Tag Archive for: Online/Social Media Privacy

How to Protect Your College Student from Identity Theft on Campus

Five tips for better data and device  security habits at college

This fall, roughly 19.9 million college students will attend colleges and universities in the United States, and about 12.5 million of them will be under the age of 25. 

For many young adults, college isn’t just a transition to higher education, it’s a transition to living on their own and taking responsibility for their own finances, digital identity, credit score and banking information — all of which are critically important components of future success and security. 

As I wrote about back in 2010, College-Bound Students Are Vulnerable as Identity Theft Targets. So, parents, as you perform the ritual of shopping for dorm room supplies and stocking up on merch at the college bookstore, you should also be guiding your child through some key processes of establishing credit and safeguarding against identity theft on campus. I say guide because it’s tempting for parents to do the work themselves, but now is the time to step away from the snowplow and let your child learn to shovel their own road. In fact, it’s a good idea to start the process while your child is in high school.

Establish Credit

Educate your kids about starting to establish credit so they have it when they go to rent an apartment or buy a car. One of the simpler ways to do this is to have them apply for and use a student credit card with a small amount of credit. During this process (and any process like it), there are a series of security and privacy decisions that come into play. 

  • A great deal of personal information is collected, analyzed and sold by companies that prey upon naive college students. Make sure that, when applying, your child opts out of all information sharing possible. The minute or two spent changing the default settings (reading and unchecking the marketing and privacy boxes) will save the proliferation of their data down the road. 
  • Teach them to create a long and strong password (preferably with a password manager) that is unique on every website. 
  • Register for automatic account alerts when a sizeable amount of money is transferred, deposited or due so they have a daily view of their balances and activity. 
  • Have them turn on two-factor authentication to eliminate a majority of account takeover by cyber criminals. 
  • Teach them to monitor and reconcile their accounts monthly. 

Freeze Credit

Once your student has opened a credit card account, they should freeze their credit with the three primary credit bureaus: Equifax, Experian and TransUnion. This simple and free step is one of the greatest ways to protect their data and their future buying and credit power. 

Be Street Smart

Aside from protecting their cyber identity, students need to take precautions to protect their physical identity and important documents. 

  • Have sensitive physical documents (bank, legal, personal, FAFSA, applications, etc.) sent to a permanent address (e.g., parents’ home).
  • Leave your Social Security card, passport and other documents in a permanent, off-campus location (e.g., parents’ home in a fireproof and waterproof box or a bank safe deposit box).
  • Shred any important financial documents that come in the mail and never leave sensitive mail lying out.
  • Always lock your dorm room door and don’t leave devices unlocked or unattended in a gym locker, the library or a classroom.
  • Check for unusual devices added to ATMs that might be skimming card info.
  • Always cover the keypad with your hand when entering your PIN, whether at an ATM or a retail store.

Secure Devices

Make sure your student has long and strong passwords on their phones, tablets and laptops and that they don’t share them unless absolutely necessary. There are more than 100 privacy and security settings on the average phone; students need to take the time to customize them and lock down their data. 

Watch this video on How to Bulletproof Against a Stolen Smartphone

Here’s a detailed list of how to secure devices at college.

  • Don’t leave your laptop in an unattended car or in a public place (library, dining room, classroom).
  • Register your laptop with campus security if possible.
  • Install laptop tracking software (e.g., Find My iPhone, Lojak) and enable Find My iPhone on the device.
  • Spend time locking down the privacy and security settings on your smartphone — you won’t believe what you’re giving away for free and how damaging it can be.
  • Don’t store personal information (SSN, passwords, etc.) in unencrypted files or insecurely in the cloud.
  • Securely back up your files on a remote hard drive or a trusted cloud provider (iDrive, iCloud, Carbonite) in case your data is lost or frozen by ransomware.
  • Lock your phone screen with at least a 6-digit passcode — the longer, the safer.
  • Be mindful of malware and ransomware “updates” from untrusted sources.
  • Be suspicious of communal workstations in dorms, libraries, etc. Never log in to websites with usernames and passwords unless you’re certain the computer is secure and won’t save your information.
  • Turn on automatic computer operating systems, software and mobile app updates.
  • Encrypt your laptop (Apple: FileVault, Windows: BitLocker) and smartphone (by using a strong password).
  • Don’t take or store sensitive or embarrassing photos on your devices, as they are commonly exposed by hackers, friends or former girlfriends and boyfriends.
  • Invest in strong security software with anti-virus, spyware and ransomware protection, even if you own an Apple.
  • Don’t discard or sell old devices without professionally wiping them of all data and removing or erasing all SIM cards.
  • Don’t insert strange storage devices (i.e., USB drives) and only insert such devices from friends or administration after scanning them for viruses.

