FaceBook - Minimizing Risks

This week Bob Sullivan, a writer for Red Tape Chronicles, posted an alarming article chronicling Bryan Rutberg’s nightmarish experience with Facebook identity theft. As with any online experience, using a Facebook account involves some risk. But it’s too late for me to close my account: I am hooked. Whether keeping current on my regular friend posse, getting to know my younger cousins, reacquainting myself with old friends, or playing WordTwist, Scramble, and PathWords, I enjoy it far too much to be intimidated by Internet thugs. Instead, I investigated ways to protect myself as I continue friending, posting, poking, and playing.

Several reputable sites suggested advice that generally fell into five basic categories. Of course you will want to balance caution with utility. The more restrictions you impose, the less social your experience becomes.

Limit access – Look carefully at your privacy settings and control access to your page. Joe on NextAdvisor detailed specific directions for which setting selections to choose.

Limit information – Reconsider what information you share. Mischief-makers don’t have to be incredibly clever to triangulate the data that you provide. Profile visitors who access your email address already possess half of the information needed to hijack your account. Also important to consider is this: information posted once becomes a permanent Web resident, even after its removal. By using tools like the Internet Archive users may access the old postings indefinitely. Retraction, if not impossible, is difficult, especially considering the social nature of Facebook.

Verbal information is not the only data important to restrict and protect. Understand that your posted photos may be copied and altered. Remember Sara Palin in the bikini?

Create a strong password and change it often. A strong password, according to Matthew Sarrel in PC Magazine:

• is six or more characters long;
• contains a mix of letters, numbers, and symbols;
• is not the name of your dog or cat; and
• contains words not found in the dictionary.

Obviously, you should not share your password with anyone. But what about parents who want to know their children's passwords for social networking sites? Legally Facebook cannot give parents their children’s passwords. One exception is the case of a child younger than 13 who has opened a Facebook account by providing false information. Parents may want to consider allowing their minor children Internet access only after obtaining their passwords. I won't get into that ethical dilemma here except to say that the excellent article by Neil Rubenking in PC magazine should be a good source of information on parental controls.

Be a cynic – Know who you friend. If something doesn’t feel right, investigate. Report suspicious or offensive behaviors, comments, postings, compromised accounts, or fake pages to Facebook.

Consider Using Anti-phishing technology. According to Wikipedia (backed by solid sources), “Microsoft's IE7 browser, Mozilla Firefox 2.0, Safari 3.2, and Opera all contain this type of anti-phishing measure."

Addendum: This week (2/11/09) Sarah Perez's technology article in the New York Times explains how to set up separate friends lists. To differentiate privacy settings, you can sort friends into lists according to the information you want to allow them to access.

Also...see related blog piece.

SOURCES

Eric Griffith for PC Magazine

FTC – a consumer protection site

Matthew Sarrel for PC Magazine

Neal Rubenking for PC Magazine

NextAdvisor

Red Tape Chronicles

Sarah Perez for New York Times

Wikipedia