Skip to main content

Information Security

Cyber Awareness Items

Social Media

Protect your personal information from hackers, spammers, and identity thieves on your social networking sites.


Facebook, Twitter, Google+, YouTube, Pinterest, LinkedIn, and other social networking sites have become an integral part of our daily lives. These sites are a great way to stay connected with friends, family, coworkers, and many others, but you should be wary about how much personal information you post on your accounts. As the popularity of these social sites grows, the risk of using them also increases. Hackers, spammers, virus writers, identity thieves, and other criminals lurk through the shadows, waiting for a chance to pounce. Social media accounts can be powerful tools in the wrong hands. Your own accounts might seem too small or non-important to tempt scammers, but even so, with just a few followers, your information can be a valuable commodity. Read on to learn how you can protect yourself when you use social networks.

Ways to Stay Safe

  • Privacy and security settings exist for a reason. Learn how to use the privacy and security settings on social networking sites. They are there to help you control who sees what you post and manage your online experience in a positive way.

  • Use unique passwords for each account. It may be annoying to remember many passwords, but it’s absolutely essential that you don’t use the same password for Twitter as you do for, say, Facebook. Using the same password makes it easy for hackers to gain access to all your accounts – don’t get locked out of your entire online life.

  • Once posted, always posted. Protect your reputation on social networks. What you post online stays online even when you think you deleted it. Think twice before posting pictures you wouldn’t want your parents or future employers to see. Recent research found that 70% of job recruiters rejected candidates based on information they found online.

  • Your online reputation can be a good thing. Recent research also found that recruiters respond to a strong, positive personal brand online. So show your smarts, thoughtfulness, passions, and mastery of the environment.

  • Keep your personal info personal. Be cautious about how much personal information you provide on social networking sites. The more information you post, the easier it may be for a hacker or someone else to use that information to steal your identity, access your data, or commit other crimes such as stalking.

  • Know who your friends are. Social networks can be used for a variety of purposes. Some of the fun is creating a large pool of friends from many aspects of your life. That doesn’t mean all friends are created equal. Use tools to manage the information you share with friends in different groups or have multiple online pages. If you’re trying to create a public persona as a blogger or expert, create an open profile or a “fan” page that encourages broad participation and limits personal information. Use your personal profile to keep your real friends (the ones you trust) more synced up with your daily life.

  • Be selective about who you accept as a friend. Identity thieves might create fake profiles in order to get information from you.

  • Don't trust that a message is really from who it says it's from. Hackers can break into accounts and send messages that look like they're from your friends, but aren't. If you suspect that a message is fraudulent, use an alternate method to contact your friend to find out. This includes invitations to join new social networks.

  • To avoid giving away email addresses of your friends, do not allow social networking services to scan your email address book. When you join a new social network, you might receive an offer to enter your email address and password to find out if your contacts are on the network. The site might use this information to send email messages to everyone in your contact list or even everyone you've ever sent an email message to with that email address. Social networking sites should explain that they're going to do this, but some do not.

  • Use caution when you click links. Treat links in messages on these sites as you would links in email messages. They might contain viruses or lead you to harmful sites.

  • Be honest if you’re uncomfortable. If a friend posts something about you that makes you uncomfortable or you think is inappropriate, let them know. Likewise, stay open-minded if a friend approaches you because something you’ve posted makes him or her uncomfortable. People have different tolerances for how much the world knows about them respect those differences.

  • Know what action to take. If someone is harassing, spamming, or threatening you, remove/block him or her from your friends list or report them.

  • Lock your phone. Your phone can end up in the hands of a stranger, giving them access to your social accounts (and more). It’s not just rogue updates; once they’re in, they can obtain your email address, target your friends using your profile as bait, and even change your password. To make it difficult for an intruder, you should always enable the passcode lock on your phone, and set it to time out at no more than a few minutes.

Additional Tips

  • Keep a clean machine: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.

  • Own your online presence: When applicable, set the privacy and security settings on websites to your comfort level for information sharing. It’s ok to limit how you share information.

  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.

  • When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as spam/phish email.

  • Be mindful about what you post about others.