What is a social networking site?
Social networking sites sometimes referred to as “friends of friends,” are based on the concept of a traditional social network where you connect with new people through people you already know. The purpose of some social networking sites may be purely social, allowing users to establish a friendship or romantic relationship, while others may focus on establishing business contacts.
Although social networking sites function differently, they all allow you to provide information about yourself and provide some sort of communication mechanism (forums, chat rooms, email, instant messaging tools) that allow you to connect with other users. On some websites, you can browse people based on specific criteria, while others require that you “introduce new people” through the links you share. Many sites have communities or groups that may be based on specific interests.
Have these sites possess any security risks?
Social networking sites rely on connectivity and communication, so they encourage you to provide a certain amount of personal information. When deciding how much information to disclose, people may not behave as carefully as they did when they first saw each other
- The Internet provides an anonymous feeling
- Lack of physical interaction provides a false sense of security
- They tailor the message to their friends, forgetting that others may see it
- They want to provide insights to impress potential friends or colleagues
- While most people who use these sites do not pose a threat, the availability of personal information can be very attractive as it is highly accessible and numerous. The more information the malicious person gives you, the easier it is for them to take advantage of you. Predators may form a relationship online and persuade unsuspecting people to meet in person. This can lead to dangerous situations. Personal information can also be used for social engineering attacks. (See Avoiding social engineering and phishing attacks for more information.) Using the information you provide about your location, hobbies, interests, and friends, malicious people may pretend to be trusted friends or convince them to Access other personal or financial data.
In addition, due to the popularity of these sites, attackers may use these sites to distribute malicious code. Sites that provide applications developed by third parties are particularly sensitive. An attacker could create a custom application that may appear innocent when infected with your computer or share your information without your knowledge.
How can you protect yourself?
- Limit the number of personal information you post – Do not post information that makes you vulnerable to attacks, such as your address or information about your schedule or schedule. If your contact has posted about you, make sure the syndication does not exceed your knowledge of strangers. When publishing information including photos, please be aware of your connection.
- Remember, the Internet is a public resource – you just can not be uncomfortable with anyone posting information. This includes information and photos from your profile and blogs as well as from other forums. And once you post the information online you can not withdraw it. Even if you delete information from your site, the saved or cached version may still exist on other people’s machines. (See Guidelines for publishing information online.)
- Beware of Strangers – The Internet makes it easy for people to distort their identity and motivation. (See Safely Use Instant Messaging and Chat Rooms.) Consider limiting the people allowed to contact you on these sites. If you interact with someone you do not know, be careful about the amount of information you disclose or agree to meet in person.
- Doubt – Do not trust everything you read online. People may post wrong or misleading information about various topics, including their own identity. This is not necessarily a malicious intent. This may be unintentional, exaggerated or joking. However, take appropriate precautions and try to verify the authenticity of any information before taking any action.
- Assess your settings – take advantage of the site’s privacy settings. The default settings for some websites may allow anyone to view your personal information, but you can customize your settings to limit access to only certain people. Despite these restrictions, privacy information may still be exposed, so do not post any information you do not want the public to see. The site may periodically change its options, so check your security and privacy settings regularly to make sure your choices are still appropriate.
- Beware of third-party applications – Third-party applications may provide entertainment or functionality, but be careful when deciding which applications to enable. Avoid apparently suspicious applications and modify settings to limit the amount of information that your application can access.
- Use strong passwords – Protect your account with passwords that are not easily guessed. (See Choosing and securing your password.) If your password is compromised, others may visit your account and pretend to be you.
- Stay current with software, especially web browsers – Install software updates so that attackers can not take advantage of known issues or vulnerabilities. (See Understanding Patches.) Many operating systems provide automatic updates. If this option is available, it should be enabled.
- Using and Maintaining antivirus software – Antivirus software helps protect your computer from known viruses, so you may be able to detect and clean the virus before any damage occurs. (See Understanding anti-virus software.) Because attackers are constantly writing new viruses, it’s important to keep the definitions current.
- Children are particularly vulnerable to the threat of social networking sites. Although many of these sites have age restrictions, children may distort their age in order to join. By educating kids about Internet safety, understanding their online habits and guiding them to the right place, parents can ensure that children become safe and responsible users.