Social Media – Be Careful: Be Discreet: Be Prepared

As the academic year comes to a close most of us will continue to stay in contact with friends and colleagues over the summer through social media. Social media has many positive applications but it is also used for malicious purposes, including cyberbullying, cyber threats, stalking, and promoting violent extremist ideology. It is our responsibility as social media users to take action in protecting ourselves from the various forms of illegal activity.

Tyler Cohen Wood, a senior officer and a cyber‐branch chief for the Defense Intelligence Agency within the Department of Defense stated online identity is quickly becoming more crucial to personal and professional success than in‐person communications. Many are unaware of the digital bread crumbs that people leave behind with every social media post, and how easy it is for a person with malicious intent to do harm. The Office of Information Security Services would like to share with you how to Be Careful, Be Discreet, and Be Prepared in protecting yourself from malicious purposes.

A recent study by the executive search firm ExecuNet found that 77 percent of recruiters run searches of candidates on the Web to screen applicants; 35 percent of these same recruiters say they’ve eliminated a candidate based on the information they uncovered.

Social Media Networks facilitate identity theft and fraud. A recent warning from the Better Business Bureau stated scammers are targeting college students by “Card Cracking”. Scammers are contacting people through social media and asking if they can use a debit account to deposit a check and promises to give them half of the money deposited. The BBB said college students are targets because scammers think they can be easily convinced.

Two college students are currently in the news for making threats on social media. A student from Oklahoma State University was arrested for making threats of mass violence on social media. Another student from Virginia Tech turned himself in for a social media threat.

We have all unfortunately heard of terrible incidents of murder or students taking their own lives after online stalking or cyber‐bulling. A study by Pew Research shows at least 79% of individuals between the ages of 18‐29 have witnessed online harassment or cyber‐bulling. 26% of women ages 18 to 24 have been stalked or sexually harassed online.

So what can you do to protect yourself? Take the time to research yourself on the internet. Most of you would be surprised by how much you find about yourself. All of the information you find is part of your digital footprint. Your digital footprint can be reviewed or investigated by businesses such as potential employers, marketing firms, college admissions, scholarships donors and criminals looking to steal your identity or bring harm to you.

Manage your digital footprint:

 List all your social networking sites, online services, and your smartphone apps where you have an account. Idea: You can Google your full name in quotes and your e‐mail address and you should get a list of accounts.  Close the accounts and unsubscribe yourself from services you do not use any more. Idea: Web sites like DeleteYourAccount.com, JustDelete.me and AccountKiller.com all provide how‐tos or quick links to help you.  In Facebook, click on the “lock” icon in the top right corner of the blue bar and change the settings to private, or share them only with close friends. Disabled the settings that lets search engines link to your timeline.  In Twitter, under Settings > Security and Privacy, choose the option “Do not allow anyone to tag me in photos”. Check the “Protect my Tweets” box so only people you approve can see them. Uncheck the “Add a location” to my Tweets box. Click the “Delete all location information” button to erase geo‐tags from past tweets. Uncheck the “Discoverability” box that lets people find you by your e‐mail address.  Make sure your posts and photos are not freely available to the public.  Delete tweets, updates, blog posts, photos that could be misunderstood or taken out of context.  Continuous monitor comments made by others in your networks.  Do not tag people in your photos. Ask your friends and family to not tag you in their photos posted online. Once you link to someone else’s profile through tagging big privacy holes open up. For example a friend tags in a picture from a recent party that could be deemed inappropriate. Even though her Facebook page is private people can still access that album if they have the right link UNLESS your friend’s album itself is private. If she didn’t then others can see any other pictures of you, your friends and family as well as the comments you and others have left.  Make sure you have turned off the Exchangeable Image File (EXIF) data on your camera if you are going to post any photos. EXIF data is the metadata captured by your camera. You don’t just see them, but you can use software tools available to anyone to see the metadata. It contains information such as where the photo was taken along with exact GEO coordinates, the serial number of the camera that took the photo and other details about you. Someone who utilizes the software tools can locate you by a photo.  Never use the same passwords that you use for your school account or other social media sites.  Use a strong password. Using a passphrase or paraphrase to create your password is best.  Beware of links you click even if it appears to be from a friend. Cyber‐criminals can mimic someone you know and encourage you to click on a link that downloads and installs malicious software.  DO NOT log onto your social network page from public computers. Someone may have installed a key logger. The criminal could then get your credentials.  Some of the more obvious measures are to make sure your computer, tablet or phone is up to date with antivirus protection as well as other applications and apps. Social networking sites are frequent targets of malware attacks.  BE CAREFUL about whom you befriend. Do not friend just anyone that sends a request.

Stop Web sites from tracking you.

 Every time you surf the web your actions are being tracked. For example: Sign into your Google or Microsoft account and you will notice your searches are being monitored by Google Search and Bing to return results tailored to you. Facebook also trackers your browsing.  Do not sign into an account before using a search engines or browsing web sites.  Uninstall search tool bars if you have any installed.  Check extensions on your browser and disable the ones that you do not recognize.  Be careful when installing free software from the internet. Most of them include adware, which is third‐party tracking tools that can be quite difficult to uninstall unless you know what you’re looking for. Pay close attention to the ULA. Generally the user actually accepts installing the adware.  Turn on the “do not track” setting found on most browsers (under Settings) that request web sites to not track your online activities. The request may or may not be honored, but it certainly doesn’t hurt to use the function.  Chrome, Firefox, Internet Explorer, Opera, Safari, and Android and iOS apps all can utilize an addon, DoNotTrackMe at www.abine.com, to not track your online activity. DoNotTrackMe blocks ad networks, social networks, and data‐collection companies from tracking your browsing. It also protects your e‐mail address, phone, and credit card from being abused by companies on the web and on your mobile device.

If you have been victimized through social media there are offices on campus available to help you, Student Rights and Community Standards, Student Affairs, Office of Victim Services and University Police. If you think you are being cyber‐stalked and are fearful you may be danger contact University Police immediately at 911 or 765‐285‐111.

For those of you graduating this semester we wish the best in your future endeavors. For those of you that will be returning in the Fall we look forward to seeing you on campus again. If you have any questions or concerns about protecting yourself on social media you can contact us at [email protected] or by phone at 765‐285‐4390. We highly recommend you follow us on Facebook for current information security related articles that may affect you on a daily basis.

Office of Information Security Services