Posting vacation plans on Twitter is probably a bad idea

Posted by Caitlin on June 26th, 2009

Israel Hyman is an avid Twitter user. He uses the microblogging service to promote his website, IzzyVideo.com, and to connect with his customers on a more personal level. So he thought nothing of sharing a few details about his recent trip to Kansas City. When he and his wife returned to their home in Arizona, they discovered it had been burgled while they were away. There's no evidence that Hyman's tweets led directly to the burglary. But I'm guessing that he regrets those tweets either way, and probably won't be posting the details of his next vacation.

Tech Digest points out that Hyman also displayed a link to his Flickr page, which contained photos of his computers, bicycle and flat screen television, all of which were geo-tagged with his home address. In the context of this story, Hyman's oversharing looks pretty foolish. But it's hardly uncommon to reveal such detail about ourselves on various social networking sites.

Tech Digest also offers five tips on how to enjoy Twitter and other social networking sites without making yourself quite so vulnerable:

1. Protect your updates. Twitter provides an option that allows only approved followers to view your tweets. You can access this option on the "Account" page, under "Settings." Simply check the box at the bottom of this page. If you choose not to protect your updates, anyone can find your tweets using the search feature, even if they are not following you.
2. Watch your words. Once you've revealed sensitive personal information on Twitter or Facebook, there's no taking it back. Even if you delete the post, that information will still be accessible to those who are willing to put in a certain amount of effort.
3. Don't geo-tag everything. Most new cell phones and some cameras offer an option to automatically geo-tag your photos. Check and see whether your pictures include location data. If so, remove that information before uploading your images to Facebook, Twitpic or Flickr.
4. Keep your personal away from your business. Tech Digest suggests that Hyman's biggest mistake was mixing his personal life and his business life in one account. On the one hand, he's sharing personal information, but on the other, he's promoting himself to strangers and acquiring as many followers as he can.
5. Don't click on every single link that comes through. Clicking on every hyperlinked URL on Twitter is a great way to accidentally wind up with malware on your computer.

That last tip deserves particular emphasis. Twitter's 140 character limit requires most links to be shortened using TinyURL or another hyperlink shortener. This prevents users from verifying that a link is legitimate before clicking. It would be quite simple to lure readers with the promise of an interesting article or some salacious gossip, alongside a link to malware.

And the personal information carelessly strewn across Twitter and other social networking sites isn't only an invitation to burglars. It's also an invitation to cybercriminals. It's easier and less risky for a thief to steal your identity than your television. And a few tidbits of sensitive data may be all an identity thief needs to crack your email password, or find some other opportunity to take advantage of you. Once he's opened a fraudulent account in your name, he can buy his own television and send you the bill.

It is certainly possible to use Twitter and other social networking websites without putting yourself at risk. Just consider the potential consequences before exposing your own personal information, or clicking mystery links. And consider investing in extra protection against these potential consequences.

• Dumpster diving remains a major identity theft risk
• Facebook exposes personal information of up to 80 million members
• Data Breach Alert: Harvard hack exposed more data than initially thought
• Facebook Identity Theft Protection Guide: 6 tips to protect your identity on Facebook
• Reader Question: How do I set a fraud alert on my credit report?