It’s fun to connect and share on social media. It’s where many people learn about current events, stay in touch with family and friends, and even find job opportunities. Social media is also a great resource for connecting and networking with other professionals as you build your reputation online. But social media can be a major threat to your privacy and security — as well as your reputation.
Sharing too much, or neglecting to apply tight privacy and security settings can put you at risk. It can cost you a job, invite thieves into your home, and make it easy for hackers to gain access to your account. Privacy and security threats on social media are real, and they deserve your attention.
Though the risks to your reputation, privacy, and security on social media are serious, they’re not out of your control. We asked experts to share their tips for staying safe on social media, and they told us that it’s all about practicing discretion and using the right privacy and security settings. Read on to find out how you can protect your social media profiles from prying eyes.
The Risks of Oversharing
Don’t think privacy or security on social media is a big deal? Think again. There are very real threats to you reputation, personal life, and professional life when you share too much online.
Sharing too much means that you could tell potentially dangerous people where you’ll be late at night or when your house is empty. It can leave you open to hackers, compromising your social media accounts — and even your identity. Or it can signal to a potential employer that you’re not the right candidate for a job. Situations like these can make the consequences of virtual sharing very real, very fast.
Security Risks on Social Media
“Oversharing on social media could put yourself, your family and friends in danger,” warns Sticky Password global security strategist Larry Bridwell.
“People who can see your posts and posts you’re tagged in become aware of where you are and who you’re with at any given moment,” says Bridwell. “While you can set your accounts to allow only certain people see what you post, you have no control over the information that your friends post and who may see them. Keeping your current location off social media will not only keep you personally safe (e.g. you went for a jog alone in the park), but will lock the door against those who are interested in breaking into your home because they know you’re not there.”
But the benefits of staying private on social media aren’t limited to personal safety. Bridwell points out that being careful about the details that appear on your social media accounts will provide another wall of security online. “Making it difficult for people to find certain details of your life makes it tougher for people to break into your accounts,” he says.
Just using social media can leave you vulnerable to hackers, warns Bridwell. “The way social media accounts are accessed also leaves users vulnerable,” he says. “When updating your status or posting a picture to Instagram, users may have to access an open Wi-Fi network. However, they may find themselves falling prey to hackers who utilize open Wi-Fi networks to gain access and information into accounts.”
To avoid this major security problem, Bridwell recommends limiting the amount of Wi-Fi networks you join. Doing so, he says, will protect you from hackers looking to steal your data. He also recommends using password management software with a master password to log onto accounts. “By utilizing a master password,” he says, “it becomes more of an obstacle for prying eyes to catch you as you type your password.”
Social Media May be a Red Flag for Employers
In addition to security issues, sharing too much on social media can make it difficult to find a job. No doubt about it: employers are checking out job seekers online, and especially on social media. A recent Jobvite survey indicates that 94% of recruiters use or plan to use social media in their recruitment efforts.
When employers are on social media, what’s at risk for job seekers? Those who share too much — or share the wrong things — can easily miss out on great opportunities. And forgetting to respect your own privacy or security can even put your existing job at risk.
“When was the last time you cleaned up your online (especially on social media) profile so that prospective employers can’t discover “bad” things about you?,” asks identity theft expert Robert Siciliano. “McAfee conducted a study, and the results show that 13.7% of people ages 18-24 know someone who was given the pink slip, courtesy of online postings.”
“Difficulty getting or keeping a job due to negative social media content is a reality,” says Siciliano. “I assure you anything on your social media profile that makes you look less than desirable as an employee, even an innocuous comment such as, “I always have trouble being on time,” can kill your chances at getting that dream job.”
“You may be a college grad with a 170 IQ or a businessman with 10 years of experience, but to a prospective employer, your fishy face selfie makes you look like a tool,” advises Siciliano. “Be careful what you do online!”
How exactly are employers using social media to check out job candidates online? LawyerReviews.com HR manager and hiring partner David Reischer explains: “The Human Resources team does a “due diligence” review on all prospective employees. They have been instructed to look for any illegal or immoral past behavior that is posted online at social media websites. Red flags we look for are crimes, negative comments about previous jobs or unethical behavior that could affect the work place.”
“The review is to determine whether any online behavior provides insight into how the person may behave once in the work place,” explains Reischer. “An online presence that is argumentative is also worth noting. It’s not any single act, but rather, a pattern of behavior.”
Your Posts Live Forever. Really!
These risks are compounded by the fact that anything you post online is likely to be immediately archived and saved online until the end of the Internet (if that ever happens). Twitter archives are instant and can go back for years, and it’s already possible to search your entire history on Facebook.
Once you’ve made mistakes online, they don’t ever really go away. That’s why it’s so important to consider what you’re posting today, whether you’re concerned with your reputation and privacy or not. The Internet never forgets.
With this in mind, PR professional Kenneth Campbell offers a smart recommendation: “post to social media with the intention that content lives on forever – or at least, long enough to make an impression.”
