How to keep your personal information safe on Facebook and other social media

11.09.2018
You may think: “Why would a hacker want to break into your Facebook account when there is nothing of real value there?” Think again.

Your information, such as date of birth, your mother’s maiden name, the city you were born in, the city you live in, your children's names and birth dates, your first pet, the color of your car, your hobbies etc. are all common phrases used by credit card companies. And hackers may also know your e-mail address since you are using it to log in to Facebook.

By using your login together with all your personal information, hackers can try to guess your e-mail password or they can trick you into giving away your password (by f.ex. using phishing e-mails pretending to come from your e-mail provider. See the IT Security Bulletin for more information about phishing). If they get hold of your e-mail account, their possibilities are limitless since accounts often are tightly connected to your online identity – including banking and shopping accounts.

Having hacked your Facebook account, it is also not uncommon to try to blackmail you, either based on photos or sensitive information in Facebook or Messenger, or just to give you back the ownership to years of pictures and memories stored in your account.

Furthermore, by taking over your Facebook account they know your friends and will try to trick them as well, to highjack their accounts next.
 

How to prevent getting hacked

  1. Always use a strong password on all your social media accounts. Do not use single words based on personal info like birthdays, your child’s name etc. Use a sentence instead. Try this tool to train yourself in creating strong passwords: https://password.kaspersky.com/
     
  2. Never use the same password on several social media platforms. If they have hijacked one of your social media accounts, they know the username since it is normally your e-mail account. If you then use the same password they do have access to all your social media accounts.
     
  3. Turn on 2FA (two-factor authentication) on all social media applications that allow it. 2FA is something you have and something you know. Normally this is a password (something you have) and a one-time password you are sent as SMS on your mobile (something you know). Facebook and Gmail are among the platforms that offer MFA.

    To enable 2FA on Facebook, do the following (on laptop or desktop only. Using Facebook App on smartphones is different):
     
  • Log on to your Facebook account
  • Choose Menu and then Settings
  • Click Security and login
  • Find the label  “Use Two-Factor Authentication” and choose Edit
     
  1. Since your e-mail address is used to log on your Facebook account, change your privacy settings to hide your e-mail address from your profile. If you don’t hide it, others can see it. Let’s say one of your Facebook friends have had his account hacked. Then the hacker can see your e-mail address and he is already on his way to hack your Facebook account or your e-mail account etc.
     
  • Log in to your Facebook account
  • Click on your profile (icon with your name at the top-right)
  • Click the About Tab:
     

            

  • Click Contact and basic info:
     

            

  • You now see your e-mail address, and can change the way it is displayed on Facebook. You have several choices. We recommend Hidden from timeline and Only me (who can see the address).
     
  1. Don’t be a victim of a phishing scam. Phishing is a scam where criminals send an e-mail that appears to be a from a legitimate company asking you to provide sensitive information. See below for an example of a phishing e-mail that looks like it is sent from Facebook. If you choose Change Password on this e-mail, you will give away your Facebook password because they would first ask for your present password.
     


Be aware that 91% of the time, phishing e-mails are behind successful hacks or cyber attacks.

Every time you receive an e-mail, an overall good approach is STOP – LOOK – THINK.


Stop – look at the e-mail – think, is this a legitimate e-mail or not.

Check out the poster below “Social Engineering – Red Flags”. Study it carefully, it shows what you should look for in an e-mail, to determine if it is a phishing e-mail or not.

6) Make sure your Anti-virus program is always up-to-date.

7) Make sure your operating system is always up to date.


Stay cybersecurity safe!
Odfjell IT

 

The posters below cover how to best keep your Facebook and other social media accounts secure. Click or tap on the image to download a PDF copy that can be printed and posted on board, on your desk or your cabin.