15 Social Media Safety, Security, And Privacy Tips

Have you used a social media site or app today? Facebook, Instagram, Twitter, Pinterest, Snapchat, LinkedIn, etc.? How many times? How many sites or apps have you used? You don’t need me to tell you that social media use has skyrocketed over the last 10 years. With it has come a multitude of threats to security and privacy. Let’s look at 15 of those threats, and how to defend against them.

Threats To Your Social Media Safety, Security, And Privacy Tips

1. Insecure Accounts

Could the passwords to your social media accounts be easily guessed by those who know you? Are they made up of common dictionary words, with maybe a number or two tacked onto the end? Are the username and password all that is required to log into your accounts? If so, you’re inviting hackers to target you.

2. Malicious Messages

Just as emails can contain malicious links and attachments, so can messages in social media sites and apps.

Many social media messaging systems have read receipts (or their equivalent), telling the sender that you’ve read the message they sent you. These reveal behavioral patterns about when (and maybe where) you check messages.

3. Location Sharing

If you share your location on social media (automatically or manually), you reveal that you’re away from home and possibly other information that could put your money, possessions, or safety in danger. Even if you share your location only after you’re safely home, you reveal information about your behavior (places you frequently visit, times you commonly travel, etc.) that could be used against you.

Criminals monitor social media to see when you’re on vacation, then they may contact your elderly relatives to tell them you’ve been in an accident and that they need to send money for your treatment.

4. Revealing Photos

If you post pictures of credit cards, identification cards and badges, plane tickets, boarding passes, passports, or other items that contain sensitive data, you could put your money, possessions, or safety in danger.

5. Exposing Date of Birth

Is your birth date in your profile? If so, you increase your risk of identity theft. Scammers, fraudsters, and identity thieves can wreak havoc with just your name, date of birth (DOB), and address.

6. Revealing Bio

Your bio may contain a lot of personal info about your family, relationships, employers, places you’ve lived, etc. Sometimes that info is visible to the public; other times it’s visible only to friends/connections. A bad actor could learn a lot about you from your bio; could they learn enough to scam you, or answer security questions on your financial or medical accounts?

social media safety and security

7. Unfriendly “Friends”

When you accept a friend on Facebook, a connection on Linked, or the equivalent or other platforms, they instantly get access to a lot of your personal info. Are you sure that all your friends/connections are who they say they are, and that they don’t mean you harm? And if that friend/connection is legitimate, and their account gets hacked, then that hacker gets access to your personal info!

8. Staying Logged In

If you use someone else’s device (computer, phone, tablet, etc.) to log into your account, and just close the tab or browser when you’re finished, then the owner of that device will be able to come back later and use your account as you.

9. Social Logins

Some websites save you the hassle of creating a separate username and password by letting you log in with a social media account. If you do, and if someone hacks the social media account you used, they gain access to that website and any others you set up with that social media login.

10. Trusting Third Parties

If you allow a third-party app or account to connect to your social media account, you may forget about it and unwittingly grant it access to your social media data for years. That third party could share your data with others, or be hacked.

11. Targeting

Many social platforms personalize ads by default. That means the platform collects data about you (from within the platform and even other sites and apps you use) to show you ads that are tailored to who you are and what you like. Sometimes the platform shares that information with its partners, too.

12. Public Means Public

If you participate in a public group (such as a Facebook group), then anyone on that platform can enter the group, see that you’re a member, and see your activity (posts, comments, likes, etc.). Do you ever share personal info in a public group? A bad actor could learn enough to scam you or answer your security questions.

13. Tell Me About Yourself

Have you joined groups, or indicated your interests by liking or following them? Sometimes that info is visible to the public; other times it’s visible only to friends/connections. A bad actor could learn a lot about you from observing your groups and interests, and use that info to scam you.

14. Abandoned Accounts

Think back over the last 10 years. How many social media accounts have you created? How many are you still using? How many have you abandoned? Have you closed or deleted those accounts, or are they still out there? Hackers target unused social media accounts and use them to post malicious content or even gain access to your other linked accounts.

15. Privacy? Here?

Do you expect the companies that run social media platforms to respect your privacy? Did you know that in the US, such platforms are considered public spaces, not private ones, and that any info shared there is covered under third-party doctrine? This means you have no reasonable expectation of privacy related to the data that service providers collect on you.

