Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

New Study: Risky Behavior Common on Social Media Sites

Although more than 80 percent of the respondents to a new survey conducted by the Ponemon Institute expressed concern about the security of social media, more than half of these same individuals admitted they do not take any steps to actively protect themselves.Dangers of Social Media and Privacy

Although more than 80 percent of the respondents to a new survey conducted by the Ponemon Institute expressed concern about the security of social media, more than half of these same individuals admitted they do not take any steps to actively protect themselves.Dangers of Social Media and Privacy

The survey, sponsored by ProtectMyID.com, also revealed that individuals who have been victims of identity theft are just as likely to be lax in securing their personal information online as those who haven’t. In fact, survey results from identity theft victims and non-victims are virtually identical.

Other key findings:

• Approximately 65 percent of users do not use high privacy or security settings on their social media sites.

• More than 90 percent do not review Websites’ privacy policies before using them.

• Approximately 40 percent share their physical home address on social media.

All of these practices increase users’ vulnerability to identity theft.

Corporate Exposure

The risks involved may not be limited to the individual user. According to a Robert Half survey conducted in October, 2009, 46 percent of corporations permit some use of social networks during the workday. Nineteen percent permit use for business purposes only, but 27 permit at least some personal use.

“The risks of identity theft through social media are not limited to personal damages, as professional and corporate data can also be compromised as a result of such breaches,” said Jennifer Leuer, general manager of survey sponsor ProtectMyID.com. “Oftentimes, through social engineering, an individual’s personal data is used to access secure corporate databases, and this can be the same type of information which is shared regularly across social media pages and profiles.”

The reason users expose themselves to obvious risks seems to lie in an “it won’t happen to me” mentality. Although most survey respondents expressed concern about online security and privacy, nearly 90 percent did not feel that identity theft was a likely risk from using social media sites. In fact, over 40 percent said they would continue to use a site even if they knew it did not adequately protect their privacy or security.

Safe Social Networking at Home and within the Enterprise

According to ProtectMyID.com, users who want to protect themselves and their companies must:

• Thoroughly review the privacy policy of any social networking site before using it.

• Avoid passwords that can be easily cracked. These include passwords with common information such as the user’s home town or a pet’s name.

• Always log off when away from their computer – or use a secure screen saver.

• Use antivirus software and keep it updated to foil keystroke loggers and other malware commonly used for identity theft.

• Avoid using wireless networks that are not secure.

 

Related Content:

Written By

Click to comment

Expert Insights

Related Content

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Phishing

The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...