Social network users play fast and loose with data privacy

Phishing
News
6 Jan, 2016

Over-sharing puts users at risk of identity theft and fraud

Lack of basic awareness among social media users is putting their data at risk, according to a survey from analyst house IDC and Kapersky Lab.

Nearly one-third of respondents shared posts, check-ins and other personal information publicly, the security firm found. Worryingly, nine per cent did not even realise they were sharing this information widely, believing only their friends could see it.

A quarter of those who took the survey also said they would have no hesitation clicking on a link sent by a friend without asking what it is. This puts them at particular risk if their friend's account has been compromised - something they had not even considered as a possibility.

A smaller, but still significant proportion (12 per cent) admitted to adding anyone to their list of friends, even if they were complete strangers, while 31 per cent said they would accept friend requests from people they did not know if they were "a friend of a friend".

This over-sharing means cyber criminals could carry out fraud and identity theft with little to no effort, or malware could be downloaded to users' computers if they clicked on rogue links. It could also open these users up to unwanted contact from recruiters, advertisers, compensation brokers and others.

This could also be of concern to businesses, not only because employees could be downloading malware onto their work devices, but also because it opens users up to phishing scams.

"Social network users are playing a dangerous game by not being cyber-savvy and essentially giving strangers easy access to their personal details and private information," said principal security researcher at Kaspersky Lab, David Emm.

"With social media profiles containing a raft of insight - from birthdays through to addresses and holiday plans - it wouldn't take much digging for a cybercriminal to find and exploit valuable information, or steal your identity for their own gain. This is even easier if you have unwittingly made them your friend," he said.

Kaspersky Lab recommended that users protect themselves through basic steps, such as being cautious who they befriend and trust online and, if in doubt, they should not accept a friend request. Additionally, they should not click on links they are not expecting and should ensure their privacy settings are as high as possible.