Social Networking Sites

Social networking sites have gained significant popularity recently. These sites often provide ways for users to interact and share information with one another. Unfortunately, information listed on these sites can be used against users. In additional to being a possible vector for a social engineering attack, these sites often retain posted text and images indefinitely. A user may find it difficult to fully remove unwanted images or text referring to him/her.
 
An example of a possible concern when using social network sites would be an upset user writing a heated post. A possible future employer could see this post and think it is indicative of the user’s normal attitude.
 
Another concern is the posting of too much information. A common feature used to ensure someone’s identity is a security question. This question should involve information only known by the user. If a user unintentionally posts the response to this question, an attacker could answer the security question. For example, if a user completes the security question “What was the name of your first pet?”, then writes a post talking about his first pet and includes its name, an attacker would have the information needed to defeat the security question.
 
A final concern for social networking sites is the unauthorized access of accounts. If a user’s account is compromised, the attacker could make inflammatory or embarrassing posts under the guise of the user.
 
What can I do to protect myself?
 
Users should be cautious when posting text and images to social networking sites. Care should be taken to ensure posts would not reflect poorly on not only the poster, but other users as well. Users should also ensure posts do not contain too much information, which could lead to identity theft.
 
Users should use strong passwords for social networking accounts. Strong passwords are typically fifteen characters in length. Passwords should also contain upper and lower case letters, numbers, and special characters. Passwords should also not contain dictionary words.
 
Users should also remain vigilant when receiving unsolicited files and hyperlinks from other social network users. Accessing these attachments could result in the unwanted infection of a computer system with malware.