Protect Your Privacy On Facebook And Twitter Part-3

If you didn’t read the 1st  & 2nd part of it you can read it here.  Part-1,   Part-2,

Exercise the Privacy Controls You Have

Although the concerns of ACLU and the Canadian government run a little deeper, Facebook does offer privacy controls for restricting or denying access to information. Since Facebook is a social networking site designed for sharing information, many of the settings are open by default. It is up to you to access the Privacy Settings and configure the options as you see fit.
        For each available setting, you can choose to share information with Everyone, with My Networks and Friends, or with only Friends; if you prefer, you can customize the settings to fine tune access further.

Beware of Hijacking and Phishing Scams


By its very nature, social networking is all about socializing, which means that users are more that usually disposed to let their guard down and share information, they come to the network to expand their professional connections, reestablish contact with old friends, and communicate in real time with pals and peers. And for predatory bad guys, launching social engineering and phishing attacks in this convivial environment is like shooting fish in a barrel.
        Most people know not to respond to e-mail requests from exiled Nigerian royalty promising millions of dollars in return for help smuggling the money out of the country. (Anyone who doesn’t know better probably shouldn’t be on the Internet; such prople are a danger to themselves and to others.)
        But what if a good friend from high school whom you haven’t seen in 18 years sends you a message on facebook explaining hoe her wallet was stolen and her car broke down, and asks you to wire money to help her get home? You might be less suspicious than you should be.
        Attackers have figured out that family and friends are easy prey for sob stories of this type. Using other attacks or methods, they gain access to a Facebook account and hijack it. They change the password so that the legitimate owner can’t get back in, and then they proceed to reach out to the friends of the hijacked account and attempt to extort money from those friends through social-engineering cons.
       How do you resist such devious techniques? First you should assume that any relative or friend who is close enough to you to ask you for money in a crisis probably has your phone numbers, and that Facebook or e-mail message is hardly the most logical way to contact you in an emergency. If you receive such a Facebook message or e-mail Please pick up the phone and call the person directly to confirm its legitimacy.

Don’t Let a Tiny URL Fool You

     Another threat that has emerged recently as a result of social networking is the tiny-URL attack. Some URLs are very long and don’t work well in e-mail or in blog posts, creating a need for URL-shortening services. In particular, Twitter, with its 140-character limit, has made the use of URL-shortening services such as Bit.ly a virtual necessity.
     Unfortunately, attackers can exploit a shortened URL to lure users into accessing malicious Web sites. Since the shortened URL consists of a random collection of characters that are unrelated to the actual URL, users cannot easily determine whether it is legitimate or phony.
      TweetDeck, a very popular application for sending messages in Twitter, provides a ‘Show preview information of short URLs’ option, which offers some protection. The preview window supplies details about the shortened URL, including the actual long URL that the link leads to.
      If you aren’t using TweetDeck for Twitter, or if you need to deal with shortened URLs, maintain a healthy dose of skepticism about what might lie behind the obfuscated address that a message points to.