Your Facebook friend posts a seemingly harmless request:
Let’s see how well we know each other. Answer the following questions about yourself then share it with your friends. My answers are below. No fair posting and not sharing!
- Where did you go to high school?
- What was your first car?
- Who are your grandparents?
- Who was your first teacher?
Maybe you have participated in such a list. Look back at the small list I made. Does anything look familiar? If I know your high school I can also find the mascot. If I know your grandparents, I can probably determine which are your mom’s parents.
Why is that important? The security questions to confirm your identity with your bank, credit card issuer, health provider, financial website, email service, and security websites include information such as mother’s maiden name, birthplace, high school mascot, first car, and favorite band. Knowing the answer to these questions allow access when you forgot your password or make account changes.
Once you’ve made this information publicly available don’t think that it is only your friends who have access. Bad actors create profiles they can use to impersonate you, access your information, or other purposes. So be discreet with what you share on the Internet (or your children share about you) and err on the side of privacy.
Sharing tracking information
Forbes had a recent article on a story that made national media about fitness tracker data shared on a social media app for athletes that provided outlines of military bases, embassies, patrol routes, and even routes between possible intelligence facilities and non-declared bases. (Article link) Military personnel, contractors, and others wearing fitness trackers that was shared, in this case with Strava, was collected and “heat maps” of popular routes of its users. In similar apps, the data may not be for public view but the company’s possession of aggregate data could be used in nefarious ways. Also, “anonymous” data might be identifiable using other techniques which provides additional concern.
Many work locations prohibit tracking devices, Apple/Android watches, and other information into their facilities. Be aware of any security restrictions if you use these devices. Also, think about how the information you are sharing might be used against you. In the early years of Facebook, there were reports of people’s houses being robbed while they were on vacation because thieves, seeing real-time vacation postings, knew the houses were empty. Regular check-in’s on apps allow others to know your routines and location-based services can also disclose your location by your phone’s location.
Be smart about what you share
We may have reasons for allowing these services and each must do a personal evaluation and risk assessment to determine what is valuable enough to share private data and what should be protected. Having considered this, periodically check the privacy settings and sharing data in your social media accounts, smart phone, and apps. You may want to restrict settings and should delete any application sharing that is not longer useful (such as allowing Facebook to access a web site or app that you no longer use).
Most importantly, ask why you are sharing the info. Are you satisfying your ego? Do you really think it is so interesting that the world must know? Maybe you think you are just having fun with friends but remember, enemies may be more interested in some of this information than your friends will ever be.