Section Content

Information Security at the University of Hawai‘i


October is National Cyber Security Awareness Month

Visit https://hawaii.edu/infosec/ncsam for more information!

ncsam 2019 logo

Source: StaySafeOnline NCSAM Graphics.

NCSAM Week 2: Increase your Online Privacy by Monitoring your Social Media Posts

One of the biggest risks to our online privacy is our wide social media presence. Since many people post everything about themselves online, it has become much easier for hackers to obtain information about their target and social engineering has become far more prominent. Our social media accounts work as a digital tattoo since everything posted online becomes permanently available to the public. To ensure some level of privacy when using social media, it is important to follow some general guidelines when posting content online.

Tips for increasing social media privacy

  • Use a unique password for every social media account: It is always good practice to ensure that your passwords are strong and unique. However, breaches to social media databases do occur occationally, therefore it is very important to use a unique password for every social media account. If a hacker manages to obtain your password, they will attempt to use it on other social media platforms. As a simple rule of thumb, it may help to include a word or a phrase that relates to the social media site within your password to better help you remember it.
  • Avoid posting too much information about yourself: Although it is difficult to completely remove all information about yourself on social media, try to avoid including any unnecessary information such as your home address, phone number, workplace, date of birth, education, etc. If possible, keep your profile private to avoid social engineering. Most phishing attacks typically include information that pertains to you to make the attack more convincing, therefore limiting the amount of information that others can find is the best way to maintain your privacy.
  • Watch out for DMs: "Don't talk to strangers". A lot of phishing attacks involve directly messaging the victim to obtain information about them. Avoid responding to random DMs and make sure to block and report accounts that you believe are attempting to spam you. Make sure you do not open any links that are sent to you, even if it seems like the source is legitimate. Any and all information that you give to social engineers can be used against you.
  • View your social media privacy settings: When you register an account with a social media platform, you automatically agree to their terms and services. Often times, many people are unaware about the permissions that social media companies have when it comes to private data. To ensure that you are comfortable with the information that you provide to social media companies, it is important to read all terms of use and privacy policies. In addition, it may be helpful to view all applications that social media accounts have access to on your device and adjust permissions accordingly.
  • Lock your devices & log out of your accounts: Since mobile devices are the most popular way to access social media accounts, it is important to use a passcode on your phone to prevent unauthorized access to your account. If possible, enable two-factor authentication and log out of your account when not in use to add extra layers of security. In addition, it is a good idea to refrain from saving your passwords on your device as auto-fill login information defeats the purpose of having a password.
  • Remove unused social media accounts and delete old posts: A lot of people that use social media have multiple accounts on each platform or may have accounts on old social media sites that are not used. It is a good idea to remove old and unused accounts since each those accounts may be insecure and may harbor private data. It is also a good idea to remove old posts or posts that you believe includes too much information about yourself. Although everything that is posted online is permanetly public to everyone, removing old posts helps to reduce the risk of social engineers or hackers obtaining private information about you.
  • Try to avoid posting recent events: Many people that use social media post about every event going on in their lives. It is a good idea to refrain from including any recent or future events unless it is necessary to do so. It is safer to share events that have already occured than to share events that will happen in the future since social engineers can use information from those posts to decieve you. In addition, it is never a good idea to post about future travel as it may increase the risk of home invasion and break-ins.