With the increased use of Facebook worldwide, hackers and foreign intel services now have more access than ever to open source information. Because of this, we have grouped with some of the industry experts to help inform operators, service members, and citizens how to protect themselves when using Facebook. We have provided a set of easy-to-follow pictures to help you change your account for increased security. Please keep in mind these are only suggestions on ways to keep yourself safe and you should contact a professional or Facebook for expert advise. RE Factor Tactical does not guarantee any information provided in this post will keep your information or account safe and it is up to you to take the correct actions.
1) You should always treat Facebook as an open source medium and assume anything you say and or post can be used in a criminal manner by an outside party. Even with complex passwords, adding full profile protection and only being friends with those you trust and know, your information can still be viewed or stollen by someone with little knowledge.
2) Only add friends that you know and trust.
The easiest way to access Facebook information it by viewing a profile through other individual’s updates. This means that when you are tagged or mentioned in a photo or post, that photo/post is visible to anyone that may be friends with the person mentioning you and their friends will then see that information. In many cases someone could browse your friend’s open profile to view and gather information about you through any mutual posts or pictures that you appear in. Encourage your friends to take the same precautionary measures as you.
3) Facebook constantly updates their timeline and privacy settings.
Ensure you are up to date on the most current timeline and privacy settings as they change. This post is up to date as of 16 January 2013. We will update as we find out more but we always suggest knowing how your information is shared.
Logging in: When logging in you should develop a password that is at least 10 characters long and contains at least 1 upper case, 1 lower case, 1 number and 1 special character. i.e #[email protected] Always avoid using passwords that look like words such as pa$$wOrd as well as keyboard “waterfall” combinations such as 1234qwerasdfzxcv (if you look on your keyboard these are the first 4 keystrokes going from left to right in succession.)
When hackers attempt to break your password they will use these type of pre-constructed passwords first and often have databases of millions, yes millions, of preset passwords that they will push through an account. No matter what password you develop keep in mind it can be cracked and use the next steps to truly protect your identity.
Your about section has a plethora of information. In many cases, someone can access your free information to see where you live, where your family lives, your phone number, date of birth, place of work, birthday and anything else you put in there. For military and SOF types this is something that could be very useful to the enemy especially if you ever found yourself in an interrogation room. All someone would have to do is hack your FB account and completely dispute any information you may be trying to send their way. Civilians, while you may not find yourself rolled up in some type of situation where you or our national security is at risk, but with the information found on this page people can begin to steal your identity.
Think about it like this: if I break into your email (which is extremely easy), I can search your messages for “bank” and find out what bank you most likely use based on the emails they send you on a regular basis. I can then go into your bank account and hit “forgot password” where I am most often challenged with your name, birthday, challenge word such as where did you go to high school (that is provided in your timeline) or your mother’s maiden name (if you have relatives listed this is easy to obtain) and then have them send a new password to your email that I know have access to.
From here I can generate a new bank account password and will then have access to your bank account. Once you have a routing number and bank account number the possibilities are endless. To correct this only provide as little information as possible. In reality, no one cares where you went to high school, college or any other type of institution of higher education. Most of your friends most likely know where you work and your relationship status is only to make your girlfriend/boyfriend less jealous because you are openly telling all the other past people you were in a relationship with that you are now taken. As far as birthdays go, give Facebook a fake one, don’t worry the joy you get from having a bunch of friends who forgot it was your birthday anyways, write on your wall saying the exact same belt-fed response of “happy bday!!! :)”, isn’t worth the potential identity theft.
Privacy Settings: To access your privacy settings go to your timeline main page
Your login approval allows for one more level of security when accessing your account by forcing the person logging in to send a verification code to your cellphone that you then enter into FB for approval.
Privacy settings: Your privacy settings will allow you to manage who sees your posts. If left alone anyone on FB can view just about anything you post from relationship status updates to you telling the world that you will be out town for the holidays and that your house is free to rob. To combat this, ensure all posts are viewed by your friends only.
Also, don’t forget to change who can look you up. If you allow anyone to look you up then you are open to search by anyone on FB. A good option is to limit only your friends to having access to search for your account. You will still be able to find others but it will keep you from receiving random friend requests from individuals that you don’t know as well as reduce your overall footprint on FB.
Search Engines: FB gives you the option to make your profile searchable in different platforms such as google, yahoo or bing. To keep someone from finding your profile through google leave the box unchecked.
Timeline and Tagging: Recently, Facebook changed to a new timeline platform which offers a more secure experience when used correctly. Your photos, profile or information may be displayed to others if you do not limit your tagging. When you are tagged in a photo a notification goes out to your friend’s newsfeed telling them that you have been tagged in a photo. If you don’t limit this the photo can be displayed to just about anyone on Facebook and you will quickly become searchable.
Even though you may take steps to keep your photos available to your friends only they might not be as reserved with the photos they share of you. Again, always remember to encourage your friends to take the same secure steps as you to ensure the utmost security. In addition to tagging, Facebook has begun to use facial recognition software that will analyze your face and suggest to others to tag you in a photo that you may appear in. This facial recognition has negative implications if put into a database and the results are still pending on what criminals and foreign intel services may be able to accomplish with your information. To combat this, go into the Timeline and Tagging section and only allow tagging of you after it has been approved by you. In addition, turn off Facebook’s facial recognition.
Blocking: You should always block anyone who attempts to add you as a friend who you don’t know, especially if their profile looks fake. Blocking suspicious apps will also help avoid any unwanted third-party apps from accessing your information.
Followers: If you leave your posts public, people will be able to subscribe to see anything you post even if you don’t allow them as a friend.
Apps: This is one of the biggest reasons for the illegal dissemination of information. When you subscribe to an application it will most often take your basic or detailed information and stores it in its system. This system is always prone to hacks and if the app is untrustworthy they may attempt to sell your info to an outside source, regardless of what they tell you. Apps can be created by just about anyone and when they have access to use your profile they have access to all your information. Ensure all apps that you aren’t using are deleted and only use apps if absolutely necessary.
FB Ads: Facebook’s adds and monetization platforms are constantly changing and being updated. The way FB advertises to you is that it looks at your interests listed on your profile or pages that you like and recommends ads that are similar in nature. However, as FB increases their advertising there is no telling where they might end up and any information you allow them to access may be used for adds targeting or as integration into other platforms. To reduce your signature we recommend changing your adds setting so that FB can not use your information in the future.
Again, these are only suggestions and will not completely protect you or anyone else from identity theft. If you have any others please feel free to share them with the community so we are all kept up to date as possible.