Be Social Media Smart

According to Pew Research, in 2018, 90% of adults between 18 and 24 used the YouTube app, 76% used Facebook and 75% used Instagram. Our kids are spending a lot of time on social media, and all those platforms are collecting data — and selling it to advertisers. Unfortunately, cyber criminals are also accessing that data and using it to commit crimes or simply selling it on the dark web.

The default setting on social media platforms is to share everything, so students should start by un-defaulting their privacy settings. This one action will put them in the top 1% of savvy social media users. This blog post from last year explains the 6 Ways Your Facebook Privacy Is Compromised. Beyond that, teach your child to be careful about who they friend and what they share on social media. 

You can find more tips on how you and your student can lock down social media accounts, as well as how to protect student data and devices on campus, in The Data Privacy & Security Checklist for College Students  (PDF).

As you send your child off to college this fall, arm them with the knowledge and power to keep their identity safe — in both the real world and online. Most importantly, let them know that it’s okay to ask for help from you, the university or a trusted advisor.

About Cybersecurity Keynote Speaker John Sileo

John Sileo is an award-winning author and keynote speaker on cybersecurity, identity theft and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.

6 Ways Your Facebook Privacy Is Compromised | Sileo Group

One billion people worldwide use Facebook to share the details of their lives with their friends and may be unaware their Facebook Privacy could be compromised. Trouble is, they also might be unintentionally divulging matters they consider private to co-workers, clients and employers.

Worse yet, they may be sharing their privacy with marketing companies and even scammers, competitors and identity thieves. Luckily, with some Facebook privacy tips, you can help protect your account online.

Here are six ways Facebook could be compromising your private information and how to protect yourself:

 

1.  The new Timeline format brings old lapses in judgment back to light. Timeline, introduced in late 2011, makes it easy for people to search back through your old Facebook posts, something that was very difficult to do in the past. That could expose private matters and embarrassing photos that you’ve long since forgotten posting.

What to do: Review every entry on your Facebook timeline. To hide those you do not wish to be public, hold the cursor over the post, click the pencil icon that appears in the upper right corner, select “Edit or remove” then “Hide from timeline.” Being able to “revise” your history gives you a second chance to eliminate over-sharing or posts made in poor taste.

2.  Facebook third-party app providers can harvest personal details about you—even those you specifically told Facebook you wished to be private. Third-party apps are software applications available through Facebook but actually created by other companies. These include games and quizzes popular on Facebook like FarmVille and Words with Friends, plus applications like Skype, TripAdvisor and Yelp. Most Facebook apps are free—the companies that produce them make their money by harvesting personal details about users from their Facebook pages, then selling that information to advertisers. In other words, you are paying for the right to use Facebook using the currency of your personal information.

Many apps collect only fairly innocuous information—things like age, hometown and gender that are probably not secret. But others dig deep into Facebook data, even accessing information specifically designated as private.

Example: A recent study found that several Facebook quiz game apps collected religious affiliations, political leanings and sexual orientations. Many Facebook apps also dig up personal info from our friends’ Facebook pages—even if those friends don’t use the apps. There’s no guarantee that the app providers will sufficiently safeguard our personal information and there are numerous instances where they have done just the opposite.

What to do: Read user agreements and privacy policies carefully to understand what information you are agreeing to share before signing up for any app. The free Internet tool Privacyscore is one way to evaluate the privacy policies of the apps you currently use (www.facebook.com/privacyscore), but remember that it is provided by the very company that is collecting all of your data. You also can tighten privacy settings. In “Facebook Privacy Settings,” scroll down to “Ads, Apps and Websites,” then click “Edit Settings.” Find “Apps You Use” and click “Edit Settings” again to see your privacy options. And be sure to delete any apps you don’t use. While you are in the privacy settings, take a spin around to find out other data you are sharing that might compromise your privacy.