Campbell encourages social media users to consider the long term implications of what they share online. “Users should be weary of posting items they’d rather not have interfering in their personal or professional lives later,” he says.
What Not to Share on Social Media
Clearly, it’s important to avoid oversharing on social media, whether you’re concerned about your reputation, privacy, security, or all of the above. Bridwell encourages users to share everything with discretion. But what exactly should you keep to yourself? A good rule of thumb is to avoid sharing anything you wouldn’t want your grandmother to see, but experts have specific recommendations for what should be off-limits on social media.
One of the biggest security concerns on social media is sharing your personal location. It’s fun to share vacation plans and photos, but Bridwell encourages users to share with discretion, as this practice can practically hand the keys to your home or social media account over to thieves and hackers. Consider posting photos of your trip after you get home, and avoid “checking in” to locations that are far from home, as doing so can alert thieves to the fact that you’re not in the area.
“Sharing information such as where you are and how long you’ll be away is vital information for people who are looking to hack your social media accounts, or worse, break into your home,” says Bridwell.
For the same reason, it’s a bad idea to “check in” at your own home, friend’s home, workplace, child’s school, doctor’s office, or other sensitive locations that shouldn’t be shared online.
But it’s not just location sharing that’s dangerous, says Bridwell. Your personal details can put you at risk, as well, and should be kept under wraps. “Sharing your date of birth, your hometown and even your mother’s maiden name may not seem like too much information,” he says. “However, those details could prove to be the answer to the security questions set on your social media accounts. For hackers who already have your email address, that information is just another step into your account as it can give them the leeway they need to get access to your password.”
Though security is a major concern, a far more likely consequence of sharing too much on social media is problems with your job search or trouble with HR. Many users do not consider the implications of what they post online, and may miss out on job opportunities or promotions, or even lose their current job as a result of online behavior. How can you avoid online embarrassment? Avoid posting these red flags that HR departments often identify:
- Questionable photos: It’s easy for photos to go awry. Provocative poses, anything depicting drinking or drugs, or engaging in inappropriate or offensive behavior is a major red flag. Don’t post questionable photos of yourself, and try to be aware of the photos that are being taken of you. Siciliano recommends that you don’t let anyone photograph or video you holding alcohol, smoking, being promiscuous or aggressive, shirtless, using vulgar gestures, or even doing something perfectly legal but stupid looking like a selfie fishy face. Be sure to change your privacy settings so that you have to approve all tagged photos as well: this way, you can control the images that show up on your social media accounts.
- Inappropriate comments or obscenities: Showing poor judgement or immaturity in your commends indicates that you may lack the capability to self-censor, says Reischer. It reflects on your maturity level, and while one off-hand comment may not have a major impact, a collection of examples is enough to influence hiring decisions. Patterns of poor judgement tell hiring managers that you may have unprofessional behavior or may even have a personality problem.
- Offensive language: If it’s crude, vulgar, or hateful, just don’t post it, even behind high privacy settings. Siciliano recommends using words like “fudge,” “freakin,” or “effing” if you really need to get your point across.
- Negative speech: Avoid commenting negatively about others online, especially those with authority in your life. This includes your boss, former boss, parents, and teachers. Doing so signals that you have a problem with authority and may lack respect.
How to Protect Your Privacy and Security on Social Media
Though the threats to your reputation, privacy, and security on social media are very real, you don’t have to be anxious about what you’re doing every time you log on. As our experts point out, it is possible to enjoy social media and stay safe — but you’ll have to be smart about how you use services.
Campbell recommends that first and foremost, users understand the social media services they use and how they they work. “For instance, far too many people post publicly to Facebook or “Like” public content without being aware that it’s simple for anyone to search for users that way.”
Privacy on Social Media
It’s all too easy to overshare on social media. You want to show your friends what a great time you’ve had on your night out, or need to vent about a situation that’s bothering you. But experts warn that you should proceed with caution — and be especially careful about who you let into your circle on social media.
Writer and social media consultant Karen G. Anderson has specific recommendations for social media users by age group. For people 20-40, she says it’s a good idea to set your Facebook settings to Friends only, and avoid friending your enemies. Further, says Anderson, “Don’t tweet or post photos about breaking the law, drinking or using drugs, or screwing over your current employer,” as these are an obvious red flag for employers and can reflect poorly on your reputation.
For social media users 40 and over, Anderson recommends setting Facebook sharing to Friends and Friends of Friends, and avoiding using the platform to talk about legal, financial, health, or employment problems.
At any age, Anderson says that it’s a good idea to imagine that what you’re writing on social media is open even to those you’d rather not share your personal details with, for example: the nastiest person in your office or the attorney for the neighbor whose child your dog bit.
Campbell encourages social media users to use customized lists on services that offer them, like Facebook and Google+. You should also know who your friends and followers are. “Be mindful of the person(s) following you on Twitter, Google, Facebook, etc. and be aware of those who attempt to take it further by friending/connecting or following your personal/private account(s),” he says.
