria) & get rich off of your freinds problems. Suck it up & change your settings. You'll feel better about being a real man in this society.
May 25th, 2009 at 12:44 pm
[...] a Facebook member. He tells his story of attempting to navigate his way through the site. A second article relating to the topic of privacy observes the flaws and provides helpful methods and points to [...]
June 12th, 2009 at 4:57 pm
[...] about protecting your privacy when using social networking sites, you may be interested in our Facebook Identity Theft Protection Guide or our MySpace Identity Theft Protection Guide. Or, for information about services that can help [...]
October 30th, 2009 at 6:51 am
[...] Facebook Identity Theft Protection Guide (no [...]
January 6th, 2010 at 6:52 pm
alot of people will add random people just because they have a bunch of mutual friends
but a lot of the mutual friends just add them cuz they assume they go to their school or know em somehow
February 4th, 2010 at 12:48 am
what can i do someone is using my own identity, i always report it to block but until now my picture and my name is still using with someone else and posting anything negative about me…