3.  Facebook “like” buttons are spying on you—even when you don’t click them. Each time you click a “like” button on a Web site, you broadcast your interest in a subject not just to your Facebook friends but also to Facebook and its advertising partners.

Example: Repeatedly “like” articles in a publication with a specific political viewpoint, and Facebook advertisers might figure out how you vote.

Not clicking “like” buttons won’t free you from this invasion of privacy. If you’re a Facebook user and you visit a Webpage that has a “like” button, Facebook will record that you visited even if you don’t click “like.” Facebook claims to keep Web browsing habits private, but once information is collected, there’s no guarantee that it won’t get out.

Example: If an insurance company purchases this data, it might discover that someone applying for health coverage has visited Web pages about an expensive-to-treat medical disorder. The insurer might then find an excuse to deny this person coverage, or to raise their rates substantially.

What to do: One way to prevent Facebook from knowing where you go online is to set your Web browser to block all cookies. Each browser has a different procedure for doing this, and it will mean that you will have to re-enter your user ID and password each time you visit certain Web sites.

Another option is to browse the web in “InPrivate Browsing” mode (Internet Explorer), “Incognito” mode (Google Chrome) or “Private Browsing” mode (Firefox and Safari), which seems to be a less intrusive way to raise your privacy levels.

Less conveniently, you could log out of Facebook and select “delete all cookies” from your browser’s privacy settings before visiting Web sites you don’t want Facebook to know about. There are also free plug-ins available to prevent Facebook from tracking you around the Internet, such as Facebook Blocker (webgraph.com/resources/facebookblocker).

4.  Social readers” tell your Facebook friends too much about your reading habits. Some sites, including the Washington Post and England’s The Guardian, offer “Social Reader” Facebook tools. If you sign up for one, it will tell your Facebook friends what articles you read on the site, sparking interesting discussions.

The problem: excessive sharing. The tools don’t share articles with your Facebook friends only when you click a “like” button, they share everything you read on the site. Your Facebook friends likely will feel buried under a flood of shared articles, and you might be embarrassed by what the social reader tells your friends about your reading habits.

What to do: If you’ve signed up for a social reader app, delete it. In Facebook privacy settings, choose “Apps you use,” click “Edit Settings,” locate the social reader app, then click the “X” and follow the directions to delete.

5.  Photo and video tags let others see you in unflattering and unprofessional situations. If you work for a straight-laced employer, work with conservative clients or are in the job market, you may already realize that it’s unwise to post pictures of yourself in unprofessional and possibly embarrassing situations.

But you may fail to consider that pictures other people post of you can also hurt you.

A Facebook feature called photo tags has dramatically increased this risk. The tags make it easy for Facebook users to identify by name the people in photos they post—Facebook even helps make the IDs—then link these photos to the Facebook pages of all Facebook users pictured.

What to do: Untag yourself from unflattering photos by using the “remove” option on these posts. Arrange to review all future photos you’re tagged in before they appear on your Facebook Timeline by selecting “Timeline and Tagging” in Facebook’s Privacy Settings menu, clicking “Edit settings,” then enabling “Review posts friends tag you in before they appear on your timeline”. Better yet, ask your friends and family not to post pictures of you without your permission. Be sure to extend the same courtesy to them by asking whether or not they mind you tagging them in a photo.

6.  Our Facebook friends—and those friends’ friends—offer clues to our own interests and activities. Even if you’re careful not to provide sensitive information about yourself on Facebook, those details could be exposed by the company you keep.

Example: A 2009 MIT study found it was possible to determine with great accuracy whether a man was gay based on factors including the percentage of his Facebook friends who were openly gay—even if this man did not disclose his sexual orientation himself.

Sexual orientation isn’t the only potential privacy issue. If several of your Facebook friends list a potentially risky or unhealthy activity, such as motorcycling, cigar smoking or bar hopping among their interests—or include posts or pictures of themselves pursuing this interest—an insurer, college admissions officer, employer or potential employer might conclude that you likely enjoy this pursuit yourself.

