Identity Theft Expert and Speaker  

Robert Siciliano Identity Theft Expert

The Marines recently banned soldiers from using social media sites such as MySpace, Facebook and Twitter. This is for two reasons. First, because they fear that these sites’ lack of security may allow malware to infiltrate government computers. And second, they’re concerned about the potential for leaked military data. Military personnel are often prohibited from informing friends and family of their locations or missions, regardless of whether they’re communicating with handwritten letters, email, or the telephone. These measures are necessary to prevent leaks that would impede the soldiers’ missions and safety.

It’s no surprise that they have now banned social media.  I recently reported on Sir John Sawers, the incoming head of MI6, the British equivalent of the CIA. His wife posted sensitive personal information to her Facebook page, including the address of the couple’s London apartment and the locations of their children and Sir John’s parents. Military personnel should held to a higher standard. We are talking about national security here, and we can’t risk leaks that could jeopardize lives.

Anyone who thinks this is absurd need only look at sporting events for confirmation of why this type of communication should be banned. Every time I watch a baseball or football game, when I see the coaches talking to players, or the pitcher talking to the catcher, they cover their mouths with a hand, glove or paperwork. Why? Because there are thousands of “lip readers” watching the event who are happy to report on what was just said in order to give the opposing team an advantage. You’d think after all these years covering their mouths, lip readers would just give up. But no, that’s not the case at all. There’s always someone watching, waiting, hoping for someone to screw up so they can give the other team an advantage.

Today, social media gives scammers an advantage. Somebody is always watching and waiting for an opportunity. Social media is built on trusting relationships. Scammers can exploit that trust to gather information that could be used in password attacks. If you ever forget your password and have to reset it, the answers to several of the security questions might already be available in your profile. And in many cases, the default privacy settings leave profiles open to anyone.

Security professionals were able to create a virus called ZombieSmiles, which gains control of the victim’s browser and allows the hacker to access supposedly private data through the Facebook API, including friends, groups, wall postings and applications. Facebook applications allow a third party to access your data, which opens a Pandora’s box of possibilities for hackers. So if you send me a Facebook application and I refuse, it isn’t because I’m being rude, it’s because I think that the potential risks simply outweigh the benefits. No offense. I just don’t want my identity stolen.

If you use social media and regularly update your status or profile with pictures, video, or information about your whereabouts or daily routines, please keep the following advice in mind:

1. Before you post anything online, think about what a hacker, stalker, employer, or potential employer could do with that data. Could an ex, who’s fighting for custody, use the data against you in court?
2. Don’t give away specifics. Don’t post your address, date of birth, kids’ names, pets’ names, phone numbers, or any account numbers or financial information of any kind. You really shouldn’t even post childrens’ photos online.
3. Do not tell the world you are going on vacation! Or if you’re just going to dinner or the beach and won’t be at your house for several hours, why would you let potential burglars know that you’re away?
4. If you’re a “partier” and like to imbibe, informing the world that you just smoked a joint is not only one of the worst things you could do for your career, it also makes all your friends guilty by association. And don’t announce that you’re hungover, because after the age of 23, you ought to know better.
5. Before posting pictures or videos, consider what a criminal or potential employer might see. Could they be used against you in any way?
6. If you let your kids use social media, you must monitor every aspect of their Internet activities. Pick up McAfee’s Family Protection software and take control of your childrens’ Internet use.
7. Take advantage of privacy settings and lock down your profile, so that only those who you approve can view everything.
8. Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
9. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

Robert Siciliano Identity Theft Speaker discusses a Facebook Hack on CNN