Microsoft has done a great job with this writeup about social networking safety. Its targeted at home users and should be read by all.
11 tips for social networking safety
Social networking websites like MySpace, Facebook, Twitter, and Windows Live Spaces are services people can use to connect with others to share information like photos, videos, and personal messages.
As the popularity of these social sites grows, so do the risks of using them. Hackers, spammers, virus writers, identity thieves, and other criminals follow the traffic.
Read these tips to help protect yourself when you use social networks.
- Use caution when you click links that you receive in messages from your friends on your social website. Treat links in messages on these sites as you would links in email messages. (For more information, see Approach links in email with caution and Click Fraud: Cybercriminals want you to ‘like’ it.)
- Know what you’ve posted about yourself. A common way that hackers break into financial or other accounts is by clicking the “Forgot your password?” link on the account login page. To break into your account, they search for the answers to your security questions, such as your birthday, home town, high school class, or mother’s middle name. If the site allows, make up your own password questions, and don’t draw them from material anyone could find with a quick search. For more information, see:
- Don’t trust that a message is really from who it says it’s from. Hackers can break into accounts and send messages that look like they’re from your friends, but aren’t. If you suspect that a message is fraudulent, use an alternate method to contact your friend to find out. This includes invitations to join new social networks. For more information, see Scammers exploit Facebook friendships.
- To avoid giving away email addresses of your friends, do not allow social networking services to scan your email address book. When you join a new social network, you might receive an offer to enter your email address and password to find out if your contacts are on the network. The site might use this information to send email messages to everyone in your contact list or even everyone you’ve ever sent an email message to with that email address. Social networking sites should explain that they’re going to do this, but some do not.
- Type the address of your social networking site directly into your browser or use your personal bookmarks. If you click a link to your site through email or another website, you might be entering your account name and password into a fake site where your personal information could be stolen. For more tips about how to avoid phishing scams, see How to reduce the risk of online fraud.
- Be selective about who you accept as a friend on a social network. Identity thieves might create fake profiles in order to get information from you.
- Assume that everything you put on a social networking site is permanent. Even if you can delete your account, anyone on the Internet can easily print photos or text or save images and videos to a computer.
- Be careful about installing extras on your site. Many social networking sites allow you to download third-party applications that let you do more with your personal page. Criminals sometimes use these applications to steal your personal information. To download and use third-party applications safely, take the same safety precautions that you take with any other program or file you download from the web. For more information, see Before you download files, help protect your computer.
- Think twice before you use social networking sites at work. For more information, see Be careful with social networking sites, especially at work.
- Talk to your kids about social networking. If you’re a parent of children who use social networking sites, see How to help your kids use social websites more safely.
Free online safety brochures
These downloadable brochures tell you how to help prevent and correct privacy and online safety issues related to social networking.