The Risky Business of Mobile Social Media

Everything you never wanted to know about your vulnerability to identity theft can be found on the first page of search results for “Facebook hack.” If you’re like most people, you probably don’t like to think about the many times a day your personal and financial data are exposed to risk over mobile devices, even as you erect firewalls and scan for viruses on your laptop. Something about the ease of using a smart phone allows us to momentarily brush aside the risks of accessing social media on an unsecured device.

Best case scenario, social media already invites opportunistic hacking; mobile social networking is just adding insult to injury for your data security. Fortunately, there is now easy-to-use security software for all your mobile devices—tablets, thumb drives, and smart phones. With a little diligence and some well-informed caution, you can nearly eliminate your risk of being hacked, stalked, phished, or otherwise made to regret you ever heard of the Internet.

Professional Security

Many professionals face a paradox: they rely on mobile devices to improve their productivity, but that very strategy leaves their livelihoods at risk. Every layer of the system that brings data to a mobile device is vulnerable to attack. The network, hardware, operating system, and “apps” all provide opportunities that hackers can exploit.

Some professions—especially healthcare, law, and finance—demand data security. The penalty for lax data security in a professional context can be punishing. HIPAA, a federal law that mandates the security of all personal health information, allows fines up to a quarter of a million dollars per day for any security breach of health data—whether it is intentional or not. Hackers can visit similar disasters on the lawyer who violates confidentiality or the CPA who surrenders a client’s financials. It is sobering to realize what can result from something as innocent as surfing Twitter or Instagram on the same device that contains professional emails. Anyone who values the ability to work and play from the same device should be looking for a robust security software that can protect data as it moves through the entire data “ecosystem.”

Personal Security

Most of us don’t work in such high-pressure professions, but we’re still vulnerable to hackers. Malware—malicious software, often accessed through a bogus link—is common on Facebook, Twitter, Craigslist and other sites. Seeing “bad” links on social media is common and sometimes it’s easy to spot when a friend’s account has been hacked. One of the reasons this tactic succeeds is that it is so easy to accidentally click a bogus link. Human error can never be eliminated, which is why you need security software to have your back.

Speaking of human error, the worst is the dread in the heart of every user—losing your phone. Everyone has forgotten a phone somewhere at some point and most of the time it’s no big deal, you just go back and get it. Keep in mind, though, that if your phone automatically logs on to Facebook, Twitter, G-chat, and other social media, your friends could begin receiving messages that look like they’re from you. Your friends could inadvertently supply data thieves with the information they need to hack into your financial accounts. Without the proper protection, your phone itself can be turned into your worst enemy.

Even with security software, you should be aware of what kind of information you’re making available when accessing social networks, especially through a mobile device. Seemingly unimportant information—like where and when you eat out—can provide insight to cyber-crooks. Over time, they might be able to compile a portrait of your life through public comments, posted photos, and personal information that you willingly release, like your phone number, address, or school and work locations. Social media leaks are so prevalent, in fact, that the U.S. Department of Justice created a new protocol for its operatives to use social networking when gathering information on suspects.

Antivirus software for the computer has been around for a while, but mobile devices will soon overtake PCs as the most common way of accessing the Internet. Everyday new mobile social networking “apps” (in other words, software) are created. When you add the insecurities of mobile computing to the weak security of social networking, you’ve got a powerful draw for data thieves. Therefore, today’s security software must protect not only PCs, but also mobile phones, tablets, thumb drives, network cards, and data stored in the cloud.

Every time you store information online, you have used “the cloud”—a convenient, if insecure, system in which the company behind a software stores your data on their computers instead of yours. Webmail like Gmail, social networking sites like Facebook, project management sites like Basecamp, and hundreds of other sites, operate by floating your data in “the cloud.” Good security software should protect everything from the cloud, down through the network, and into the actual hardware, operating system, and applications.

Once a hacker gains access to any level of your mobile computing system, they can monitor your activity, make unauthorized payments, steal your data, and even replace your phone’s interface with a mock-up that looks exactly like it. Without knowing, you could easily type in passwords, user names, email address, and so on, giving data thieves an open door to the rest of your data. Sometimes hackers don’t even have to try that hard; apps can accidentally leak information, including the location, owner, device name, and device ID, giving them an all-entry pass to anything you might have saved on your phone. Attacks are not always specific to your data; sometimes, just for fun, a hacker will modify your system to run slower or even plant a software “bomb” that will render the device useless after a specific date, time, or event. Your security software should scan all of your apps to show what kind of data they are accessing on your phone. It should also scan all of your social networks, email, and text messages for attacks.

 It Has To Be You

You are the most important factor in your security as you use social media on mobile devices. By prioritizing data security, purchasing security software, and monitoring your habits, you can create a nearly impenetrable wall against hacking. Here are a few practices that will improve your social media security:

  1. Don’t rely solely on the privacy settings provided by social networks. For one thing, courts don’t recognize those settings, so anything you post online—whether “Public” or not—is fair game if you’re being sued or getting divorced. And those settings won’t deter hackers either.
  2. Photos stored on your mobile device contain data on the location, time, and date that they were taken. This data may appear when the photos are posted online.
  3. It will certainly appear, however, if a hacker gains access to photos stored on your device. Then they become a virtual film strip of everything you’ve been doing, where, and when.
  4. You should also check your posts to ensure that location data does not appear. Facebook, Twitter, and other sites automatically post location information whenever the GPS tracker on your device is left on.
  5. Whenever you make your Facebook posts visible to “friends of friends,” you should know that for the average user this means tens of thousands of people—probably not the cozy circle you were imagining.
  6. Keep an eye out for bogus links—they can show up in your feed, in an instant message, in an SMS message, or on a website. Always think before you click.
  7. Any time you are communicating with others in an open forum online, you are using social networking. Sites that don’t seem social—like Amazon, eBay, or the New York Times—are, in fact, storing all sorts of data about your personal preferences, location, movements, ideas, and, of course, your financial data.
  8. Never forget that while we have a right to keep our lives private from government intrusion, this right does not extend to the private sector. Social networking sites are uniquely able to collect information about you and to use that data in a variety of ways. Share with caution. 

In addition to looking for security software that protects your data at all points in its journey through social networking sites and mobile networks, you should also be sure that it includes the ability to mitigate the loss or theft of your device. Security software can remotely lock your device, store all your data in the cloud, and then wipe the hard drive clean. It can even remotely activate your GPS to locate the device, track its movements, and maybe even catch a thief!

Social networking is still in its infancy and will likely spread into every aspect of our lives—from education, to work, and even family. You don’t have to stop using social media to stay secure. It’s easy to find software that protects your PC and mobile devices, even if they are lost. With software and a little bit of informed caution, you can feel free to roam the wide open web.

Subscribe to the Best of PCWorld Newsletter