After going through this list, it’s not hard to understand why the book Swiped says,

The more time you spend on social media, the greater your vulnerability to hacking. Every picture you post, every quiz question you answer, every experience you recount, every shred of personal information you willingly share with “friends” increases the area of your attackable surface.

How to Increase Your Social Media Security And Privacy

Let’s go through each of those 15 threats and see how to be safer on social media.

1. Secure Your Accounts

Make sure that every account has a different, long, complex password (20+ characters, with a mix of uppercase, lowercase, numbers, and special characters). I recommend using a password manager, such as LastPass, to create and store your password.

Enable two-factor authentication (sometimes called security codes, two-step verification, 2FA, or multi-factor authentication). When you do, avoid the SMS/text option if possible. It’s better to use a hardware key (I like YubiKey) or an authenticator app such as Authy (that’s what I use) or Google Authenticator. Create backup codes and store them somewhere secure; I use the Notes field of the entry in LastPass.

When you set security questions and answers, set nonsense answers and record them in a password manager (I like LastPass).

Regularly review each account’s security and privacy settings, because they change over time. Regularly take any security and privacy “checkups” offered by the platform.

LastPass: Secure Password Management
Free

LastPass helps you remember and manage your secure passwords all in one place. Never forget a password again.

Check Out LastPass
We may earn a commission if you click this link and make a purchase at no additional cost to you.

2. Be Careful with Messages

Just as you need to be careful about clicking links and opening attachments with email and other messages, you must be careful about clicking links and opening attachments in messages on social media.

I like to disable read receipts (or their equivalent). I’m not a fan of read receipts in any messaging platform, because I don’t like people knowing when I’ve read their message. It reveals behavioral patterns about when (and maybe where) you check messages.

3. Disable Location Sharing

Disable location sharing in all social media apps. Don’t post about travel until you’re home, and even then, be careful about what details you share. You don’t want to reveal too much about your behavior (places you frequently visit, times you commonly travel, etc.) that could be used against you.

4. Be Careful with Photos

Don’t post pictures of credit cards, identification cards and badges, plane tickets, boarding passes, passports, or other items that contain sensitive data.

Every time you post a photo (or anything!), use any controls that may be available to choose who can see the post. Use the smallest audience necessary. Be extremely careful about anything that you make public, as that makes it visible to the world.

5. Hide Date of Birth

Don’t put any part of your birth date (month, day, or year) in your profile. Don’t post about your birthday. If you insist on showing your birthday, ensure that no one can see your birth year, and only friends/connections can see the month and day. Learn more about protecting your birth date online.

6. Beware with Your Bio

Be very careful what you put in your bio. Don’t reveal too much personal info.

7. Verify “Friends”

When you receive a friend/connection request, it’s a good idea to verify the person’s identity. You want to confirm that they are the actual owner of the account, and that they really sent you a friend request (rather than someone who hacked their account, or an imposter account). You can do that by asking them in person, or through some other trusted channel that you’ve previously used to communicate with them (email, other social media, text/SMS, phone, etc.). Or you could ask a trusted mutual friend to confirm their identity.

8. Log Out of Others’ Devices

If you use someone else’s device (computer, phone, tablet, etc.) to log into your account, be sure to log out when you’re finished! If you forget, log into your account from one of your own devices and look through the settings for sessions or logins, for a way to log out remotely.

9. Don’t Use Social Logins

Don’t use the social login option to log into other websites! Yes, it’s more work to create separate logins for each site, but remembering the logins doesn’t take any extra effort if you use a password manager (I like LastPass).

10. Be Careful with Third Parties

Think carefully before you grant a third party access to your social media account. Be sure you know what permissions the third party will have (what data they’ll receive, and what they can do with your account). Regularly review the third-party apps and accounts that have access, and remove those that are no longer needed.

11. Opt-Out of Personalized Ads

Opt-out of personalized ads whenever it’s an option, to limit the amount of data that the social media platform and its partners collect and share about you.

