Securing Your Facebook Identity Nicholas A. Davis, CISA, CISSP UW-Madison Division of Information Technology 11/10/2015 UNIVERSITY OF WISCONSIN1.

Securing Your Securing Your Facebook IdentityFacebook Identity

Nicholas A. Davis, CISA, CISSPUW-Madison

Division of Information Technology

04/20/23 UNIVERSITY OF WISCONSIN 1

!!Advisory!!!!Advisory!!The content of today’s presentation is designed to help people protect themselves on Facebook. This is NOT a session on Facebook hacking. If hacking Facebook is your motivation for attending today’s session, please leave now


OverviewOverviewBasic rules of Facebook securityUnique situation on UW-Madison campus (academic research poses a unique Facebook chalenge)Why unauthenticated identity means “be careful”The dangers of Facebook photosApplication settings and security preferencesFacebook passwordsTime and place concernsRoaming securityAccount cleanup and maintenanceTips and tricksQ&A session


Basic Rules of SecurityBasic Rules of Security1. Think before you post2. Customize your privacy settings3. Don’t accept friend requests from

people you do not know4. Keep sensitive information private5. Remember, being on Facebook

means that you are living like a rock star! (kind of)


Research Lab ExampleResearch Lab Example


Meet Flat CowMeet Flat CowWe will be using Flat Cow, known to his friends as FC, in a few slides


Wait, Cows Can’t Be On FB!Wait, Cows Can’t Be On FB!Unauthenticated IdentityUnauthenticated Identity


Organize Friends In ListsOrganize Friends In Lists


Photos Tell StoriesPhotos Tell Stories(Not Always Safe Ones)(Not Always Safe Ones)


Photos Tell StoriesPhotos Tell Stories(Not Always Flattering Ones)(Not Always Flattering Ones)


Keep In MindKeep In MindDon’t get yourself into a situation in which such pictures can be takenYou have little to no control over who takes your picture in publicThink about the stories your photos tell about youExercise control over pictures of you tagged by others


Automatic UpdatesAutomatic UpdatesTake Control!Take Control!


Don’t Advertise YourselfDon’t Advertise Yourself


You Can’t Control Your FriendsYou Can’t Control Your FriendsBut You Can Control Their But You Can Control Their

ApplicationsApplications


Don’t Let Your App Excitement Don’t Let Your App Excitement Obscure Your JudgementObscure Your Judgement


Keep The Stalkers At BayKeep The Stalkers At BayChange Search VisibilityChange Search Visibility


Get Your Facebook ProfileGet Your Facebook ProfileOut of GoogleOut of Google


Tips To Keep You Safe On Tips To Keep You Safe On FacebookFacebook

Change your Facebook password often


Facebook Is a Prime Target Facebook Is a Prime Target For Password HackersFor Password Hackers

Never use the same password for Facebook as you use for your bank access


Examine Photos Before You Examine Photos Before You PostPostAvoid posting photos with

identifying information, such as addresses, license plates, etc.


Don’t Advertise Your Don’t Advertise Your AbsenceAbsencePost vacation pictures AFTER you

get home


Browse Facebook Securely Browse Facebook Securely When at Starbucks (HTTPS)When at Starbucks (HTTPS)


Remove Facebook Apps Remove Facebook Apps Which You Do Not UseWhich You Do Not Use


Use Privacy Settings To Use Privacy Settings To Block PeopleBlock People


Check the Facebook URL Check the Facebook URL OftenOften


Know The Difference Between Know The Difference Between Deactivating and Deleting Your Deactivating and Deleting Your

Facebook AccountFacebook AccountDeactivating your account leaves all posts and pictures intactDeletion is supposed to remove everythingDon’t login after you request deletion


The Facebook The Facebook Doppelganger SpyDoppelganger Spy

“But Flat Cow is already my “But Flat Cow is already my friend”friend”


Three Strikes and You’re Three Strikes and You’re Out!Out!

Don’t Be a Friend PigDon’t Be a Friend Pig


How Liking Things CouldHow Liking Things CouldTake Advantage of YouTake Advantage of You


Facebook SecurityFacebook SecurityBest PracticesBest Practices

http://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx


Carnival Cruise ScamCarnival Cruise ScamJust One ExampleJust One Example

Message purporting to be from "Carnival Cruise" claims that Facebook users can win an all-expenses-

paid vacation package by liking and sharing a promotional image and clicking a link to apply for the

free tickets.

http://www.hoax-slayer.com/facebook-related.html


Enable Login NotificationsEnable Login Notifications

Login notifications are an extra security feature. When you turn on

login notifications, we'll send you an alert each time someone logs into your account from a new place.


A Note About UW NetIDA Note About UW NetIDYour NetID is like your toothbrush, only you should use itUW-Madison will NEVER ask for your NetID and/or password via emailReport any such requests to [email protected]


Q&A SessionQ&A SessionNicholas Davis

[email protected]/nicholas.a.davis


Securing Your Facebook Identity Nicholas A. Davis, CISA, CISSP UW-Madison Division of Information Technology 11/10/2015 UNIVERSITY OF WISCONSIN1.

Documents

university of wisconsindont

university of wisconsinkeep

university of wisconsinphotos

university of wisconsinget

university of wisconsinwait

university of wisconsintips

university of wisconsinyou

university of wisconsinremove