Internet security experts BullGuard (http://www.bullgard.com) says its research shows that Internet users can be overly complacent about posting personal or potentially sensitive data online.
When questioned about various information stored on social networking sites, forums, groups and other interactive services, 42% of 2,000 Brits surveyed admitted to posting their date of birth, 18% posted their telephone number, 28% opted to have usernames and passwords remembered and 14% did the same for bank details.
When questioned specifically about social networking services such as Facebook and Twitter, 36% admitted to posting their pets’ names on public pages, 24% shared children’s names, 7% their address, and 11% showed off photos of high value goods such as a car or TV. Worse still, over a third of Facebook and Twitter users admit to updating their profile to inform people that they are away for the weekend or going on holiday, thereby potentially alerting their absence to thieves.
Opportunistic malicious parties often find such sources to be prime targets for gathering information on users, and without sufficient security measures in place this makes it all too easy to gather personal details that could make an individual more vulnerable to attack.
“Though this sort of information may seem harmless to share with others, much of it is commonly used as security questions when accessing an online bank or confirming identity over the phone,” says Claus Villumsen, Internet security expert at BullGuard. “It’s also a bad idea to publicize the fact that you will be away for any period of time, especially if the house will then be empty, as this just gives more information to would-be thieves as to your whereabouts.”
Part of the appeal of social networking is obviously the ability to share information to stimulate conversation and build a “personality” online, but this is something that malicious users are also aware of, making it an attractive way to build up a profile on an individual. Though excessive caution may take the fun out of such activities, a number of simple safeguards can be used to help ensure that users don’t become a target, says Villumsen.
BullGuard recommends the following safeguards to help ensure that sociable web users can enjoy an online experience without being at risk:
° Never accept friend requests from people you don’t know, or who aren’t easily identifiable from associations with other friends.
° Spend some time learning about the security measures available on sites like Facebook, and ensure that posts and photos aren’t available to everyone. It’s often easy to restrict information to friends, or friends of friends, though the former is obviously more secure as you can’t guarantee that others will be as vigilant in whom they allow to read their posts.
° Strip out any personal details from a profile that don’t really need to be there – for example pets’ names, addresses, maiden name and date of birth. This is particularly important if you use services that request this sort of information to confirm your identity, have been used as a security question in the event of a password being forgotten or are used to log into a web site.
° Ensure that any passwords used for important sites or services bear no clear relation to any hobbies or interests you may have, as a would-be thief may try common words linked to these subjects when attempting to guess a password.
° Be sure to log out securely at the end of each session, and where possible use a secure login if you are accessing a site away from home. On public computers, the next user may be able to access your account and gather information at their leisure.
° Be wary of engaging in a conversation with people you don’t know, and particularly so if they start to ask for personal information or other sensitive details. It’s usually fairly easy to block these users to avoid being bothered by them again.
° Avoid storing any sensitive information, such as bank numbers, credit card details and passwords in email accounts or documents on a computer. It may serve as a handy reminder, but could be disastrous if it were to fall into the wrong hands.
° Where possible use a pseudonym to identify yourself on sites where using a real name is not required. This will help prevent a third party from tracking down information to a named individual.
The BullGuard survey of 2,000 Brits who are online was carried out by market researchers, OnePoll (http://www.OnePoll.com).