12. Be Careful with Groups

If you participate in groups on social media, pay attention to the group types. Groups can be public or private, though they may have different labels. Each type has different privacy settings. Be especially careful what you post or comment in a public group, because of how many people can see your activity. But even in so-called private groups, be aware that other group members can copy and paste and take screenshots to share your activity with others outside the group. And the social platform can also see activity inside private groups.

13. Be Wary of What Groups and Interests Reveal

Be very careful what groups and interests you make visible through your liking or following them. Don’t reveal too much personal info. Some platforms let you hide groups or interests, so take advantage of that.

14. Delete Unused Accounts

Close/delete any social media account that you’re not using. If you’re claiming an account for future use, set it to private (if possible), or pause/suspend it (if possible), or follow it from one of your active accounts, or log into it regularly to watch for suspicious activity.

15. Be Privacy-Minded

Don’t expect complete privacy on social media, only degrees of privacy. Assume that everything you post on social media is permanent; you may delete something, but the social media company may still store it for years, and other users or companies may save their own copies.

When you create an account, don’t provide more information than is necessary. Are you sure you want to use your real name? Some companies have policies that require that, but not all.

Summary Slides

These slides contain a summary of this post.

Further Reading

What You Should Do

  1. Secure your accounts.
  2. Be careful with messages.
  3. Disable location sharing.
  4. Be careful with photos.
  5. Hide date of birth.
  6. Beware with your bio.
  7. Verify “friends.”
  8. Log out of others’ devices.
  9. Don’t use social logins.
  10. Be careful with third parties.
  11. Opt-out of personalized ads.
  12. Be careful with groups.
  13. Be wary of what groups and interests reveal.
  14. Delete unused accounts.
  15. Be privacy-minded.
ProtonVPN: Secure and Free VPN Service
Free

ProtonVPN offers secure VPN through an encrypted VPN tunnel, so your passwords and confidential data stay safe, even when you are using public or untrusted Internet connections.


Check Out ProtonVPN
We may earn a commission if you click this link and make a purchase at no additional cost to you.
Private Internet Access: Anonymous VPN Service
$39.95

Private Internet Access provides state of the art, multi-layered security with advanced privacy protection using VPN tunneling. It helps block unwanted connections, hide your IP address, and defend yourself from data monitoring and eavesdropping.

Check Out Private Internet Access
We may earn a commission if you click this link and make a purchase at no additional cost to you.
TorGuard: Anonymous VPN
$59.99

TorGuard protects you from hackers, net censorship, identity theft, and ISP's monitoring activities. It provides easy to use services that protect your online identity.

Check Out Torguard
We may earn a commission if you click this link and make a purchase at no additional cost to you.
ExpressVPN: High-Speed and Secure VPN
$99.84

ExpressVPN hides your IP address and encrypts your network data so no one can see what you're doing. You can access any content, no matter your location using ultra-fast VPN servers.

Check Out ExpressVPN
We may earn a commission if you click this link and make a purchase at no additional cost to you.
TunnelBear: Secure VPN Service
Free

TunnelBear encrypts your internet connection to keep your online activity private and anonymous. It's very easy to use for both consumers and teams.

Check Out TunnelBear
We may earn a commission if you click this link and make a purchase at no additional cost to you.
Windscribe: Free VPN and Ad Block
Free

Windscribe helps you browse the web privately as it was meant to be. It encrypts your web activity and blocks ads for a better web browsing experience.

Check Out Windscribe
We may earn a commission if you click this link and make a purchase at no additional cost to you.
SurfShark: Secure Your Digital Life
$71.88

SurfShark enables you to access the Internet anonymously. It prevents malware and phishing attempts, and blocks ads for a better web browsing experience.

Check Out SurfShark
We may earn a commission if you click this link and make a purchase at no additional cost to you.
Our Favorite VPN for Travel
NordVPN: One Click To Online Security

NordVPN provides a secure VPN service for everyone. It keeps your data safe and helps keep your online identity anonymous.

Check Out NordVPN
We may earn a commission if you click this link and make a purchase at no additional cost to you.

2 thoughts on “15 Social Media Safety, Security, And Privacy Tips”

  1. Nowadays social media privacy is very much important for those who are having their accounts on social media apps. These tips are just awesome and everyone should follow these to be spare from social media hackers. Thank you…!!

    Reply

Leave a Comment