Sharing of Information should only go so far

Facebook is without a doubt the most popular social networking site in existence. It reached 687 million users in 2011 worldwide in spite of a slight decline in the west, according to Aljazerra. It claimed about 955 million users in July 2012, although placed the estimate at a slightly lower 873,964,280 on the same day.  It has been credited with being one of the most pervasive sources of information around. This causes some totalitarian countries to attempt to filter or block portions of the site. However, people find ways around these restrictions, showing that the free flow of information is difficult, if not impossible, to control.

However, is it good for all information to be freely available at all times? Some information can be used against people and organizations for fraudulent purposes. Identity theft is on the rise, and there is considerable damage to the finances and reputations of those affected.

The majority of identity theft is still done the old fashioned way. Sifting through dumpsters and trash bins still provides a wealth of information. A shocking statistic on the Spam Laws website is that 43 percent of victims believe they know the person who stole their identity. However, as people put more information online, it has not only become easier to get information, but hacking into systems can provide information about more people quicker and easier than any manual methods.

Facebook however, is essentially an information sharing site. Very little actual hacking is required to get information that could lead to a compromise in other online accounts, including accounts with access to banking and financial institutions.

Once someone has personal information, how easy is it? Just ask Sarah Palin, Paris Hilton, or Scarlett Johansson. The celebrity site Gawker ran an article on “How Easy It Is To Hack Hollywood” using information that can be easily Googled.

Granted, those are celebrities, but with social networking sites, even people who aren’t famous have their information online and readily available to anyone who may gain access.  On Facebook, all someone has to do is “friend” another who does not have that person’s best interest at heart, and much of that private information is now shared with this new “friend”.

What is even worse is that some information is shared with friends of friends, and this can be done without the user of Facebook even knowing it. The security controls on Facebook are so bewildering, and change so often that it seems they make the news over security and privacy concerns quite often.

There is an added risk in Facebook apps that are sometimes used. Often, the risk poses itself as a fun game or access to some tantalizing information. However, the app will often ask for permission to have access to a user’s profile data. While all that most of them do is post stuff to the user’s wall, one that asks for access to other data might be a Trojan horse concealing its true purpose. Unfortunately, Facebook has had quite a share of these.

There are two primary concerns in regards to criminals accessing personal data.

Concern 1: The ability to hack other online accounts

What is of primary concern is the sharing of any information that might be a username, password or an answer in a security question. For example, Paris Hilton’s email account was hacked because one of the security questions was her favorite pet’s name. So, if someone posts often about their pets, this is a weakness in their online security if it is also a security question at any websites they frequent. Sharing email addresses may also be a bad idea, as these are often used as usernames on many websites, thus leaving the perpetrator free to concentrate on the password portion. This is one reason Facebook now typically hides email addresses.

It actually can get even worse since many people use the same password on multiple accounts. Recently, several Yahoo! accounts were hacked, most likely through Yahoo! Voices accounts (was previously known as Associated Content), as reported in the Washington Times. While this is not strictly a Facebook issue, if someone does hack into a user’s Facebook account, they could try other online accounts with the same password.

This all points up to some guidelines that should be taken while using the Internet in general:

Don’t use the same password for multiple accounts. This makes anyone trying to hack into other accounts work harder at it. Use a “strong password.” The more random, the better it is.  In general, it should be eight characters or more, at least one uppercase and one lowercase letter and at least one number. The number should not be on the end of the password, either, as that is what a lot of people do. Using a special character, such as ‘#’ or ‘%’, adds even more security. Don’t publish information asked in any online security questions. These may range from the city the person grew up in, mother’s maiden name, pet’s name or an elementary school attended. It is prudent for someone to review their Facebook, and other profiles to determine which information is published, and change any security questions with those answers.

These guidelines will slow down someone determined to hack into other accounts, but it probably won’t do much for the second concern.

Concern 2: Ability to take out loans and such in another’s name

True identity theft occurs when a criminal is able to impersonate someone else and do financial transactions in the victim’s name. This may be a bank loan, credit card or some other credit vehicle that will be used long enough to stack up enormous debt and leave the victim high and dry for the balance.

Credit applications often contain a lot of personal information. Naturally, so does Facebook. By befriending the wrong party on Facebook, they will be granted access to information that may be enough in order to fraudulently obtain a loan in the victim’s name.

If the person already knows the victim (again, 43 percent believe it was someone they knew), then Facebook might provide just enough to fill the gaps on a loan application or credit report.

Is the risk worth it?

At the end of the day, each individual has to determine for themselves how much sharing is worth the risk.  Some have closed their Facebook accounts and not looked back. Others keep on top of the constantly changing security settings that Facebook provides. The latter group understands that even if they were to close their Facebook account, vigilance is still the key in catching identity theft early on before it balloons out of control.

One way a person can do so is to monitor their credit report on a regular basis.  Everyone is entitled to a free credit report each year, but there are three agencies with some overlap. One way to work the system is to request one from each agency staggered throughout the year.

There are some fake “free” websites out there that try to hook you in with free credit reports. This is why the Federal Trade Commission website states: “ is the only authorized source for the free annual credit report that’s yours by law.”  It is important to take heed to this. Crown Financial Ministries also lists information about contacting each agency directly on their website in their article “your credit report yourself.” You should only have to pay if you want a credit score, or if you need more than one per year from a given agency.