What to do: Take a close look at the interests and activities mentioned by your Facebook friends on their pages. If more than a few of them discuss a dangerous hobby, glory in unprofessional behavior, or are open about matters of sexual orientation or political or religious belief that you consider private, it might be wise to either remove most or all of these people from your friends list, or at least make your friends list private. Click the “Friends” unit under the cover photo on your Facebook page, click “Edit,” then select “Only Me” from the drop-down menu.

Most of all, remember that Facebook and other social networking sites are social by nature, which means that they are designed to share information with others. The responsibility to protect your personal and private information doesn’t just fall on the social networks; it is also up to you.  Following these Facebook privacy tips can help you succeed in keeping your most personal information safe. 

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

[youtube https://www.youtube.com/watch?v=VgwQPhpRPd0&rel=0]

Facebook’s Law Enforcement Phone Option | Sileo

Facebook: Press 2 For Law Enforcement

Click Here to reach Facebook’s Law Enforcement Page

PLEASE NOTE: WE DO NOT HANDLE ANY FACEBOOK COMPLAINTS OR QUESTIONS, AS WE ARE NOT AFFILIATED WITH FACEBOOK IN ANY WAY. THANK YOU. 

I received an email last night from a well-known TV anchor wanting my input on a new Facebook issue.  He’d read that when calling Facebook Headquarters, the automated attendant comes on and gives you options to reach each department, and the second option was to press 2 for “law enforcement.”

It could seem odd to many, but it’s true. If you call the Facebook Headquarters (650-543-4800) and reach the switchboard, the 1st option is “For customer support, press 1” and the second option is “For Facebook law enforcement, press 2”. Law enforcement comes ahead of business development, marketing, press, and employment verification in the list of options.  When you press 2, the next message says: “This message is only for members of law enforcement. Please note that due to a very large volume of incoming calls, the current call back time is two to four business days. For a faster response, please leave your work authorized email address… A member of Facebook’s security team will email in a timely manner.” Which means that Facebook is very busy fielding calls from law enforcement.

The anchor, and the rest of us, want to know why!

Facebook receives all kinds of requests by law enforcement, as it is essentially a diary of each and every user. Don’t confuse it with a typical diary of the pre Web 2.0 era. The modern diary (or dossier, as I more commonly refer to social networking profiles) is a photo journal, video log, friendship org chart, location status, written history, browsing analyzer, that is so effective because it can be so addictive. In other words, the Facebook activity of an average user is a digital representation of  that user’s identity. So, to net it out, here several reasons law enforcement officers call Facebook:

  • Tracking listed sex offenders for inappropriate use of the Internet
  • Civil dispute subpoenas (domestic cases, child custody, harassment, etc.)
  • Evidence used in the discovery process (establishing intent, state of mind, relationships, etc.)
  • Cases of libel or defamation
  • Terrorist activity tracking and fundraising
  • Background checks for local, regional and federal governmental positions
  • Background checks on potential jurors (see tomorrow’s story about a juror who was dismissed because of a Facebook post)

This is a fascinating and under-reported aspect of social networks – they are providing an open book on people (for good and evil) that used to take investigators (and scammers) weeks or months to collect. All you really need is a subpoena, or to friend the person on whom you are collecting data.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

[youtube https://www.youtube.com/watch?v=VgwQPhpRPd0&rel=0]

Facebook Privacy Settings Update

During a time when rules, laws and privacy settings are having trouble keeping up with technology, Facebook is having trouble keeping up with their ever growing population. Recently topping 350 million users, Facebook is scrambling to satisfy them all. Recently, Mark Zuckerberg, the CEO of Facebook, posted an open letter on the website discussing changes to the Facebook privacy setting that they are implementing to help make their users data less public. Take a minute to read the full article and protect your profile.

Order your copy of the Facebook Safety Survival Guide to make sure you and your children are protected online.

John Sileo became America’s leading Identity Theft Speaker & Expert after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC.  To learn more about having him speak at your next meeting or conference, contact him by [intlink id=”15″ type=”page” anchor=”Contact John Sileo”]email[/intlink] or on 800.258.8076.