Privacy Risks of Social Media

panicyfewInternet and Web Development

Nov 18, 2013 (3 years and 4 months ago)

58 views

Managing the Security and

Privacy Risks of Social Media


Don Knox, CPP, CITRMS

Global Security and Risk Analysis Manager

Caterpillar

(309) 494 1523

knox_don@cat.com

Spring Conference

May 10
th

2012

Why Social Media

Why Social Media


Share Status


Tag Photos


Upload Videos


Broadcast Location


Like Companies


Recommend Products and Services


Endorse Colleague


Search Jobs

Social Media Statistics


Facebook: 1.11 Billion plus users


Twitter: 200 Million plus users


LinkedIn: 225 Million plus users


Google: 4 Billion searches per day


YouTube: 2 Billion searches per day


Yahoo: 280 Million searches per day


Bing: 280 Million searches per day

Social Media Sites

Social Media Sites

https://www.eff.org/
who
-
has
-
your
-
back
-
2013

Social Media Revolution

Security Uses For Social Media


Investigations and Background
Screening



Information Gathering and Intelligence
Monitoring



Crisis / Emergency Management
Notification and Tracking

Terms To Know


Search engine optimization

(SEO):

Process of improving the visibility of
a

website in

search engine search results.
In general, the earlier (or higher ranked on
the search results page), and more
frequently a site appears in the search
results list, the more visitors it will receive
from the search engine's users.

Terms To Know


Malware (Malicious Software):

Software
designed to disrupt computer operation,
gather sensitive information, or gain
unauthorized access to computer systems.
It can also appear in the form of script or
code. General term used to describe any
software or code specifically designed to
exploit a computer, or the data it contains.
Malware includes computer viruses,
worms, trojan horses, spyware, adaware,
ransomeware, rootkits and keyloggers.

Terms To Know


Firewall:

Software or hardware based
network security system that controls
incoming and outgoing network traffic by
analyzing data packets and determining
whether they should be allowed through or
not, based on a rule set.



Terms To Know


Personally Identifiable Information:

Information that can be used on its own or
with other information to identify, contact, or
locate a single person, or to identify an
individual in context. Can be used to
distinguish or trace an individual‘s identity,
such as name, social security number, date
and place of birth, mother‘s maiden name or
biometric records. Can link medical,
educational, financial, and employment
information.

Terms To Know


Metadata:

Data about data. Structural
Metadata

data about the containers of
data.

Descriptive Metadata is about data
content.


Examples


Means of creation of the data


Purpose of the data


Time and date of creation


Creator or author of the data


Location on network

where the data was created

7 Deadly Sins of Social Networking


Over
-
sharing company activities


Mixing personal with professional


Engaging in Tweet (or Facebook / LinkedIn
/ Myspace) rage


Believing he/she who dies with the most
connections wins


Password sloth


Trigger finger (clicking everything,
especially on Facebook)


Endangering yourself and others

Social Media Security Awareness

Scams To Avoid


Phishing:

Attempting to acquire
information such as usernames,
passwords or credit card details by
masquerading as a trustworthy entity in an
electronic communication. Typically
carried out by email spoofing or instant
messaging and it often directs users to
enter details at a fake website whose

look
and feel are almost identical to the
legitimate one.

Scams To Avoid


Clickjacking
: Certain malicious websites
contain code that can make your browser
take action without your knowledge or
consent. Clicking on a link on one of these
websites might cause the website to be
posted to your profile. Never click strange
links, even if they are from friends. Also be
sure to notify the person sending the link if
you see something suspicious.

Scams To Avoid


Malicious Script
: When you are asked to
copy and paste text into your browser’s
address bar in order to see something
interesting or surprising. This "code" is
actually a malicious script. Instead of
showing you what was advertised, it uses
your account to send your friends spam.



Scams To Avoid


Malicious Script
:



Scams To Avoid


Koobface
:

Worm that targets Facebook by
posting spam messages on behalf of
people. The message contain a link, which
prompts to download and install a newer
version of Adobe Flash player. However,
this download actually contains a malicious
file that, once opened, uses your Facebook
account to continue posting this malicious
link on your behalf, thus spreading the
virus.

Scams To Avoid


Koobface
:

Scams To Avoid


Koobface
:

Use Advanced Security Settings


Enable Secure Browsing


SSL Protocol Encryption


Enable One
-
Time Passwords


Use when signing onto a computer that is not
yours


Enable Single Sign
-
On


Eliminates multiple passwords


Enable Login Notification and Approvals


Monitor account activity


Using Good Passwords


Don’t use same passwords on all accounts


Don’t share and change regularly


At least 8 characters, 1 number and 1
special character


Use non
-
words that associate with
something you know: “4the$cash”,
“2crackedribs!”


Don’t save in the browser


Logout don’t just close the browser

Tips To Stay Secure


Think before you click


If you don’t know what it is, don’t paste it
into your internet address bar


Maintain strong passwords


Never give out your username or password


Update your browser


Run and update anti
-
virus software

Resources


Computer Crime Info


http://www.computercrimeinfo.com



CSO Online: Social Medial Security


http://www.csoonline.com/topic/587704/social
-
networking
-
security


Facebook: Security, Safety, Privacy


http://www.facebook.com/security


http://www.facebook.com/safety


http://www.facebook.com/privacy

Questions

Don Knox, CPP, CITRMS

Global Security and Risk Analysis Manager

Caterpillar

(309) 494 1523

knox_don@cat.com