It’s also a good idea to consider the audience you’re sharing specific posts with. “A post notifying close friends and family about an upcoming vacation doesn’t need to be shared with “Facebook-friends” and extended circles of friends,” he advises. “Social media was intended to foster “social” behavior, which includes conversation and debate, but that doesn’t mean users should post *everything* about their life online.”
Instead of sharing everything with everyone, says Campbell, be more selective. “A good way to use social media is to treat networks as different parties,” he says. “Would you engage with attendees to a social party (Facebook) the same as you might at a networking event (LinkedIn) or at a convention (Google+)? Not all social media posts are equal. There’s a place for everything.”
Additionally, be selective of who you invite into your social networks. “Don’t friend someone you don’t know just so you can crank up your friend-total tally,” warns Siciliano. If you don’t know them personally, it may not be a good idea to connect online. After all, those in your network may have access to private information that you shouldn’t share with anyone but those you trust.
How to Clean up Your Online Profiles
If you’ve made privacy mistakes on social media in the past, it’s not too late to fix them. Siciliano encourages users to take on a profile review to delete any questionable items that may cause trouble for your privacy or security. He recommends taking these steps:
- Look at the past year of what you’ve posted on social media profiles. Delete every photo, video and comment that is even remotely off color.
- Google your name, address, phone number, email address and pseudonyms to see what’s out there about you. If it’s bad and it’s deletable, then delete.
- If it’s not deletable, but under the control of someone else, see what your options are to have them remove it. Email, call, beg and plead if you must.
- Once you’ve removed what you can then start the process of pushing out good stuff. This means propagating social and search with digital content that would make your mother actually proud she spawned you. The more good stuff that shows on the first few pages of search, the more the bad stuff will be pushed down into the abyss.
Social Media Security and Privacy Settings
Though it’s a good idea to assume whatever you post online will be shared with anyone and everyone — because it can be — it doesn’t hurt to pay attention to your privacy and security settings on social media. Protecting your passwords, becoming aware of what you’re sharing where, and adding extra security measures can help to protect you when you’re using social media to connect.
Campbell encourages users to be aware of what their share settings are. For example, when you share a photo on Instagram, does it also cross-post to Facebook or even to prospective employers on LinkedIn?
Siciliano recommends taking the following steps to beef up your privacy and security settings on social media:
- Password protect your devices: All of your accounts are at risk if a device is lost or stolen, or even simply accessed by prying eyes like a contractor or baby sitter in your home. Your devices should be protected by a password and set to hibernate or lock after a period of inactivity, possibly even using a fingerprint or picture password. It doesn’t matter if you’re the only person who uses your device: you never know when someone may be able to steal it and impersonate you online.
- Log out and avoid saving passwords: Staying logged in, and allowing your browser to remember your passwords is convenient, but if your device falls into the wrong hands, that means it’s possible for them to get into your account. It’s safer to log out every time you’re done visiting social media sites, and to avoid saving your passwords.
- Remove unused apps: You may use third-party apps or services to access Facebook or Twitter, but if you have any you’re not actively using, be sure to delete them. Siciliano warns that each third-party app as the potential to act as a portal for hackers. Even legitimate applications can open doors of opportunity to hackers because their databases can become infiltrated.
- Enable two-step verification: Add an extra step to your login process each time you sign in using an unrecognized device. Using two-step verification means that thieves will need more than just your username and password to access your account. Visit this guide to learn how to enable two-step verification on your social media accounts.
- Be careful where you click: Don’t get reeled in by scams. Avoid blindly clicking on links in emails or instant messenger programs — even if the link comes from a sender you know. Siciliano warns that the “sender” could be fake and generated by a hacker. If you’re suspicious, contact the person separately in a new email to ask if they sent it, or for businesses, go to the business’ site directly rather than clicking a potentially fake link in your email. Some web browsers and email programs can spot these phishing attacks, but they’re not perfect, so it’s better to be cautious.
- Use encrypted connections: Many social media services will allow you to connect to secure pages, identified by the “s” for secure in https://. This should be used any time you’re connecting to a critical account. If you’re not able to use https://, consider using security software to make your connection secure. Siciliano recommends Hotspot Shield, a tool that encrypts all of your wired and wireless communications.
- Develop strong passwords: Easy passwords are convenient to type and remember, but they’re also not really a challenge for hackers to crack. “Stop using “princess” and 123456 as your passwords,” says Siciliano. Instead, use gibberish characters with no pattern, include upper and lower case letters, and avoid using words that can be found in a dictionary. You may want to use a password manager to help you keep track of them all.
- Secure password resets: You should review the password reset procedure of social networks and look into additional measures that are offered for restoring hacked accounts. For example, Facebook offers Trusted Contacts, which allows you to use friends to get back into your account.