Sunday, April 17, 2016

Keep yourself secure on facebook! (updated)

Lots of our friends at St Paul's are eager users of facebook.  Unfortunately, there are a lot of eager Facebook users who are not our  friends, and who want to scam or steal information.  In this blog post, we'll describe some basic steps to secure your information (and that of your friends) on facebook.  Importantly, you rely on your friends to keep YOUR information secure, so please share this widely!

A.  Duplicate accounts and friend requests

Have you ever gotten a friend request from someone that you think is already a friend?  Probably,you just assume that they had a problem and have set up a new account, so you confirm the friendship.

Unfortunately, that's almost never the case.  Rather, your friend John Doe is being spoofed:  someone else has set up an account in John Doe's name, with his same profile picture, and is asking all his friends to friend him again.  Once you friend him, the spoofer gains access to all YOUR information and that of all YOUR friends,   often including birthdays, phone numbers, etc, for future scams.  The spoofer may spoof YOU next!

Although John may think his actual account has been highjacked, it hasn't.   Instead, someone has used his profile picture (which is public and can be copied), and his friends list to impersonate him.

There are several steps to dealing with this.  First, if you are already friends with John Doe, don't friend him again! Send him a message or a text, or give him a call, and tell him that someone may be spoofing him.  (If you DID accidentally friend John, unfriend John the Second right away!)

Second, if you are John Doe, let your friends know you've been spoofed.  Tell them not to accept a new friend invitation, and if they did, to unfriend  the faked profile. (It will be the one with the fewest mutual friends)

Third, make sure you don't get spoofed. This happened because John's friends list was public.  That is, a spoofer could look at John's facebook page, and see all his friends listed.  Unfortunately, this is the default setting on Facebook, and you need to take steps to be sure your list of friends is private.  Of course, your own information depends on your friends keeping THEIR list private too!

Here's what to do:

A.1.  Go to your timeline (not your newsfeed).  You can get there by clicking on your name and photo in the blue bar from your home screen.

A.2. Click on the "Friends" button underneath your cover picture.

A.3.  This will open a panel with all your friends listed.  At the top right of the panel, there's an icon with a pencil.  Click on that and choose "Edit Privacy".

A.4.  This will open a new window.  Make sure that your friends list is limited to "Friends", or "Only me".  Same for the "Following" panel:  choose "Friends" or "Only Me".

A.5.  Click done!  You're all set.

B. Protecting your  privacy

You don't need the whole world to see your information on facebook, including your birthday, phone number, posts, etc.  I recommend that you keep your profile as private as possible.  Fortunately, Facebook is starting to help you do that.

B.1 At the top right of the Facebook blue bar, there's an icon of a padlock.  Click on that, and Facebook will open a basic privacy page.

B.2  What this window looks like may vary from user to user, but the gist is the same. At the very least, you want to make sure that only friends can see your posts.  I strongly recommend limiting access to previous posts to friends only as well.   You may also want to limit public access, so that people cannot find your  facebook page on the  internet.  There's also an option that lets you view your facebook page as  though you were J. Random Person,  so you can see what is already out there. 

B.3 You can also look at a more detailed menu of settings by clicking on the downward-facing arrow.

B. 4  This opens a long menu on the left, where you can explore security and privacy settings individually.

B.5 You may want to consider the option of having Facebook remember your browser, so that if someone logs into your page from another browser, you get a message.

B.6  As with all things on the internet:   choose a secure password and do not use the same password on multiple sites.  Your facebook password should be unique,  and a mixture of numbers and letters.  

C.  Messenger scams (updated 8/17)
There are scams using Facebook's messenger tool, particularly ones that appear to come from friends who have a video to show you.  Generally you should not click on any videos without verifying with your friends that they sent it. And never, ever, enter your log-in information, or allow the installation of software, when you click on a link in messenger or Facebook.

I hope this helps you secure your facebook page and enjoy social media more safely.  Let us know in the comments if you have any questions!

--Susan Forsburg 
blogmaster & Photographer

1 comment:

Donna L Turner said...

Thank you Susan, for helping keep us safe! In case people haven't noticed, there is a fake Peter Bergstrom out there now, so check how many Peter's you have in your friends list.