- Social media identity theft grows more prevalent as social networks further integrate with daily life.
- Simple mistakes can compromise your personal information, allowing scammers to steal your identity and use your Social Security number or damage your credit.
- Several basic practices can mitigate this risk and protect your profile, such as customizing your privacy settings, hiding your current location, and creating strong passwords.
- Keeping your identity secure on social media is a simple but essential process to ensure your financial health and personal safety.
Julie Myhre, editor of NextAdvisor, contributed the original version of this article to Business News Daily's Expert Voices: Op-Ed & Insights.
By definition, social media is all about sharing information, whether it's photos, articles or even your thoughts. But how safe is it to be sharing your personal identity and private information on social media? Active social media users are 30% more likely to be affected by identity fraud; account holders on Snapchat, Facebook and Instagram are the most likely victims, with a 46% higher risk.
More than 5% of 2019 consumers were victims of identity theft for almost $17 million in damages – an increase of over $2 million from the previous year – according to the 2020 Identity Fraud Report by Javelin Strategy & Research, one of the top comprehensive analysts of identity fraud.
Key takeaway: Social media encourages sharing personal information, but reckless oversharing can endanger your personal safety and financial records.
How to protect your privacy on social media
1. Keep your personal information private.
A previous Javelin report studied media behaviors and found that 68% of people with public social media profiles shared their birthday, with 45% of those users sharing their full birthdate; 63% shared the name of their high school; 18% shared their phone number; and 12% shared their pet's name.
It is always safer to omit information about yourself than include it on your social media. Just because there is an option to include your current city doesn't mean you have to. Give a generalized version of that information or no information at all. For example, the San Francisco Bay Area is a general option for Burlingame, California. This still gives some information, but makes it a little more difficult to figure out your ZIP code or home address.
2. Set strict privacy settings.
Go into the settings for your Facebook, Twitter, Pinterest, Instagram, and LinkedIn to edit your privacy settings. Make sure all of your personal information – such as your birthday, current location and workplace – is private or visible only to your friends. When your privacy settings are more lenient, you're giving strangers easy access to all of your information. They won't even have to hack into your account to discover everything they might be looking for.
3. Don't tag or post your specific location.
The location tag is a fun feature, but not everyone needs to know where you are at all times. It makes you and your home vulnerable, especially if your profile is public. It's cool to let your social media friends know that you're at Disneyland with your sister, but you're also letting everyone know that you're more than 100 miles away from your home, which makes it available for break-ins.
4. Know your friends/connections.
It's important not to make yourself or your information vulnerable to people you have never met in real life. Steven J.J. Weisman – a lawyer at Margolis & Bloom and senior lecturer at Bentley University who specializes in cybersecurity and identity theft – said that befriending people you don't know makes it easier for them to use the information on your social media to find out more about you.
"These 'friends' who don't know you gain access from your Facebook page to personalized information that often can be used to make you a victim of identity theft," he said, "often by providing information that can permit someone to learn or reasonably guess your email address or answer your security questions."
Don't add someone as a friend just because they send you a request. There is a "decline" button, and you should use it on a suspicious friend request. You can also unfriend, unfollow, or disconnect if you add someone and then realize they're a stranger or a fake account created only to access your information.
5. Always log out of your social media.
This is especially important when you use a public computer, such as at a library or hotel. The reality is that we all have some private information on our social media account – even if it's only our name and a photo – and you don't want to give someone easy access to your identity. Leaving your account open allows anyone who next sits down at that computer to see all of your recovery email addresses, phone numbers, credit card information, private messages, and friends and family.
6. Use strong passwords.
Passwords are one of the keys to your identity, so make them effective. The best passwords combine letters, numbers and punctuation marks in randomized, nonsequential order. Avoid using full words and anything related to your birthday or current and previous addresses – these are the first keywords hackers will guess when attempting to log in to your accounts.
7. Use an internet security software suite.
Internet security software protects your identity when you're surfing the web or using social media. As Weisman said, sometimes you will open a link or download a file in a message from a "friend," and it contains a keystroke malware program that can steal all your personal information from your computer.
One way to prevent this is to get antivirus software that detects and removes malware. Most internet security software suites have identity theft protection features like anti-keyloggers, secure environments and encrypted password protection.
While all of these steps can help prevent social media identity theft, Ravi Bhatia, founder and director of outreach at Ashland Prep, said the only way to truly protect your identity on social media is to not use it.
"People should use social media only if they're willing to accept the small chance that it can ruin them," he said. "If they fear the consequences, then they should avoid them at all costs."
Key takeaway: Most social media security tips are common sense, but practices such as setting your information to private, always logging out, and using strong passwords will safeguard your account and information.
Scams to watch out for
Social media identity fraud can be difficult to recognize, because the most dangerous scams constantly change to reflect current events and take advantage of consumer patterns. Recent scams have shifted from email phishing to account fraud, leveraging fears about the COVID-19 pandemic. These fraudulent accounts pose as government agencies and post vaccine misinformation or dangle fake employment opportunities, enticing unsuspecting users to provide their contact or billing information in an effort to learn more.
These are some common schemes:
- Impersonation: A hacker can message friends of the compromised account and ask for favors. Some messages may be innocuous, asking your friends about your weekend plans or work hours to learn when your home will be vacant. Others are more overt. These messages may claim that your friend is in some form of trouble and urgently needs money. Never consider sending money without verifying that the request is genuine.
- Quizzes: These scams pose as fun games to post publicly and share with friends. Many quizzes ask questions about the street of your childhood home, the name of your first pet, or your favorite restaurants. These sound familiar because old password prompts asked the same questions. Posting your filled-out questionnaires offers potential hackers an easy opportunity to learn your passwords.
- Business opportunities: When looking into employment opportunities, remember one golden rule: If you have to pay for anything, you are their customer, not their employee. These offers often come in the form of a pyramid scheme. The messaging party, who is almost always unsolicited, promises to send you a starter pack that you can sell. But first, of course, you need to provide your credit card information. Never, under any circumstances, provide credit information unless it is to make a purchase through a secured company page.
Key takeaway: As scams transition from email to social media outlets, practice healthy skepticism. Always research a person or organization before offering any personal information.
Jordan Beier contributed to the writing and reporting in this article. Some source interviews were conducted for a previous version of this article.