Social networks ripe for exploitation by stalkers, thieves
April 11, 2011
As social media and online interaction continue to be a growing part of many people’s lives, privacy becomes a more prominent concern. Despite the rampant complaints about Facebook’s latest privacy policy changes or the increasing threat of online identity theft and credit card fraud, people continue to post private information where anybody can access it with a little digging.
Personal information, like full names, phone numbers, addresses and birth dates are invaluable to identity thieves, yet most people make the majority of this data openly available in one convenient place: on their Facebook profiles. They’re practically gift-wrapping their information for anyone who wants it. All that’s missing are their social security and credit card numbers, and those same people are often the ones who cry foul when Facebook sells their information to advertisers and other third parties.
What many people seem to forget is that this is how Facebook makes its billions. Although its exact source is unclear, a popular quote is often used in online discussions referencing Facebook’s privacy practices: “If you aren’t paying for the product, you are the product.” Facebook isn’t free to use because Mark Zuckerberg wanted to be a nice guy by not charging for it. It’s free because the site makes its revenue by selling user information to anyone willing to pay for it. The easiest way to avoid privacy issues on Facebook is to not post any information that would best be kept private.
However, irresponsible disclosure of personal information isn’t limited to Facebook. The geolocation features in services like Twitter and Foursquare allow someone to broadcast his or her home address, jobs and frequent hangouts for the whole world to see. There’s no valid reason to publicly announce when you’re at work, in class or sipping on a latte at your favorite coffee shop. In reality, what may seem like harmless or worthless information actually tells potential thieves where you live and when you won’t be home. It also tells potential stalkers where you are and your daily schedule. Either way, the inherent risks far outweigh the seemingly nonexistent benefits of publicly broadcasting your exact whereabouts and actions at all times.
Some people may think simply increasing the privacy settings on their social networking accounts will prevent them from such bleak possibilities, but these measures can only go so far. A person’s full Facebook profile is accessible to the creators of any apps he or she has agreed to use, and there’s no guarantee all of his or her “friends” will keep that personal information private.
Furthermore, advances in technology allow would-be stalkers or creeps to track people down using virtually no effort. A new application called Creepy was designed by Greek programmer Yiannis Kakavas to point out the glaring security flaws in several social networking systems. Creepy allows users to simply enter a Twitter, Foursquare or Flickr username and automatically generate a map—based on GPS data pulled from the account—showing all of the places the person has posted from. Even if users disable geolocation features in their social network profiles, Creepy can analyze GPS data automatically embedded into posted photo files by many digital cameras and most smartphones. The resulting map will show large amounts of posts clustered around specific areas, handily revealing where a target lives, works or frequently hangs out—in other words, everything a stalker could want.
The most basic way to defend against online privacy breaches is to limit what personal information is posted, disable geolocation features and avoid GPS-based services like Foursquare altogether. Embedded GPS data can be removed from photos before they’re posted to the Web using freely downloadable software such as Geotag Security. Your information can’t be accessed if you don’t put it online in the first place, so the best defense against crime, fraud and general creepiness is to use some basic precautions and common sense online.